From aab83416e49c136ad4be68f9f398a585d389d4d9 Mon Sep 17 00:00:00 2001 From: Mike Dalrymple Date: Sat, 12 Dec 2020 08:55:04 -0800 Subject: [PATCH 1/3] #74 using SharedConfigState to enable credential profiles and regions set in session config --- pkg/conn/conn.go | 15 +++++++-------- 1 file changed, 7 insertions(+), 8 deletions(-) diff --git a/pkg/conn/conn.go b/pkg/conn/conn.go index 9f20523..71369f6 100644 --- a/pkg/conn/conn.go +++ b/pkg/conn/conn.go @@ -121,7 +121,7 @@ func getRegionFromECSMetadata() string { log.Errorf("Unable to open ECS metadata file: %v\n", err) } else { if err := json.Unmarshal(metadataFile, &dat); err != nil { - log.Errorf("Unable to read ECS metadatafile contents: %v", err) + log.Errorf("Unable to read ECS metadata file contents: %v", err) } else { taskArn = strings.Split(dat["TaskARN"].(string), ":") region = taskArn[3] @@ -135,7 +135,6 @@ func getRegionFromECSMetadata() string { // GetAWSConfigSession returns AWS config and session instances. func GetAWSConfigSession(cn connAttr, c *cfg.Config, roleArn string, region string, noMetadata bool) (*aws.Config, *session.Session) { var s *session.Session - var err error var awsRegion string http := getNewHTTPClient(cfg.ParameterConfigValue.Processor.MaxIdleConnPerHost, cfg.ParameterConfigValue.Processor.RequestTimeout, *c.NoVerifySSL, c.ProxyAddress) regionEnv := os.Getenv("AWS_REGION") @@ -149,11 +148,11 @@ func GetAWSConfigSession(cn connAttr, c *cfg.Config, roleArn string, region stri awsRegion = getRegionFromECSMetadata() if awsRegion == "" { es := getDefaultSession() - awsRegion, err = cn.getEC2Region(es) - if err != nil { - log.Errorf("Unable to fetch region from EC2 metadata: %v\n", err) - } else { - log.Debugf("Fetch region %v from ec2 metadata", awsRegion) + awsRegion, _ = cn.getEC2Region(es) + log.Debugf("Fetch region %v from ec2 metadata", awsRegion) + if awsRegion == "" { + awsRegion = *es.Config.Region + log.Debugf("Fetched region %v from session config", awsRegion) } } } @@ -286,7 +285,7 @@ func getSTSRegionalEndpoint(r string) string { } func getDefaultSession() *session.Session { - result, serr := session.NewSession() + result, serr := session.NewSessionWithOptions(session.Options{SharedConfigState: session.SharedConfigEnable}) if serr != nil { log.Errorf("Error in creating session object : %v\n.", serr) os.Exit(1) From 512be9f1e902a184ffef8c8b70e7e85f119891de Mon Sep 17 00:00:00 2001 From: Mike Dalrymple Date: Sat, 12 Dec 2020 10:17:43 -0800 Subject: [PATCH 2/3] Using session region if noMetadata is set to true --- pkg/conn/conn.go | 24 +++++++++++++++--------- 1 file changed, 15 insertions(+), 9 deletions(-) diff --git a/pkg/conn/conn.go b/pkg/conn/conn.go index 71369f6..f9c507c 100644 --- a/pkg/conn/conn.go +++ b/pkg/conn/conn.go @@ -11,13 +11,13 @@ package conn import ( "crypto/tls" + "encoding/json" + "io/ioutil" "net/http" "net/url" "os" - "time" - "encoding/json" - "io/ioutil" "strings" + "time" "github.com/aws/aws-sdk-go/aws/awserr" "github.com/aws/aws-sdk-go/aws/credentials" @@ -135,6 +135,7 @@ func getRegionFromECSMetadata() string { // GetAWSConfigSession returns AWS config and session instances. func GetAWSConfigSession(cn connAttr, c *cfg.Config, roleArn string, region string, noMetadata bool) (*aws.Config, *session.Session) { var s *session.Session + var err error var awsRegion string http := getNewHTTPClient(cfg.ParameterConfigValue.Processor.MaxIdleConnPerHost, cfg.ParameterConfigValue.Processor.RequestTimeout, *c.NoVerifySSL, c.ProxyAddress) regionEnv := os.Getenv("AWS_REGION") @@ -148,16 +149,21 @@ func GetAWSConfigSession(cn connAttr, c *cfg.Config, roleArn string, region stri awsRegion = getRegionFromECSMetadata() if awsRegion == "" { es := getDefaultSession() - awsRegion, _ = cn.getEC2Region(es) - log.Debugf("Fetch region %v from ec2 metadata", awsRegion) - if awsRegion == "" { - awsRegion = *es.Config.Region - log.Debugf("Fetched region %v from session config", awsRegion) + awsRegion, err = cn.getEC2Region(es) + if err != nil { + log.Infof("Unable to fetch region from EC2 metadata: %v\n", err) + } else { + log.Debugf("Fetch region %v from ec2 metadata", awsRegion) } } + } else { + es := getDefaultSession() + awsRegion = *es.Config.Region + log.Debugf("Fetched region %v from session config", awsRegion) + } if awsRegion == "" { - log.Errorf("Cannot fetch region variable from config file, environment variables, ecs metadata, or ec2 metadata.") + log.Errorf("Cannot fetch region variable from config file, environment variables, ecs metadata, or ec2 metadata. Use local-mode to use the local session region.") os.Exit(1) } s = cn.newAWSSession(roleArn, awsRegion) From 2bad96eb11c48629a2c9cc1fc2f3a423ea57408c Mon Sep 17 00:00:00 2001 From: Mike Dalrymple Date: Sat, 12 Dec 2020 10:33:15 -0800 Subject: [PATCH 3/3] Reverting import formatting and !noMetadata log.Errorf --- pkg/conn/conn.go | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/pkg/conn/conn.go b/pkg/conn/conn.go index f9c507c..b87afca 100644 --- a/pkg/conn/conn.go +++ b/pkg/conn/conn.go @@ -11,13 +11,13 @@ package conn import ( "crypto/tls" - "encoding/json" - "io/ioutil" "net/http" "net/url" "os" - "strings" "time" + "encoding/json" + "io/ioutil" + "strings" "github.com/aws/aws-sdk-go/aws/awserr" "github.com/aws/aws-sdk-go/aws/credentials" @@ -151,7 +151,7 @@ func GetAWSConfigSession(cn connAttr, c *cfg.Config, roleArn string, region stri es := getDefaultSession() awsRegion, err = cn.getEC2Region(es) if err != nil { - log.Infof("Unable to fetch region from EC2 metadata: %v\n", err) + log.Errorf("Unable to fetch region from EC2 metadata: %v\n", err) } else { log.Debugf("Fetch region %v from ec2 metadata", awsRegion) }