forked from TrueCloudLab/distribution
Merge pull request #1827 from docker/ec2-creds
Allow EC2 IAM roles to be used when authorizing region endpoints
This commit is contained in:
commit
2052f29be6
1 changed files with 12 additions and 24 deletions
|
@ -270,33 +270,21 @@ func FromParameters(parameters map[string]interface{}) (*Driver, error) {
|
||||||
// bucketName
|
// bucketName
|
||||||
func New(params DriverParameters) (*Driver, error) {
|
func New(params DriverParameters) (*Driver, error) {
|
||||||
awsConfig := aws.NewConfig()
|
awsConfig := aws.NewConfig()
|
||||||
var creds *credentials.Credentials
|
if params.RegionEndpoint != "" {
|
||||||
if params.RegionEndpoint == "" {
|
|
||||||
creds = credentials.NewChainCredentials([]credentials.Provider{
|
|
||||||
&credentials.StaticProvider{
|
|
||||||
Value: credentials.Value{
|
|
||||||
AccessKeyID: params.AccessKey,
|
|
||||||
SecretAccessKey: params.SecretKey,
|
|
||||||
},
|
|
||||||
},
|
|
||||||
&credentials.EnvProvider{},
|
|
||||||
&credentials.SharedCredentialsProvider{},
|
|
||||||
&ec2rolecreds.EC2RoleProvider{Client: ec2metadata.New(session.New())},
|
|
||||||
})
|
|
||||||
|
|
||||||
} else {
|
|
||||||
creds = credentials.NewChainCredentials([]credentials.Provider{
|
|
||||||
&credentials.StaticProvider{
|
|
||||||
Value: credentials.Value{
|
|
||||||
AccessKeyID: params.AccessKey,
|
|
||||||
SecretAccessKey: params.SecretKey,
|
|
||||||
},
|
|
||||||
},
|
|
||||||
&credentials.EnvProvider{},
|
|
||||||
})
|
|
||||||
awsConfig.WithS3ForcePathStyle(true)
|
awsConfig.WithS3ForcePathStyle(true)
|
||||||
awsConfig.WithEndpoint(params.RegionEndpoint)
|
awsConfig.WithEndpoint(params.RegionEndpoint)
|
||||||
}
|
}
|
||||||
|
creds := credentials.NewChainCredentials([]credentials.Provider{
|
||||||
|
&credentials.StaticProvider{
|
||||||
|
Value: credentials.Value{
|
||||||
|
AccessKeyID: params.AccessKey,
|
||||||
|
SecretAccessKey: params.SecretKey,
|
||||||
|
},
|
||||||
|
},
|
||||||
|
&credentials.EnvProvider{},
|
||||||
|
&credentials.SharedCredentialsProvider{},
|
||||||
|
&ec2rolecreds.EC2RoleProvider{Client: ec2metadata.New(session.New())},
|
||||||
|
})
|
||||||
|
|
||||||
awsConfig.WithCredentials(creds)
|
awsConfig.WithCredentials(creds)
|
||||||
awsConfig.WithRegion(params.Region)
|
awsConfig.WithRegion(params.Region)
|
||||||
|
|
Loading…
Reference in a new issue