Module aws_config::ecs [−][src]
Expand description
Ecs Credentials Provider
This credential provider is frequently used with an AWS-provided credentials service (eg. IAM Roles for tasks. However, it’s possible to use environment variables to configure this provider to use your own credentials sources.
Configuration
First: It will check the value of $AWS_CONTAINER_CREDENTIALS_RELATIVE_URI. It will use this
to construct a URI rooted at http://169.254.170.2. For example, if the value of the environment
variable was /credentials, the SDK would look for credentials at http://169.254.170.2/credentials.
Next: It wil check the value of $AWS_CONTAINER_CREDENTIALS_FULL_URI. This specifies the full
URL to load credentials. The URL MUST satisfy one of the following two properties:
- The URL begins with
https - The URL refers to a loopback device. If a URL contains a domain name instead of an IP address,
a DNS lookup will be performed. ALL resolved IP addresses MUST refer to a loopback interface, or
the credentials provider will return
CredentialsError::InvalidConfiguration
Finally: It will check the value of $AWS_CONTAINER_AUTHORIZATION_TOKEN. If this is set, the
value will be passed in the Authorization header.
Credentials Format
Credentials MUST be returned in a JSON format:
{
"AccessKeyId" : "MUA...",
"SecretAccessKey" : "/7PC5om....",
"Token" : "AQoDY....=",
"Expiration" : "2016-02-25T06:03:31Z"
}Credentials errors MAY be returned with a code and message field:
{
"code": "ErrorCode",
"message": "Helpful error message."
}Structs
Builder for EcsCredentialsProvider
Credential provider for ECS and generalized HTTP credentials
Enums
Invalid Full URI
Type Definitions
Dns resolver interface