Example 6 with AWSSessionCredentials
use of com.amazonaws.auth.AWSSessionCredentials in project druid by druid-io.
the class TestFileSessionCredentialsProvider method test.
@Test
public void test() throws IOException {
File file = folder.newFile();
PrintWriter out = new PrintWriter(file.getAbsolutePath());
out.println("sessionToken=sessionTokenSample\nsecretKey=secretKeySample\naccessKey=accessKeySample");
out.close();
FileSessionCredentialsProvider provider = new FileSessionCredentialsProvider(file.getAbsolutePath());
AWSSessionCredentials sessionCredentials = (AWSSessionCredentials) provider.getCredentials();
assertEquals(sessionCredentials.getSessionToken(), "sessionTokenSample");
assertEquals(sessionCredentials.getAWSAccessKeyId(), "accessKeySample");
assertEquals(sessionCredentials.getAWSSecretKey(), "secretKeySample");
}
Also used :
FileSessionCredentialsProvider(io.druid.common.aws.FileSessionCredentialsProvider)
AWSSessionCredentials(com.amazonaws.auth.AWSSessionCredentials)
File(java.io.File)
PrintWriter(java.io.PrintWriter)
Test(org.junit.Test)
Example 7 with AWSSessionCredentials
use of com.amazonaws.auth.AWSSessionCredentials in project spring-cloud-config by spring-cloud.
the class AwsCodeCommitCredentialProvider method get.
/**
* Get the username and password to use for the given uri.
* @see org.eclipse.jgit.transport.CredentialsProvider#get(org.eclipse.jgit.transport.URIish, org.eclipse.jgit.transport.CredentialItem[])
*/
@Override
public boolean get(URIish uri, CredentialItem... items) throws UnsupportedCredentialItem {
String codeCommitPassword;
String awsAccessKey;
String awsSecretKey;
try {
AWSCredentials awsCredentials = retrieveAwsCredentials();
StringBuilder awsKey = new StringBuilder();
awsKey.append(awsCredentials.getAWSAccessKeyId());
awsSecretKey = awsCredentials.getAWSSecretKey();
if (awsCredentials instanceof AWSSessionCredentials) {
AWSSessionCredentials sessionCreds = (AWSSessionCredentials) awsCredentials;
if (sessionCreds.getSessionToken() != null) {
awsKey.append('%').append(sessionCreds.getSessionToken());
}
}
awsAccessKey = awsKey.toString();
} catch (Throwable t) {
logger.warn("Unable to retrieve AWS Credentials", t);
return false;
}
try {
codeCommitPassword = calculateCodeCommitPassword(uri, awsSecretKey);
} catch (Throwable t) {
logger.warn("Error calculating the AWS CodeCommit password", t);
return false;
}
for (CredentialItem i : items) {
if (i instanceof CredentialItem.Username) {
((CredentialItem.Username) i).setValue(awsAccessKey);
logger.trace("Returning username " + awsAccessKey);
continue;
}
if (i instanceof CredentialItem.Password) {
((CredentialItem.Password) i).setValue(codeCommitPassword.toCharArray());
logger.trace("Returning password " + codeCommitPassword);
continue;
}
if (i instanceof CredentialItem.StringType && i.getPromptText().equals("Password: ")) {
// $NON-NLS-1$
((CredentialItem.StringType) i).setValue(codeCommitPassword);
logger.trace("Returning password string " + codeCommitPassword);
continue;
}
// $NON-NLS-1$
throw new UnsupportedCredentialItem(uri, i.getClass().getName() + ":" + i.getPromptText());
}
return true;
}
Also used :
UnsupportedCredentialItem(org.eclipse.jgit.errors.UnsupportedCredentialItem)
AWSSessionCredentials(com.amazonaws.auth.AWSSessionCredentials)
CredentialItem(org.eclipse.jgit.transport.CredentialItem)
UnsupportedCredentialItem(org.eclipse.jgit.errors.UnsupportedCredentialItem)
BasicAWSCredentials(com.amazonaws.auth.BasicAWSCredentials)
AWSCredentials(com.amazonaws.auth.AWSCredentials)
Example 8 with AWSSessionCredentials
use of com.amazonaws.auth.AWSSessionCredentials in project artifact-manager-s3-plugin by jenkinsci.
the class S3BlobStore method getCredentialsSupplier.
@Override
public Supplier<Credentials> getCredentialsSupplier() throws IOException {
// get user credentials from env vars, profiles,...
