blob: 416d79514e423da897d00901627783a44503812d (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
|
<?php
namespace Aws\Credentials;
use Aws\Exception\CredentialsException;
use Aws\Result;
use Aws\Sts\StsClient;
use GuzzleHttp\Promise\PromiseInterface;
/**
* Credential provider that provides credentials via assuming a role
* More Information, see: http://docs.aws.amazon.com/aws-sdk-php/v3/api/api-sts-2011-06-15.html#assumerole
*/
class AssumeRoleCredentialProvider
{
const ERROR_MSG = "Missing required 'AssumeRoleCredentialProvider' configuration option: ";
/** @var StsClient */
private $client;
/** @var array */
private $assumeRoleParams;
/**
* The constructor requires following configure parameters:
* - client: a StsClient
* - assume_role_params: Parameters used to make assumeRole call
*
* @param array $config Configuration options
* @throws \InvalidArgumentException
*/
public function __construct(array $config = [])
{
if (!isset($config['assume_role_params'])) {
throw new \InvalidArgumentException(self::ERROR_MSG . "'assume_role_params'.");
}
if (!isset($config['client'])) {
throw new \InvalidArgumentException(self::ERROR_MSG . "'client'.");
}
$this->client = $config['client'];
$this->assumeRoleParams = $config['assume_role_params'];
}
/**
* Loads assume role credentials.
*
* @return PromiseInterface
*/
public function __invoke()
{
$client = $this->client;
return $client->assumeRoleAsync($this->assumeRoleParams)
->then(function (Result $result) {
return $this->client->createCredentials($result);
})->otherwise(function (\RuntimeException $exception) {
throw new CredentialsException(
"Error in retrieving assume role credentials.",
0,
$exception
);
});
}
}
|
