/
fromIni.ts
62 lines (55 loc) · 2.23 KB
/
fromIni.ts
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
import type { AssumeRoleWithWebIdentityParams } from "@aws-sdk/credential-provider-web-identity";
import type { CredentialProviderOptions } from "@aws-sdk/types";
import { getProfileName, parseKnownFiles, SourceProfileInit } from "@smithy/shared-ini-file-loader";
import type { AwsCredentialIdentity, AwsCredentialIdentityProvider, Pluggable } from "@smithy/types";
import { AssumeRoleParams } from "./resolveAssumeRoleCredentials";
import { resolveProfileData } from "./resolveProfileData";
/**
* @public
*/
export interface FromIniInit extends SourceProfileInit, CredentialProviderOptions {
/**
* A function that returns a promise fulfilled with an MFA token code for
* the provided MFA Serial code. If a profile requires an MFA code and
* `mfaCodeProvider` is not a valid function, the credential provider
* promise will be rejected.
*
* @param mfaSerial The serial code of the MFA device specified.
*/
mfaCodeProvider?: (mfaSerial: string) => Promise<string>;
/**
* A function that assumes a role and returns a promise fulfilled with
* credentials for the assumed role.
*
* @param sourceCreds The credentials with which to assume a role.
* @param params
*/
roleAssumer?: (sourceCreds: AwsCredentialIdentity, params: AssumeRoleParams) => Promise<AwsCredentialIdentity>;
/**
* A function that assumes a role with web identity and returns a promise fulfilled with
* credentials for the assumed role.
*
* @param sourceCreds The credentials with which to assume a role.
* @param params
*/
roleAssumerWithWebIdentity?: (params: AssumeRoleWithWebIdentityParams) => Promise<AwsCredentialIdentity>;
/**
* STSClientConfig to be used for creating STS Client for assuming role.
* @internal
*/
clientConfig?: any;
clientPlugins?: Pluggable<any, any>[];
}
/**
* @internal
*
* Creates a credential provider that will read from ini files and supports
* role assumption and multi-factor authentication.
*/
export const fromIni =
(init: FromIniInit = {}): AwsCredentialIdentityProvider =>
async () => {
init.logger?.debug("@aws-sdk/credential-provider-ini", "fromIni");
const profiles = await parseKnownFiles(init);
return resolveProfileData(getProfileName(init), profiles, init);
};