Skip to content

bbc/wormhole-credentials-provider

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

77 Commits
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Wormhole Credentials Provider

Credentials provider for the AWS SDK which will fallback to the wormhole where no other credentials are available.

This is in ALPHA and may have a few issues to iron out!

usage

add to project (not actually published yet!)

yarn i wormhole-credentials-provider

and then do stuff

const AWS = require("aws-sdk");
const credentialsProvider = require('./src/index');

credentialsProvider
    .getCredentials()
    .then(credentials => {
        AWS.config.update({ credentials });
        // some useful stuff
    });

running in debug

this will force a refresh once a minute

 WCP_DEBUG=true node src/example.js

AWS Account number

export the account number for the your credendials

export AWS_ACCOUNT_NUMBER=1234567890

Certificates

If you have a .pem

export CERT_LOCATION=/path/to/your/combined/dev/cert.pem

If you have a .p12

export CERT_LOCATION=/path/to/your/combined/dev/cert.p12
export CERT_PASSPHRASE=my_password

If you have an unencrypted .crt

export CERT_LOCATION=/path/to/your/dev/cert.crt
export CERT_KEY=/path/to/your/combined/dev/cert_key.key

If the none of the above are found, the default service certificate locations will be used. This is useful if you are using this on an Cosmos launched EC2.

These are:

/etc/pki/tls/certs/client.crt
/etc/pki/tls/private/client.key

How do I change the AWS region ?

CPS Wormhole will look for the AWS_REGION environment variable. If it's not found, it will default to eu-west-1. Export the region you want if it differs from the default.

What is Wormhole and how do I get access?

Wormhole provides temporary credentials that can be used with Amazon’s AWS SDKs and APIs. The In the absence of other credentials types, this credentials provider will attempt to retrieve credentials Wormhole which are then used SDK calls.

You can access the wormhole docs here.

todo

  1. look at improving method to determine whether execution environment is AWS EC2
  2. check how we determine whether we are running in a lambda
  3. add a build script
  4. remove example
  5. move to the BBC organisation
  6. publish
  7. itegrate with one of our services which has a long-running process
  8. can we return the credentials provider array and set that in AWS config?
  9. proxy support
  10. swap out axios for a BBC shaped http client [Flashheart]
  11. Typescript this

Here is the AWS doc stuff

About

aws credentials-provider for bbc wormhole

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published