8 "github.com/aws/aws-sdk-go/aws/credentials"
11 // envConfig is a collection of environment values the SDK will read
12 // setup config from. All environment values are optional. But some values
13 // such as credentials require multiple values to be complete or the values
15 type envConfig struct {
16 // Environment configuration values. If set both Access Key ID and Secret Access
17 // Key must be provided. Session Token and optionally also be provided, but is
21 // AWS_ACCESS_KEY_ID=AKID
22 // AWS_ACCESS_KEY=AKID # only read if AWS_ACCESS_KEY_ID is not set.
24 // # Secret Access Key
25 // AWS_SECRET_ACCESS_KEY=SECRET
26 // AWS_SECRET_KEY=SECRET=SECRET # only read if AWS_SECRET_ACCESS_KEY is not set.
29 // AWS_SESSION_TOKEN=TOKEN
30 Creds credentials.Value
32 // Region value will instruct the SDK where to make service API requests to. If is
33 // not provided in the environment the region must be provided before a service
34 // client request is made.
36 // AWS_REGION=us-east-1
38 // # AWS_DEFAULT_REGION is only read if AWS_SDK_LOAD_CONFIG is also set,
39 // # and AWS_REGION is not also set.
40 // AWS_DEFAULT_REGION=us-east-1
43 // Profile name the SDK should load use when loading shared configuration from the
44 // shared configuration files. If not provided "default" will be used as the
47 // AWS_PROFILE=my_profile
49 // # AWS_DEFAULT_PROFILE is only read if AWS_SDK_LOAD_CONFIG is also set,
50 // # and AWS_PROFILE is not also set.
51 // AWS_DEFAULT_PROFILE=my_profile
54 // SDK load config instructs the SDK to load the shared config in addition to
55 // shared credentials. This also expands the configuration loaded from the shared
56 // credentials to have parity with the shared config file. This also enables
57 // Region and Profile support for the AWS_DEFAULT_REGION and AWS_DEFAULT_PROFILE
58 // env values as well.
60 // AWS_SDK_LOAD_CONFIG=1
61 EnableSharedConfig bool
63 // Shared credentials file path can be set to instruct the SDK to use an alternate
64 // file for the shared credentials. If not set the file will be loaded from
65 // $HOME/.aws/credentials on Linux/Unix based systems, and
66 // %USERPROFILE%\.aws\credentials on Windows.
68 // AWS_SHARED_CREDENTIALS_FILE=$HOME/my_shared_credentials
69 SharedCredentialsFile string
71 // Shared config file path can be set to instruct the SDK to use an alternate
72 // file for the shared config. If not set the file will be loaded from
73 // $HOME/.aws/config on Linux/Unix based systems, and
74 // %USERPROFILE%\.aws\config on Windows.
76 // AWS_CONFIG_FILE=$HOME/my_shared_config
77 SharedConfigFile string
79 // Sets the path to a custom Credentials Authroity (CA) Bundle PEM file
80 // that the SDK will use instead of the the system's root CA bundle.
81 // Only use this if you want to configure the SDK to use a custom set
84 // Enabling this option will attempt to merge the Transport
85 // into the SDK's HTTP client. If the client's Transport is
86 // not a http.Transport an error will be returned. If the
87 // Transport's TLS config is set this option will cause the
88 // SDK to overwrite the Transport's TLS config's RootCAs value.
90 // Setting a custom HTTPClient in the aws.Config options will override this setting.
91 // To use this option and custom HTTP client, the HTTP client needs to be provided
92 // when creating the session. Not the service client.
94 // AWS_CA_BUNDLE=$HOME/my_custom_ca_bundle
99 credAccessEnvKey = []string{
103 credSecretEnvKey = []string{
104 "AWS_SECRET_ACCESS_KEY",
107 credSessionEnvKey = []string{
111 regionEnvKeys = []string{
113 "AWS_DEFAULT_REGION", // Only read if AWS_SDK_LOAD_CONFIG is also set
115 profileEnvKeys = []string{
117 "AWS_DEFAULT_PROFILE", // Only read if AWS_SDK_LOAD_CONFIG is also set
121 // loadEnvConfig retrieves the SDK's environment configuration.
122 // See `envConfig` for the values that will be retrieved.
124 // If the environment variable `AWS_SDK_LOAD_CONFIG` is set to a truthy value
125 // the shared SDK config will be loaded in addition to the SDK's specific
126 // configuration values.
127 func loadEnvConfig() envConfig {
128 enableSharedConfig, _ := strconv.ParseBool(os.Getenv("AWS_SDK_LOAD_CONFIG"))
129 return envConfigLoad(enableSharedConfig)
132 // loadEnvSharedConfig retrieves the SDK's environment configuration, and the
133 // SDK shared config. See `envConfig` for the values that will be retrieved.
135 // Loads the shared configuration in addition to the SDK's specific configuration.
136 // This will load the same values as `loadEnvConfig` if the `AWS_SDK_LOAD_CONFIG`
137 // environment variable is set.
138 func loadSharedEnvConfig() envConfig {
139 return envConfigLoad(true)
142 func envConfigLoad(enableSharedConfig bool) envConfig {
145 cfg.EnableSharedConfig = enableSharedConfig
147 setFromEnvVal(&cfg.Creds.AccessKeyID, credAccessEnvKey)
148 setFromEnvVal(&cfg.Creds.SecretAccessKey, credSecretEnvKey)
149 setFromEnvVal(&cfg.Creds.SessionToken, credSessionEnvKey)
151 // Require logical grouping of credentials
152 if len(cfg.Creds.AccessKeyID) == 0 || len(cfg.Creds.SecretAccessKey) == 0 {
153 cfg.Creds = credentials.Value{}
155 cfg.Creds.ProviderName = "EnvConfigCredentials"
158 regionKeys := regionEnvKeys
159 profileKeys := profileEnvKeys
160 if !cfg.EnableSharedConfig {
161 regionKeys = regionKeys[:1]
162 profileKeys = profileKeys[:1]
165 setFromEnvVal(&cfg.Region, regionKeys)
166 setFromEnvVal(&cfg.Profile, profileKeys)
168 cfg.SharedCredentialsFile = sharedCredentialsFilename()
169 cfg.SharedConfigFile = sharedConfigFilename()
171 cfg.CustomCABundle = os.Getenv("AWS_CA_BUNDLE")
176 func setFromEnvVal(dst *string, keys []string) {
177 for _, k := range keys {
178 if v := os.Getenv(k); len(v) > 0 {
185 func sharedCredentialsFilename() string {
186 if name := os.Getenv("AWS_SHARED_CREDENTIALS_FILE"); len(name) > 0 {
190 return filepath.Join(userHomeDir(), ".aws", "credentials")
193 func sharedConfigFilename() string {
194 if name := os.Getenv("AWS_CONFIG_FILE"); len(name) > 0 {
198 return filepath.Join(userHomeDir(), ".aws", "config")
201 func userHomeDir() string {
202 homeDir := os.Getenv("HOME") // *nix
203 if len(homeDir) == 0 { // windows
204 homeDir = os.Getenv("USERPROFILE")