4 "github.com/aws/aws-sdk-go/aws/awserr"
8 // ErrNoValidProvidersFoundInChain Is returned when there are no valid
9 // providers in the ChainProvider.
11 // This has been deprecated. For verbose error messaging set
12 // aws.Config.CredentialsChainVerboseErrors to true.
13 ErrNoValidProvidersFoundInChain = awserr.New("NoCredentialProviders",
14 `no valid providers in chain. Deprecated.
15 For verbose messaging see aws.Config.CredentialsChainVerboseErrors`,
19 // A ChainProvider will search for a provider which returns credentials
20 // and cache that provider until Retrieve is called again.
22 // The ChainProvider provides a way of chaining multiple providers together
23 // which will pick the first available using priority order of the Providers
26 // If none of the Providers retrieve valid credentials Value, ChainProvider's
27 // Retrieve() will return the error ErrNoValidProvidersFoundInChain.
29 // If a Provider is found which returns valid credentials Value ChainProvider
30 // will cache that Provider for all calls to IsExpired(), until Retrieve is
33 // Example of ChainProvider to be used with an EnvProvider and EC2RoleProvider.
34 // In this example EnvProvider will first check if any credentials are available
35 // via the environment variables. If there are none ChainProvider will check
36 // the next Provider in the list, EC2RoleProvider in this case. If EC2RoleProvider
37 // does not return any credentials ChainProvider will return the error
38 // ErrNoValidProvidersFoundInChain
40 // creds := credentials.NewChainCredentials(
41 // []credentials.Provider{
42 // &credentials.EnvProvider{},
43 // &ec2rolecreds.EC2RoleProvider{
44 // Client: ec2metadata.New(sess),
48 // // Usage of ChainCredentials with aws.Config
49 // svc := ec2.New(session.Must(session.NewSession(&aws.Config{
50 // Credentials: creds,
53 type ChainProvider struct {
59 // NewChainCredentials returns a pointer to a new Credentials object
60 // wrapping a chain of providers.
61 func NewChainCredentials(providers []Provider) *Credentials {
62 return NewCredentials(&ChainProvider{
63 Providers: append([]Provider{}, providers...),
67 // Retrieve returns the credentials value or error if no provider returned
70 // If a provider is found it will be cached and any calls to IsExpired()
71 // will return the expired state of the cached provider.
72 func (c *ChainProvider) Retrieve() (Value, error) {
74 for _, p := range c.Providers {
75 creds, err := p.Retrieve()
80 errs = append(errs, err)
85 err = ErrNoValidProvidersFoundInChain
87 err = awserr.NewBatchError("NoCredentialProviders", "no valid providers in chain", errs)
92 // IsExpired will returned the expired state of the currently cached provider
93 // if there is one. If there is no current provider, true will be returned.
94 func (c *ChainProvider) IsExpired() bool {
96 return c.curr.IsExpired()