AmazonS3ClientBuilder builder = AmazonS3ClientBuilder.standard();
// Assume we are using session credentials
AWSSessionCredentials awsCredentials = (AWSSessionCredentials) builder.getCredentials().getCredentials();
if (awsCredentials == null) {
throw new IOException("Unable to get credentials from environment");
}
SessionCredentials sessionCredentials = SessionCredentials.builder().accessKeyId(//
awsCredentials.getAWSAccessKeyId()).secretAccessKey(//
awsCredentials.getAWSSecretKey()).sessionToken(//
awsCredentials.getSessionToken()).build();
return new Supplier<Credentials>() {
@Override
public Credentials get() {
return sessionCredentials;
}
};
}
Also used :
AWSSessionCredentials(com.amazonaws.auth.AWSSessionCredentials)
SessionCredentials(org.jclouds.aws.domain.SessionCredentials)
AmazonS3ClientBuilder(com.amazonaws.services.s3.AmazonS3ClientBuilder)
AWSSessionCredentials(com.amazonaws.auth.AWSSessionCredentials)
Supplier(shaded.com.google.common.base.Supplier)
IOException(java.io.IOException)
Example 9 with AWSSessionCredentials
use of com.amazonaws.auth.AWSSessionCredentials in project artifact-manager-s3-plugin by jenkinsci.
the class JCloudsArtifactManager method getContext.
private static BlobStoreContext getContext(String blobContainer) throws IOException {
// TODO allow configuration
// get user credentials from env vars, profiles,...
AmazonS3ClientBuilder builder = AmazonS3ClientBuilder.standard();
try {
builder.build().doesBucketExistV2(blobContainer);
} catch (RuntimeException x) {
throw new IOException(x);
}
// Assume we are using session credentials
AWSSessionCredentials awsCredentials = (AWSSessionCredentials) builder.getCredentials().getCredentials();
if (awsCredentials == null) {
throw new IOException("Unable to detect AWS session credentials");
}
SessionCredentials sessionCredentials = SessionCredentials.builder().accessKeyId(//
awsCredentials.getAWSAccessKeyId()).secretAccessKey(//
awsCredentials.getAWSSecretKey()).sessionToken(//
awsCredentials.getSessionToken()).build();
Supplier<Credentials> credentialsSupplier = new Supplier<Credentials>() {
@Override
public Credentials get() {
return sessionCredentials;
}
};
ProviderRegistry.registerProvider(AWSS3ProviderMetadata.builder().build());
try {
return ContextBuilder.newBuilder("aws-s3").credentialsSupplier(credentialsSupplier).buildView(BlobStoreContext.class);
} catch (NoSuchElementException x) {
throw new IOException(x);
}
}
Also used :
SessionCredentials(org.jclouds.aws.domain.SessionCredentials)
AWSSessionCredentials(com.amazonaws.auth.AWSSessionCredentials)
AmazonS3ClientBuilder(com.amazonaws.services.s3.AmazonS3ClientBuilder)
AWSSessionCredentials(com.amazonaws.auth.AWSSessionCredentials)
Supplier(shaded.com.google.common.base.Supplier)
IOException(java.io.IOException)
SessionCredentials(org.jclouds.aws.domain.SessionCredentials)
AWSSessionCredentials(com.amazonaws.auth.AWSSessionCredentials)
Credentials(org.jclouds.domain.Credentials)
NoSuchElementException(java.util.NoSuchElementException)
Example 10 with AWSSessionCredentials
use of com.amazonaws.auth.AWSSessionCredentials in project ice by Netflix.
the class ReservationCapacityPoller method poll.
@Override
protected void poll() throws Exception {
ProcessorConfig config = ProcessorConfig.getInstance();
// read from s3 if not exists
File file = new File(config.localDir, "reservation_capacity.txt");
if (!file.exists()) {
logger.info("downloading " + file + "...");
AwsUtils.downloadFileIfNotExist(config.workS3BucketName, config.workS3BucketPrefix, file);
logger.info("downloaded " + file);
}
// read from file
Map<String, ReservedInstances> reservations = Maps.newTreeMap();
if (file.exists()) {
BufferedReader reader = null;
try {
reader = new BufferedReader(new FileReader(file));
String line;
while ((line = reader.readLine()) != null) {
String[] tokens = line.split(",");
String accountId = tokens[0];
String region = tokens[1];
String reservationId = tokens[2];
String zone = tokens[3];
Long start = Long.parseLong(tokens[4]);
long duration = Long.parseLong(tokens[5]);
String instanceType = tokens[6];
String productDescription = tokens[7];
int instanceCount = Integer.parseInt(tokens[8]);
String offeringType = tokens[9];
String state = tokens[10];
Long end = tokens.length > 11 ? Long.parseLong(tokens[11]) : null;
float fixedPrice = tokens.length > 12 ? Float.parseFloat(tokens[12]) : 0;
float usagePrice = tokens.length > 13 ? Float.parseFloat(tokens[13]) : 0;
ReservedInstances reservation = new ReservedInstances().withAvailabilityZone(zone).withStart(new Date(start)).withDuration(duration).withInstanceType(instanceType).withProductDescription(productDescription).withInstanceCount(instanceCount).withOfferingType(offeringType).withState(state).withFixedPrice(fixedPrice).withUsagePrice(usagePrice);
if (end != null)
reservation.setEnd(new Date(end));
else
reservation.setEnd(new Date(start + duration * 1000));
reservations.put(accountId + "," + region + "," + reservationId, reservation);
}
} catch (Exception e) {
logger.error("error in reading " + file, e);
} finally {
if (reader != null)
try {
reader.close();
} catch (Exception e) {
}
}
}
logger.info("read " + reservations.size() + " reservations.");
for (Account account : config.accountService.getReservationAccounts().keySet()) {
try {
AmazonEC2Client ec2Client;
String assumeRole = config.accountService.getReservationAccessRoles().get(account);
if (assumeRole != null) {
String externalId = config.accountService.getReservationAccessExternalIds().get(account);
final Credentials credentials = AwsUtils.getAssumedCredentials(account.id, assumeRole, externalId);
ec2Client = new AmazonEC2Client(new AWSSessionCredentials() {
public String getAWSAccessKeyId() {
return credentials.getAccessKeyId();
}
public String getAWSSecretKey() {
return credentials.getSecretAccessKey();
}
public String getSessionToken() {
return credentials.getSessionToken();
}
});
} else
ec2Client = new AmazonEC2Client(AwsUtils.awsCredentialsProvider.getCredentials(), AwsUtils.clientConfig);
for (Region region : Region.getAllRegions()) {
// just ignore GovCloud when polling for RIs in order to prevent AuthFailure errors.
