You are viewing documentation for version 1 of the AWS SDK for Ruby. Version 2 documentation can be found here.

Class: AWS::Core::CredentialProviders::AssumeRoleProvider

Inherits:

Object

• Object
• AWS::Core::CredentialProviders::AssumeRoleProvider

Includes:

Provider

Defined in:

lib/aws/core/credential_providers.rb

Overview

An auto-refreshing credential provider that works by assuming a role via STS#assume_role.

provider = AWS::Core::CredentialProviders::AssumeRoleProvider.new( sts: AWS::STS.new(access_key_id:'AKID', secret_access_key:'SECRET'), # assume role options: role_arn: "linked::account::arn", role_session_name: "session-name" )

ec2 = AWS::EC2.new(credential_provider:provider)

If you omit the :sts option, a new STS service object will be constructed and it will use the default credential provider from Aws.config.

Constant Summary

Constant Summary

Constants included from Provider

Provider::KEYS

Instance Method Summary

• #credentials ⇒ Object
• #initialize(options = {}) ⇒ AssumeRoleProvider constructor

  A new instance of AssumeRoleProvider.

Methods included from Provider

#access_key_id, #refresh, #secret_access_key, #session_token, #set?

Constructor Details

#initialize(options = {}) ⇒ AssumeRoleProvider

Returns a new instance of AssumeRoleProvider

Parameters:

• options (Hash) (defaults to: {}) —

  a customizable set of options

Options Hash (options):

• :sts (AWS::STS) — default: STS.new —

  An instance of STS. This is used to make the API call to assume role.

• :role_arn (required, String)
• :role_session_name (required, String)
• :policy (String)
• :duration_seconds (Integer)
• :external_id (String)

# File 'lib/aws/core/credential_providers.rb', line 600

def initialize(options = {})
  @options = options.dup
  @sts = @options.delete(:sts) || STS.new
end

Instance Method Details

#credentials ⇒ Object

# File 'lib/aws/core/credential_providers.rb', line 605

def credentials
  refresh if near_expiration?
  super
end