Example 31 with AWSCredentialsProvider
use of com.amazonaws.auth.AWSCredentialsProvider in project photon-model by vmware.
the class AWSUtils method getArnSessionCredentialsAsync.
/**
* Authenticates and returns a DeferredResult set of session credentials for a valid ARN that
* authorizes this system's account ID (validated through
* {@link #AWS_MASTER_ACCOUNT_ACCESS_KEY_PROPERTY} and
* {@link #AWS_MASTER_ACCOUNT_SECRET_KEY_PROPERTY}) and the externalId parameter.
*
* If the system properties are unset, then this call will automatically fail.
*
* @param arn The Amazon Resource Name to validate.
* @param externalId The external ID this ARN has authorized.
* @param region The region to validate within.
* @param executorService The executor service to issue the request.
*/
public static DeferredResult<Credentials> getArnSessionCredentialsAsync(String arn, String externalId, String region, ExecutorService executorService) {
AWSCredentialsProvider serviceAwsCredentials;
try {
serviceAwsCredentials = new AWSStaticCredentialsProvider(new BasicAWSCredentials(AWS_MASTER_ACCOUNT_ACCESS_KEY, AWS_MASTER_ACCOUNT_SECRET_KEY));
} catch (Throwable t) {
return DeferredResult.failed(t);
}
AWSSecurityTokenServiceAsync awsSecurityTokenServiceAsync = AWSSecurityTokenServiceAsyncClientBuilder.standard().withRegion(region).withCredentials(serviceAwsCredentials).withExecutorFactory(() -> executorService).build();
AssumeRoleRequest assumeRoleRequest = new AssumeRoleRequest().withRoleArn(arn).withRoleSessionName(UUID.randomUUID().toString()).withDurationSeconds(getArnSessionDurationSeconds()).withExternalId(externalId);
DeferredResult<AssumeRoleResult> r = new DeferredResult<>();
OperationContext operationContext = OperationContext.getOperationContext();
awsSecurityTokenServiceAsync.assumeRoleAsync(assumeRoleRequest, new AsyncHandler<AssumeRoleRequest, AssumeRoleResult>() {
@Override
public void onSuccess(AssumeRoleRequest request, AssumeRoleResult result) {
OperationContext.restoreOperationContext(operationContext);
r.complete(result);
}
@Override
public void onError(Exception ex) {
OperationContext.restoreOperationContext(operationContext);
r.fail(ex);
}
});
return r.thenApply(AssumeRoleResult::getCredentials);
}
Also used :
OperationContext(com.vmware.xenon.common.OperationContext)
AssumeRoleRequest(com.amazonaws.services.securitytoken.model.AssumeRoleRequest)
AWSSecurityTokenServiceAsync(com.amazonaws.services.securitytoken.AWSSecurityTokenServiceAsync)
AssumeRoleResult(com.amazonaws.services.securitytoken.model.AssumeRoleResult)
BasicAWSCredentials(com.amazonaws.auth.BasicAWSCredentials)
AWSSecurityTokenServiceException(com.amazonaws.services.securitytoken.model.AWSSecurityTokenServiceException)
AmazonServiceException(com.amazonaws.AmazonServiceException)
AmazonClientException(com.amazonaws.AmazonClientException)
AmazonEC2Exception(com.amazonaws.services.ec2.model.AmazonEC2Exception)
AWSStaticCredentialsProvider(com.amazonaws.auth.AWSStaticCredentialsProvider)
AWSCredentialsProvider(com.amazonaws.auth.AWSCredentialsProvider)
DeferredResult(com.vmware.xenon.common.DeferredResult)
Example 32 with AWSCredentialsProvider
use of com.amazonaws.auth.AWSCredentialsProvider in project iep by Netflix.
the class AwsClientFactoryTest method createCredentialsProviderOverride.
@Test
public void createCredentialsProviderOverride() throws Exception {
AwsClientFactory factory = new AwsClientFactory(config);
AWSCredentialsProvider creds = factory.createCredentialsProvider("ec2-test", null);
Assert.assertTrue(creds instanceof STSAssumeRoleSessionCredentialsProvider);
Assert.assertEquals("arn:aws:iam::1234567890:role/IepTest", getField(creds, "roleArn"));
Assert.assertEquals("iep", getField(creds, "roleSessionName"));
}
Also used :
STSAssumeRoleSessionCredentialsProvider(com.amazonaws.auth.STSAssumeRoleSessionCredentialsProvider)
AWSCredentialsProvider(com.amazonaws.auth.AWSCredentialsProvider)
Test(org.junit.Test)
Example 33 with AWSCredentialsProvider
use of com.amazonaws.auth.AWSCredentialsProvider in project iep by Netflix.
the class AwsClientFactoryTest method createCredentialsProviderForAccount.
