File: IAM.pm

package info (click to toggle)
libnet-amazon-s3-perl 0.991-2
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid
  • size: 1,620 kB
  • sloc: perl: 9,906; makefile: 20
file content (113 lines) | stat: -rw-r--r-- 2,578 bytes parent folder | download | duplicates (2) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
 
package Net::Amazon::S3::Authorization::IAM;
$Net::Amazon::S3::Authorization::IAM::VERSION = '0.991';
# ABSTRACT: IAM authorization information

use Moose 0.85;
use MooseX::StrictConstructor 0.16;

extends 'Net::Amazon::S3::Authorization::Basic';

has '+aws_access_key_id' => (
	lazy => 1,
	default => sub { $_[0]->_credentials->accessKeyId },
);

has '+aws_secret_access_key' => (
	lazy => 1,
	default => sub { $_[0]->_credentials->secretAccessKey },
);

has aws_session_token => (
	is => 'ro',
	lazy => 1,
	default => sub { $_[0]->_credentials->sessionToken },
);

has _credentials => (
	is => 'ro',
	init_arg => undef,
	lazy => 1,
	builder => '_build_credentials',
);

sub _build_credentials {
	eval "require VM::EC2::Security::CredentialCache" or die $@;
	my $creds = VM::EC2::Security::CredentialCache->get();
	defined($creds) || die("Unable to retrieve IAM role credentials");

	return $creds;
}

around authorization_headers => sub {
	my ($orig, $self) = @_;

	return +(
		$self->$orig,
		'x-amz-security-token' => $self->aws_session_token,
	);
};

1;

__END__

=pod

=encoding UTF-8

=head1 NAME

Net::Amazon::S3::Authorization::IAM - IAM authorization information

=head1 VERSION

version 0.991

=head1 SYNOPSIS

	use Net::Amazon::S3;
	use Net::Amazon::S3::Authorization::IAM;

	# obtain instance credentials
	use VM::EC2::Security::CredentialCache;
	my $s3 = Net::Amazon::S3->new (
		authorization_context => Net::Amazon::S3::Authorization::IAM->new,
		...
	);

	# or just provide your values
	my $s3 = Net::Amazon::S3->new (
		authorization_context => Net::Amazon::S3::Authorization::IAM->new (
			aws_access_key_id     => ...,
			aws_secret_access_key => ...,
			aws_session_token     => ...,
		),
		...
	);

=head1 DESCRIPTION

Authorization context using instance session credentials.

Unless specified authorization context obtains credentials via L<< VM::EC2::Security::CredentialCache >>.
It is not listed as a L<< Net::Amazon::S3 >> dependency.

=head1 INCOMPATIBILITY WARNING

This module with its dependencies will be moved out and distributed separately
without dependency from L<Net::Amazon::S3>.

If you use IAM, please consider to add proper C<use> statement into your code.

=head1 AUTHOR

Branislav ZahradnĂ­k <barney@cpan.org>

=head1 COPYRIGHT AND LICENSE

This software is copyright (c) 2022 by Amazon Digital Services, Leon Brocard, Brad Fitzpatrick, Pedro Figueiredo, Rusty Conover, Branislav ZahradnĂ­k.

This is free software; you can redistribute it and/or modify it under
the same terms as the Perl 5 programming language system itself.

=cut