Merge pull request #1827 from docker/ec2-creds

Allow EC2 IAM roles to be used when authorizing region endpoints
This commit is contained in:
Richard Scothern 2016-07-11 13:05:41 -07:00 committed by GitHub
commit 2052f29be6

View file

@ -270,9 +270,11 @@ func FromParameters(parameters map[string]interface{}) (*Driver, error) {
// bucketName // bucketName
func New(params DriverParameters) (*Driver, error) { func New(params DriverParameters) (*Driver, error) {
awsConfig := aws.NewConfig() awsConfig := aws.NewConfig()
var creds *credentials.Credentials if params.RegionEndpoint != "" {
if params.RegionEndpoint == "" { awsConfig.WithS3ForcePathStyle(true)
creds = credentials.NewChainCredentials([]credentials.Provider{ awsConfig.WithEndpoint(params.RegionEndpoint)
}
creds := credentials.NewChainCredentials([]credentials.Provider{
&credentials.StaticProvider{ &credentials.StaticProvider{
Value: credentials.Value{ Value: credentials.Value{
AccessKeyID: params.AccessKey, AccessKeyID: params.AccessKey,
@ -284,20 +286,6 @@ func New(params DriverParameters) (*Driver, error) {
&ec2rolecreds.EC2RoleProvider{Client: ec2metadata.New(session.New())}, &ec2rolecreds.EC2RoleProvider{Client: ec2metadata.New(session.New())},
}) })
} else {
creds = credentials.NewChainCredentials([]credentials.Provider{
&credentials.StaticProvider{
Value: credentials.Value{
AccessKeyID: params.AccessKey,
SecretAccessKey: params.SecretKey,
},
},
&credentials.EnvProvider{},
})
awsConfig.WithS3ForcePathStyle(true)
awsConfig.WithEndpoint(params.RegionEndpoint)
}
awsConfig.WithCredentials(creds) awsConfig.WithCredentials(creds)
awsConfig.WithRegion(params.Region) awsConfig.WithRegion(params.Region)
awsConfig.WithDisableSSL(!params.Secure) awsConfig.WithDisableSSL(!params.Secure)