@Test
public void createCredentialsProviderForAccount() throws Exception {
AwsClientFactory factory = new AwsClientFactory(config);
AWSCredentialsProvider creds = factory.createCredentialsProvider("ec2-account", "123");
Assert.assertTrue(creds instanceof STSAssumeRoleSessionCredentialsProvider);
Assert.assertEquals("arn:aws:iam::123:role/IepTest", getField(creds, "roleArn"));
Assert.assertEquals("iep", getField(creds, "roleSessionName"));
}
Also used :
STSAssumeRoleSessionCredentialsProvider(com.amazonaws.auth.STSAssumeRoleSessionCredentialsProvider)
AWSCredentialsProvider(com.amazonaws.auth.AWSCredentialsProvider)
Test(org.junit.Test)
Example 34 with AWSCredentialsProvider
use of com.amazonaws.auth.AWSCredentialsProvider in project iep by Netflix.
the class AwsClientFactoryTest method createCredentialsProviderForAccountIgnored.
@Test
public void createCredentialsProviderForAccountIgnored() throws Exception {
AwsClientFactory factory = new AwsClientFactory(config);
AWSCredentialsProvider creds = factory.createCredentialsProvider("ec2-test", "123");
Assert.assertTrue(creds instanceof STSAssumeRoleSessionCredentialsProvider);
Assert.assertEquals("arn:aws:iam::1234567890:role/IepTest", getField(creds, "roleArn"));
Assert.assertEquals("iep", getField(creds, "roleSessionName"));
}
Also used :
STSAssumeRoleSessionCredentialsProvider(com.amazonaws.auth.STSAssumeRoleSessionCredentialsProvider)
AWSCredentialsProvider(com.amazonaws.auth.AWSCredentialsProvider)
Test(org.junit.Test)
Example 35 with AWSCredentialsProvider
use of com.amazonaws.auth.AWSCredentialsProvider in project iep by Netflix.
the class AwsClientFactoryTest method createCredentialsProvider.
@Test
public void createCredentialsProvider() {
AwsClientFactory factory = new AwsClientFactory(config);
AWSCredentialsProvider creds = factory.createCredentialsProvider(null, null);
Assert.assertTrue(creds instanceof DefaultAWSCredentialsProviderChain);
}
Also used :
DefaultAWSCredentialsProviderChain(com.amazonaws.auth.DefaultAWSCredentialsProviderChain)
AWSCredentialsProvider(com.amazonaws.auth.AWSCredentialsProvider)
Test(org.junit.Test)
Aggregations
AWSCredentialsProvider (com.amazonaws.auth.AWSCredentialsProvider)125
Test (org.junit.Test)75
DefaultAWSCredentialsProviderChain (com.amazonaws.auth.DefaultAWSCredentialsProviderChain)26
BasicAWSCredentials (com.amazonaws.auth.BasicAWSCredentials)20
AWSStaticCredentialsProvider (com.amazonaws.auth.AWSStaticCredentialsProvider)19
AWSCredentials (com.amazonaws.auth.AWSCredentials)16
TestRunner (org.apache.nifi.util.TestRunner)15
ClientConfiguration (com.amazonaws.ClientConfiguration)12
AmazonS3Client (com.amazonaws.services.s3.AmazonS3Client)12
STSAssumeRoleSessionCredentialsProvider (com.amazonaws.auth.STSAssumeRoleSessionCredentialsProvider)8
ProfileCredentialsProvider (com.amazonaws.auth.profile.ProfileCredentialsProvider)8
PropertyDescriptor (org.apache.nifi.components.PropertyDescriptor)8
AWSCredentialsProviderChain (com.amazonaws.auth.AWSCredentialsProviderChain)7
ClasspathPropertiesFileCredentialsProvider (com.amazonaws.auth.ClasspathPropertiesFileCredentialsProvider)7
EnvironmentVariableCredentialsProvider (com.amazonaws.auth.EnvironmentVariableCredentialsProvider)7
SystemPropertiesCredentialsProvider (com.amazonaws.auth.SystemPropertiesCredentialsProvider)7
ArrayList (java.util.ArrayList)7
Properties (java.util.Properties)7
Configuration (org.apache.hadoop.conf.Configuration)7
PrepareForTest (org.powermock.core.classloader.annotations.PrepareForTest)7
