UNPKG

serverless-spy

Version:

CDK-based library for writing elegant integration tests on AWS serverless architecture and an additional web console to monitor events in real time.

serverlessspy.com

ServerlessLife/serverless-spy

29 lines (28 loc) 1.32 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
import { setCredentialFeature } from "@aws-sdk/core/client"; import { CredentialsProviderError } from "@smithy/property-provider"; import { readFileSync } from "fs"; import { fromWebToken } from "./fromWebToken"; const ENV_TOKEN_FILE = "AWS_WEB_IDENTITY_TOKEN_FILE"; const ENV_ROLE_ARN = "AWS_ROLE_ARN"; const ENV_ROLE_SESSION_NAME = "AWS_ROLE_SESSION_NAME"; export const fromTokenFile = (init = {}) => async () => { init.logger?.debug("@aws-sdk/credential-provider-web-identity - fromTokenFile"); const webIdentityTokenFile = init?.webIdentityTokenFile ?? process.env[ENV_TOKEN_FILE]; const roleArn = init?.roleArn ?? process.env[ENV_ROLE_ARN]; const roleSessionName = init?.roleSessionName ?? process.env[ENV_ROLE_SESSION_NAME]; if (!webIdentityTokenFile || !roleArn) { throw new CredentialsProviderError("Web identity configuration not specified", { logger: init.logger, }); } const credentials = await fromWebToken({ ...init, webIdentityToken: readFileSync(webIdentityTokenFile, { encoding: "ascii" }), roleArn, roleSessionName, })(); if (webIdentityTokenFile === process.env[ENV_TOKEN_FILE]) { setCredentialFeature(credentials, "CREDENTIALS_ENV_VARS_STS_WEB_ID_TOKEN", "h"); } return credentials; };