UNPKG

serverless-spy

Version:

CDK-based library for writing elegant integration tests on AWS serverless architecture and an additional web console to monitor events in real time.

serverlessspy.com

ServerlessLife/serverless-spy

32 lines (31 loc) 1.69 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
import { FromTokenFileInit } from "@aws-sdk/credential-provider-web-identity"; import type { AwsCredentialIdentityProvider } from "@smithy/types"; /** * Creates a credential provider function that reads OIDC token from given file, then call STS.AssumeRoleWithWebIdentity * API. The configurations must be specified in environmental variables: * * - Reads file location of where the OIDC token is stored from either provided option `webIdentityTokenFile` or * environment variable `AWS_WEB_IDENTITY_TOKEN_FILE`. * - Reads IAM role wanting to be assumed from either provided option `roleArn` or environment variable `AWS_ROLE_ARN`. * - Reads optional role session name to be used to distinguish sessions from provided option `roleSessionName` or * environment variable `AWS_ROLE_SESSION_NAME`. * If session name is not defined, it comes up with a role session name. * - Reads OIDC token from file on disk. * - Calls sts:AssumeRoleWithWebIdentity via `roleAssumerWithWebIdentity` option to get credentials. * * ```javascript * import { fromTokenFile } from "@aws-sdk/credential-providers"; // ES6 import * // const { fromTokenFile } = require("@aws-sdk/credential-providers"); // CommonJS import * * const client = new FooClient({ * credentials: fromTokenFile({ * // Optional. STS client config to make the assume role request. * clientConfig: { region } * // Optional. Custom STS client middleware plugin to modify the client default behavior. * // e.g. adding custom headers. * clientPlugins: [addFooHeadersPlugin], * }); * }); * ``` */ export declare const fromTokenFile: (init?: FromTokenFileInit) => AwsCredentialIdentityProvider;