public class AWSEC2IAMSessionCredentials extends AWSSessionCredentials
Modifier and Type | Field and Description |
---|---|
protected boolean |
automaticRefreshEnabled |
protected long |
automaticRefreshRetryDelaySeconds |
protected static java.lang.String |
baseCredentialsUrl |
protected java.util.Date |
expiration |
protected java.lang.String |
roleName |
sessionToken
accessKey, CREDENTIALS_STORAGE_VERSION, friendlyName, secretKey, V2_KEYS_DELIMITER, V3_KEYS_DELIMITER
Constructor and Description |
---|
AWSEC2IAMSessionCredentials(java.lang.String awsAccessKey,
java.lang.String awsSecretAccessKey,
java.lang.String sessionToken,
java.lang.String roleName,
java.util.Date expiration,
boolean automaticRefreshEnabled)
Construct credentials.
|
Modifier and Type | Method and Description |
---|---|
java.lang.String |
getAccessKey() |
java.util.Date |
getExpiration() |
java.lang.String |
getRoleName() |
java.lang.String |
getSecretKey() |
java.lang.String |
getSessionToken() |
protected java.lang.String |
getTypeName() |
boolean |
isAutomaticRefreshEnabled() |
boolean |
isNearExpiration() |
static AWSEC2IAMSessionCredentials |
loadFromEC2InstanceData(boolean automaticRefreshEnabled)
Fetch AWS session credentials from EC2 instance data available
while using the role name of the current EC2 instance.
|
static AWSEC2IAMSessionCredentials |
loadFromEC2InstanceData(java.lang.String roleName,
boolean automaticRefreshEnabled)
Fetch AWS session credentials from EC2 instance data available
with the given role name.
|
static AWSEC2IAMSessionCredentials |
loadFromEC2InstanceData(java.lang.String urlPrefix,
java.lang.String roleName,
boolean automaticRefreshEnabled)
Fetch AWS session credentials from EC2 instance data available at the
given URL prefix (in case you are using a EC2-like service with
alternate instance data endpoint) with the given role name.
|
static AWSEC2IAMSessionCredentials |
parseEC2InstanceData(java.lang.String iamRoleData,
java.lang.String roleName,
boolean automaticRefreshEnabled)
Parse AWS session credentials from the IAM role JSON blob returned from
a lookup of the EC2 instance data service.
|
void |
refreshFromEC2InstanceData()
Fetch IAM role credentials from EC2 instance data and re-populate
this object.
|
void |
refreshFromEC2InstanceDataIfNearExpiration()
If
isAutomaticRefreshEnabled() and isNearExpiration()
fetch the latest IAM role credentials from EC2 instance data and
re-populate this object (via refreshFromEC2InstanceData() . |
getVersionPrefix, main
getDataToEncrypt, getFriendlyName, getLogString, hasFriendlyName, load, load, save, save, save, save
protected static java.lang.String baseCredentialsUrl
protected java.lang.String roleName
protected java.util.Date expiration
protected boolean automaticRefreshEnabled
protected long automaticRefreshRetryDelaySeconds
public AWSEC2IAMSessionCredentials(java.lang.String awsAccessKey, java.lang.String awsSecretAccessKey, java.lang.String sessionToken, java.lang.String roleName, java.util.Date expiration, boolean automaticRefreshEnabled)
awsAccessKey
- AWS access key for an Amazon S3 account.awsSecretAccessKey
- AWS secret key for an Amazon S3 account.sessionToken
- AWS session token for temporary/session-based account credentials.roleName
- IAM role name from which session credentials were loaded.expiration
- Expiration date of session credentials.automaticRefreshEnabled
- if true, credentials will be automatically refreshed when session
token expiration is within 15 minutesprotected java.lang.String getTypeName()
getTypeName
in class AWSSessionCredentials
public boolean isAutomaticRefreshEnabled()
public java.lang.String getSessionToken()
getSessionToken
in class AWSSessionCredentials
public java.lang.String getAccessKey()
getAccessKey
in class ProviderCredentials
public java.lang.String getSecretKey()
getSecretKey
in class ProviderCredentials
public java.lang.String getRoleName()
public java.util.Date getExpiration()
public boolean isNearExpiration()
getExpiration()
is
15 minutes or less from the current time.public void refreshFromEC2InstanceData()
public void refreshFromEC2InstanceDataIfNearExpiration()
isAutomaticRefreshEnabled()
and isNearExpiration()
fetch the latest IAM role credentials from EC2 instance data and
re-populate this object (via refreshFromEC2InstanceData()
.public static AWSEC2IAMSessionCredentials loadFromEC2InstanceData(java.lang.String urlPrefix, java.lang.String roleName, boolean automaticRefreshEnabled)
urlPrefix
- URL prefix for EC2 instance data. If you are using plain EC2 you should
prefer the simpler loadFromEC2InstanceData(String, boolean)
constructor.roleName
- Name of the IAM role provided in the EC2 to supply S3 access credentialsautomaticRefreshEnabled
- if true, the returned credentials object will automatically refresh
the session token and credentials if they are nearly expiredpublic static AWSEC2IAMSessionCredentials loadFromEC2InstanceData(java.lang.String roleName, boolean automaticRefreshEnabled)
roleName
- Name of the IAM role provided in the EC2 to supply S3 access credentialsautomaticRefreshEnabled
- if true, the returned credentials object will automatically refresh
the session token and credentials if they are nearly expiredpublic static AWSEC2IAMSessionCredentials loadFromEC2InstanceData(boolean automaticRefreshEnabled)
automaticRefreshEnabled
- if true, the returned credentials object will automatically refresh
the session token and credentials if they are nearly expiredpublic static AWSEC2IAMSessionCredentials parseEC2InstanceData(java.lang.String iamRoleData, java.lang.String roleName, boolean automaticRefreshEnabled) throws org.codehaus.jackson.JsonProcessingException, java.io.IOException, java.text.ParseException
iamRoleData
- roleName
- automaticRefreshEnabled
- org.codehaus.jackson.JsonProcessingException
java.io.IOException
java.text.ParseException