rckrdmrd
50a821a415
- HERENCIA-SIMCO.md actualizado con directivas v3.7 y v3.8 - Actualizaciones de configuracion Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
31 lines
1.5 KiB
JavaScript
31 lines
1.5 KiB
JavaScript
import { setCredentialFeature } from "@aws-sdk/core/client";
|
|
import { CredentialsProviderError } from "@smithy/property-provider";
|
|
import { externalDataInterceptor } from "@smithy/shared-ini-file-loader";
|
|
import { readFileSync } from "fs";
|
|
import { fromWebToken } from "./fromWebToken";
|
|
const ENV_TOKEN_FILE = "AWS_WEB_IDENTITY_TOKEN_FILE";
|
|
const ENV_ROLE_ARN = "AWS_ROLE_ARN";
|
|
const ENV_ROLE_SESSION_NAME = "AWS_ROLE_SESSION_NAME";
|
|
export const fromTokenFile = (init = {}) => async (awsIdentityProperties) => {
|
|
init.logger?.debug("@aws-sdk/credential-provider-web-identity - fromTokenFile");
|
|
const webIdentityTokenFile = init?.webIdentityTokenFile ?? process.env[ENV_TOKEN_FILE];
|
|
const roleArn = init?.roleArn ?? process.env[ENV_ROLE_ARN];
|
|
const roleSessionName = init?.roleSessionName ?? process.env[ENV_ROLE_SESSION_NAME];
|
|
if (!webIdentityTokenFile || !roleArn) {
|
|
throw new CredentialsProviderError("Web identity configuration not specified", {
|
|
logger: init.logger,
|
|
});
|
|
}
|
|
const credentials = await fromWebToken({
|
|
...init,
|
|
webIdentityToken: externalDataInterceptor?.getTokenRecord?.()[webIdentityTokenFile] ??
|
|
readFileSync(webIdentityTokenFile, { encoding: "ascii" }),
|
|
roleArn,
|
|
roleSessionName,
|
|
})(awsIdentityProperties);
|
|
if (webIdentityTokenFile === process.env[ENV_TOKEN_FILE]) {
|
|
setCredentialFeature(credentials, "CREDENTIALS_ENV_VARS_STS_WEB_ID_TOKEN", "h");
|
|
}
|
|
return credentials;
|
|
};
|