Class: Aws::STS::Presigner

Inherits:
Object
  • Object
show all
Defined in:
gems/aws-sdk-core/lib/aws-sdk-sts/presigner.rb

Overview

Allows you to create presigned URLs for STS operations.

Examples:


signer = Aws::STS::Presigner.new
url = signer.get_caller_identity_presigned_url(
  headers: {"X-K8s-Aws-Id" => 'my-eks-cluster'}
)

Instance Method Summary collapse

Constructor Details

#initialize(options = {}) ⇒ Presigner

Returns a new instance of Presigner.

Parameters:

  • options (Hash) (defaults to: {})

    a customizable set of options

Options Hash (options):

  • :client (Client)

    Optionally provide an existing STS client



18
19
20
# File 'gems/aws-sdk-core/lib/aws-sdk-sts/presigner.rb', line 18

def initialize(options = {})
  @client = options[:client] || Aws::STS::Client.new
end

Instance Method Details

#get_caller_identity_presigned_url(options = {}) ⇒ String

Returns a presigned url for get_caller_identity.

This can be easily converted to a token used by the EKS service: https://ruby-doc.org/stdlib-2.3.1/libdoc/base64/rdoc/Base64.html#method-i-encode64 "k8s-aws-v1." + Base64.urlsafe_encode64(url).chomp("==")

Examples:


url = signer.get_caller_identity_presigned_url(
  headers: {"X-K8s-Aws-Id" => 'my-eks-cluster'},
)

Parameters:

  • options (Hash) (defaults to: {})

    a customizable set of options

Options Hash (options):

  • :headers (Hash)

    Headers that should be signed and sent along with the request. All x-amz-* headers must be present during signing. Other headers are optional.

Returns:

  • (String)

    A presigned url string.



40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
# File 'gems/aws-sdk-core/lib/aws-sdk-sts/presigner.rb', line 40

def get_caller_identity_presigned_url(options = {})
  req = @client.build_request(:get_session_token, {})

  param_list = Aws::Query::ParamList.new
  param_list.set('Action', 'GetCallerIdentity')
  param_list.set('Version', req.context.config.api.version)
  Aws::Query::EC2ParamBuilder.new(param_list)
    .apply(req.context.operation.input, {})

  signer = Aws::Sigv4::Signer.new(
    service: 'sts',
    region: req.context.config.region,
    credentials_provider: req.context.config.credentials
  )

  url = Aws::Partitions::EndpointProvider.resolve(
    req.context.config.region, 'sts', 'regional'
  )
  url += "/?#{param_list}"

  signer.presign_url(
    http_method: 'GET',
    url: url,
    body: '',
    headers: options[:headers]
  ).to_s
end