class Aws::InstanceProfileCredentials
Constants
- FAILURES
These are the errors we trap when attempting to talk to the instance metadata service. Any of these imply the service is not present, no responding or some other non-recoverable error. @api private
Attributes
retries[R]
@return [Integer] The number of times to retry failed atttempts to
fetch credentials from the instance metadata service. Defaults to 0.
Public Class Methods
new(options = {})
click to toggle source
@param [Hash] options @option options [Integer] :retries (5) Number of times to retry
when retrieving credentials.
@option options [String] :ip_address ('169.254.169.254') @option options [Integer] :port (80) @option options [Float] :http_open_timeout (5) @option options [Float] :http_read_timeout (5) @option options [Numeric, Proc] :delay By default, failures are retried
with exponential back-off, i.e. `sleep(1.2 ** num_failures)`. You can pass a number of seconds to sleep between failed attempts, or a Proc that accepts the number of failures.
@option options [IO] :http_debug_output (nil) HTTP wire
traces are sent to this object. You can specify something like $stdout.
Calls superclass method
Aws::RefreshingCredentials.new
# File lib/aws-sdk-core/instance_profile_credentials.rb, line 42 def initialize options = {} @retries = options[:retries] || 5 @ip_address = options[:ip_address] || '169.254.169.254' @port = options[:port] || 80 @http_open_timeout = options[:http_open_timeout] || 5 @http_read_timeout = options[:http_read_timeout] || 5 @http_debug_output = options[:http_debug_output] @backoff = backoff(options[:backoff]) super end
Private Instance Methods
backoff(backoff)
click to toggle source
# File lib/aws-sdk-core/instance_profile_credentials.rb, line 59 def backoff(backoff) case backoff when Proc then backoff when Numeric then lambda { |_| sleep(backoff) } else lambda { |num_failures| Kernel.sleep(1.2 ** num_failures) } end end
get_credentials()
click to toggle source
# File lib/aws-sdk-core/instance_profile_credentials.rb, line 77 def get_credentials failed_attempts = 0 begin open_connection do |conn| path = '/latest/meta-data/iam/security-credentials/' profile_name = http_get(conn, path).lines.first.strip http_get(conn, path + profile_name) end rescue *FAILURES if failed_attempts < @retries @backoff.call(failed_attempts) failed_attempts += 1 retry else '{}' end end end
http_get(connection, path)
click to toggle source
# File lib/aws-sdk-core/instance_profile_credentials.rb, line 105 def http_get(connection, path) response = connection.request(Net::HTTP::Get.new(path)) if response.code.to_i == 200 response.body else raise Non200Response end end
open_connection() { |http| ... }
click to toggle source
# File lib/aws-sdk-core/instance_profile_credentials.rb, line 96 def open_connection http = Net::HTTP.new(@ip_address, @port, nil) http.open_timeout = @http_open_timeout http.read_timeout = @http_read_timeout http.set_debug_output(@http_debug_output) if @http_debug_output http.start yield(http).tap { http.finish } end
refresh()
click to toggle source
# File lib/aws-sdk-core/instance_profile_credentials.rb, line 67 def refresh c = Json.load(get_credentials) @credentials = Credentials.new( c['AccessKeyId'], c['SecretAccessKey'], c['Token'] ) @expiration = c['Expiration'] ? Time.parse(c['Expiration']) : nil end