class Aws::InstanceProfileCredentials

Constants

FAILURES

These are the errors we trap when attempting to talk to the instance metadata service. Any of these imply the service is not present, no responding or some other non-recoverable error. @api private

Attributes

retries[R]

@return [Integer] The number of times to retry failed atttempts to

fetch credentials from the instance metadata service. Defaults to 0.

Public Class Methods

new(options = {}) click to toggle source

@param [Hash] options @option options [Integer] :retries (0) Number of times to retry

when retrieving credentials.

@option options [String] :ip_address ('169.254.169.254') @option options [Integer] :port (80) @option options [Float] :http_open_timeout (1) @option options [Float] :http_read_timeout (1) @option options [IO] :http_debug_output (nil) HTTP wire

traces are sent to this object.  You can specify something
like $stdout.
Calls superclass method Aws::RefreshingCredentials.new
# File lib/aws-sdk-core/instance_profile_credentials.rb, line 37
def initialize options = {}
  @retries = options[:retries] || 0
  @ip_address = options[:ip_address] || '169.254.169.254'
  @port = options[:port] || 80
  @http_open_timeout = options[:http_open_timeout] || 1
  @http_read_timeout = options[:http_read_timeout] || 1
  @http_debug_output = options[:http_debug_output]
  super
end

Private Instance Methods

backoff(failed_attempts) click to toggle source
# File lib/aws-sdk-core/instance_profile_credentials.rb, line 84
def backoff(failed_attempts)
  Kernel.sleep(2 ** failed_attempts)
end
get_credentials() click to toggle source
# File lib/aws-sdk-core/instance_profile_credentials.rb, line 65
def get_credentials
  failed_attempts = 0
  begin
    open_connection do |conn|
      path = '/latest/meta-data/iam/security-credentials/'
      profile_name = http_get(conn, path).lines.first.strip
      http_get(conn, path + profile_name)
    end
  rescue *FAILURES => e
    if failed_attempts < @retries
      backoff(failed_attempts)
      failed_attempts += 1
      retry
    else
      '{}'
    end
  end
end
http_get(connection, path) click to toggle source
# File lib/aws-sdk-core/instance_profile_credentials.rb, line 97
def http_get(connection, path)
  response = connection.request(Net::HTTP::Get.new(path))
  if response.code.to_i == 200
    response.body
  else
    raise Non200Response
  end
end
open_connection() { |http| ... } click to toggle source
# File lib/aws-sdk-core/instance_profile_credentials.rb, line 88
def open_connection
  http = Net::HTTP.new(@ip_address, @port, nil)
  http.open_timeout = @http_open_timeout
  http.read_timeout = @http_read_timeout
  http.set_debug_output(@http_debug_output) if @http_debug_output
  http.start
  yield(http).tap { http.finish }
end
refresh() click to toggle source
# File lib/aws-sdk-core/instance_profile_credentials.rb, line 53
def refresh
  credentials = MultiJson.load(get_credentials)
  @access_key_id = credentials['AccessKeyId']
  @secret_access_key = credentials['SecretAccessKey']
  @session_token = credentials['Token']
  if expires = credentials['Expiration']
    @expiration = Time.parse(expires)
  else
    @expiration = nil
  end
end