Contains credentials providers and helpers for discovering credentials.
Alpha. Subject to change.
Contains credentials providers and helpers for discovering credentials. Alpha. Subject to change.
(auto-refreshing-credentials provider)
(auto-refreshing-credentials provider scheduler)
Deprecated. Use cached-credentials-with-auto-refresh
Deprecated. Use cached-credentials-with-auto-refresh
(basic-credentials-provider {:keys [access-key-id secret-access-key]})
Given a map with :access-key-id and :secret-access-key, returns an implementation of CredentialsProvider which returns those credentials on fetch.
Alpha. Subject to change.
Given a map with :access-key-id and :secret-access-key, returns an implementation of CredentialsProvider which returns those credentials on fetch. Alpha. Subject to change.
(cached-credentials-with-auto-refresh provider)
(cached-credentials-with-auto-refresh provider scheduler)
Returns a CredentialsProvider which wraps provider
, caching
credentials returned by fetch
, and auto-refreshing the cached
credentials in a background thread when the credentials include a
::ttl.
Call stop
to cancel future auto-refreshes.
The default ScheduledExecutorService uses a ThreadFactory that spawns daemon threads. You can override this by providing your own ScheduledExecutorService.
Alpha. Subject to change.
Returns a CredentialsProvider which wraps `provider`, caching credentials returned by `fetch`, and auto-refreshing the cached credentials in a background thread when the credentials include a ::ttl. Call `stop` to cancel future auto-refreshes. The default ScheduledExecutorService uses a ThreadFactory that spawns daemon threads. You can override this by providing your own ScheduledExecutorService. Alpha. Subject to change.
(calculate-ttl {:keys [Expiration] :as credentials})
Primarily for internal use, returns time to live (ttl, in seconds),
based on :Expiration
in credentials. If credentials
contains no
:Expiration
, defaults to 3600.
:Expiration
can be a java.util.Date, or a string parsable
by java.time.Instant/parse (returned by ec2/ecs instance credentials)
or a java.util.Date (returned from :AssumeRole on aws sts client).
Primarily for internal use, returns time to live (ttl, in seconds), based on `:Expiration` in credentials. If `credentials` contains no `:Expiration`, defaults to 3600. `:Expiration` can be a java.util.Date, or a string parsable by java.time.Instant/parse (returned by ec2/ecs instance credentials) or a java.util.Date (returned from :AssumeRole on aws sts client).
(chain-credentials-provider providers)
Returns a credentials-provider which chains together multiple credentials providers.
fetch
calls each provider in order until one returns a non-nil
result. This provider is then cached for future calls to fetch
.
fetch
returns nil if none of the providers return credentials.
Alpha. Subject to change.
Returns a credentials-provider which chains together multiple credentials providers. `fetch` calls each provider in order until one returns a non-nil result. This provider is then cached for future calls to `fetch`. `fetch` returns nil if none of the providers return credentials. Alpha. Subject to change.
(container-credentials-provider http-client)
For internal use. Do not call directly.
Return credentials from ECS iff one of AWS_CONTAINER_CREDENTIALS_RELATIVE_URI or AWS_CONTAINER_CREDENTIALS_FULL_URI is set.
Alpha. Subject to change.
For internal use. Do not call directly. Return credentials from ECS iff one of AWS_CONTAINER_CREDENTIALS_RELATIVE_URI or AWS_CONTAINER_CREDENTIALS_FULL_URI is set. Alpha. Subject to change.
(fetch provider)
Return the credentials found by this provider, or nil.
Credentials should be a map with the following keys:
:aws/access-key-id string required :aws/secret-access-key string required :aws/session-token string optional :cognitect.aws.credentials/ttl number optional Time-to-live in seconds
Return the credentials found by this provider, or nil. Credentials should be a map with the following keys: :aws/access-key-id string required :aws/secret-access-key string required :aws/session-token string optional :cognitect.aws.credentials/ttl number optional Time-to-live in seconds
(default-credentials-provider http-client)
Returns a chain-credentials-provider with (in order):
environment-credentials-provider system-property-credentials-provider profile-credentials-provider container-credentials-provider instance-profile-credentials-provider
Alpha. Subject to change.
Returns a chain-credentials-provider with (in order): environment-credentials-provider system-property-credentials-provider profile-credentials-provider container-credentials-provider instance-profile-credentials-provider Alpha. Subject to change.
(environment-credentials-provider)
Return the credentials from the environment variables.
Look at the following variables:
Returns nil if any of the required variables is blank.
Logs error if one required variable is blank but the other is not.
Alpha. Subject to change.
Return the credentials from the environment variables. Look at the following variables: * AWS_ACCESS_KEY_ID required * AWS_SECRET_ACCESS_KEY required * AWS_SESSION_TOKEN optional Returns nil if any of the required variables is blank. Logs error if one required variable is blank but the other is not. Alpha. Subject to change.
(fetch-async provider)
Returns a channel that will produce the result of calling fetch on the provider.
Alpha. Subject to change.
Returns a channel that will produce the result of calling fetch on the provider. Alpha. Subject to change.
(instance-profile-credentials-provider http-client)
For internal use. Do not call directly.
Return credentials from EC2 metadata service iff neither of AWS_CONTAINER_CREDENTIALS_RELATIVE_URI or AWS_CONTAINER_CREDENTIALS_FULL_URI is set.
Alpha. Subject to change.
For internal use. Do not call directly. Return credentials from EC2 metadata service iff neither of AWS_CONTAINER_CREDENTIALS_RELATIVE_URI or AWS_CONTAINER_CREDENTIALS_FULL_URI is set. Alpha. Subject to change.
(profile-credentials-provider)
(profile-credentials-provider profile-name)
(profile-credentials-provider profile-name f)
Return credentials in an AWS configuration profile.
Arguments:
profile-name string The name of the profile in the file. (default: default) f File The profile configuration file. (default: ~/.aws/credentials)
https://docs.aws.amazon.com/sdk-for-java/v1/developer-guide/credentials.html Parsed properties:
aws_access_key required aws_secret_access_key required aws_session_token optional
Alpha. Subject to change.
Return credentials in an AWS configuration profile. Arguments: profile-name string The name of the profile in the file. (default: default) f File The profile configuration file. (default: ~/.aws/credentials) https://docs.aws.amazon.com/sdk-for-java/v1/developer-guide/credentials.html Parsed properties: aws_access_key required aws_secret_access_key required aws_session_token optional Alpha. Subject to change.
(stop credentials)
Stop auto-refreshing the credentials.
Alpha. Subject to change.
Stop auto-refreshing the credentials. Alpha. Subject to change.
(system-property-credentials-provider)
Return the credentials from the system properties.
Look at the following properties:
Returns nil if any of the required properties is blank.
Logs error if one of the required properties is blank but the other is not.
Alpha. Subject to change.
Return the credentials from the system properties. Look at the following properties: * aws.accessKeyId required * aws.secretKey required Returns nil if any of the required properties is blank. Logs error if one of the required properties is blank but the other is not. Alpha. Subject to change.
cljdoc is a website building & hosting documentation for Clojure/Script libraries
× close