if (region == Region.US_GOV_WEST_1) {
continue;
}
ec2Client.setEndpoint("ec2." + region.name + ".amazonaws.com");
try {
DescribeReservedInstancesResult result = ec2Client.describeReservedInstances();
for (ReservedInstances reservation : result.getReservedInstances()) {
String key = account.id + "," + region.name + "," + reservation.getReservedInstancesId();
reservations.put(key, reservation);
if (reservation.getEnd() == null)
reservation.setEnd(new Date(reservation.getStart().getTime() + reservation.getDuration() * 1000L));
if (reservation.getFixedPrice() == null)
reservation.setFixedPrice(0f);
if (reservation.getUsagePrice() == null)
reservation.setUsagePrice(0f);
}
} catch (Exception e) {
logger.error("error in describeReservedInstances for " + region.name + " " + account.name, e);
}
}
ec2Client.shutdown();
} catch (Exception e) {
logger.error("Error in describeReservedInstances for " + account.name, e);
}
}
config.reservationService.updateEc2Reservations(reservations);
updatedConfig = true;
// archive to disk
BufferedWriter writer = null;
try {
writer = new BufferedWriter(new FileWriter(file));
for (String key : reservations.keySet()) {
ReservedInstances reservation = reservations.get(key);
String[] line = new String[] { key, reservation.getAvailabilityZone(), reservation.getStart().getTime() + "", reservation.getDuration().toString(), reservation.getInstanceType(), reservation.getProductDescription(), reservation.getInstanceCount().toString(), reservation.getOfferingType(), reservation.getState(), reservation.getEnd().getTime() + "", reservation.getFixedPrice() + "", reservation.getUsagePrice() + "" };
writer.write(StringUtils.join(line, ","));
writer.newLine();
}
} catch (Exception e) {
logger.error("", e);
} finally {
if (writer != null)
try {
writer.close();
} catch (Exception e) {
}
}
logger.info("archived " + reservations.size() + " reservations.");
// archive to s3
logger.info("uploading " + file + "...");
AwsUtils.upload(config.workS3BucketName, config.workS3BucketPrefix, config.localDir, file.getName());
logger.info("uploaded " + file);
}
Also used :
AmazonEC2Client(com.amazonaws.services.ec2.AmazonEC2Client)
Account(com.netflix.ice.tag.Account)
ReservedInstances(com.amazonaws.services.ec2.model.ReservedInstances)
Date(java.util.Date)
AWSSessionCredentials(com.amazonaws.auth.AWSSessionCredentials)
Region(com.netflix.ice.tag.Region)
DescribeReservedInstancesResult(com.amazonaws.services.ec2.model.DescribeReservedInstancesResult)
AWSSessionCredentials(com.amazonaws.auth.AWSSessionCredentials)
Credentials(com.amazonaws.services.securitytoken.model.Credentials)
Aggregations
AWSSessionCredentials (com.amazonaws.auth.AWSSessionCredentials)11
AWSCredentials (com.amazonaws.auth.AWSCredentials)5
File (java.io.File)4
Test (org.junit.Test)4
AWSCredentialsProvider (com.amazonaws.auth.AWSCredentialsProvider)3
IOException (java.io.IOException)3
SessionCredentials (org.jclouds.aws.domain.SessionCredentials)3
AmazonS3ClientBuilder (com.amazonaws.services.s3.AmazonS3ClientBuilder)2
BufferedWriter (java.io.BufferedWriter)2
PrintWriter (java.io.PrintWriter)2
Credentials (org.jclouds.domain.Credentials)2
Supplier (shaded.com.google.common.base.Supplier)2
BasicAWSCredentials (com.amazonaws.auth.BasicAWSCredentials)1
DefaultAWSCredentialsProviderChain (com.amazonaws.auth.DefaultAWSCredentialsProviderChain)1
AmazonEC2Client (com.amazonaws.services.ec2.AmazonEC2Client)1
DescribeReservedInstancesResult (com.amazonaws.services.ec2.model.DescribeReservedInstancesResult)1
ReservedInstances (com.amazonaws.services.ec2.model.ReservedInstances)1
Credentials (com.amazonaws.services.securitytoken.model.Credentials)1
Module (com.google.inject.Module)1
Account (com.netflix.ice.tag.Account)1
