ai-workspace-infra/artifacts
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add aws_session_token argument, to enable use of temp AWS credentials (#26)

Browse Source 
* - Add `aws_session_token` argument to program, to enable use of temporary AWS credentials

* Fix spacing

*  Whitespace should be tab
This commit is contained in:
Matt Ellis 2019-12-03 13:36:53 +11:00 committed by Andriy Knysh
parent 06ce0f393f
commit 8546fedfa2
2 changed files with 7 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
main.go
View File

@ -18,6 +18,7 @@ import (
var (
awsAccessKeyId = flag.String("aws_access_key_id", os.Getenv("AWS_ACCESS_KEY_ID"), "AWS access key Id with permissions to publish CloudWatch metrics")
awsSecretAccessKey = flag.String("aws_secret_access_key", os.Getenv("AWS_SECRET_ACCESS_KEY"), "AWS secret access key with permissions to publish CloudWatch metrics")
awsSessionToken = flag.String("aws_session_token", os.Getenv("AWS_SESSION_TOKEN"), "AWS session token with permissions to publish CloudWatch metrics")
cloudWatchNamespace = flag.String("cloudwatch_namespace", os.Getenv("CLOUDWATCH_NAMESPACE"), "CloudWatch Namespace")
cloudWatchRegion = flag.String("cloudwatch_region", os.Getenv("CLOUDWATCH_REGION"), "CloudWatch Region")
cloudWatchPublishTimeout = flag.String("cloudwatch_publish_timeout", os.Getenv("CLOUDWATCH_PUBLISH_TIMEOUT"), "CloudWatch publish timeout in seconds")
@ -172,6 +173,7 @@ func main() {
PrometheusSkipServerCertCheck: skipCertCheck,
AwsAccessKeyId: *awsAccessKeyId,
AwsSecretAccessKey: *awsSecretAccessKey,
AwsSessionToken: *awsSessionToken,
AdditionalDimensions: additionalDimensions,
ReplaceDimensions: replaceDims,
IncludeMetrics: includeMetricsList,

6
prometheus_to_cloudwatch.go
View File

@ -64,6 +64,9 @@ type Config struct {
// AWS secret access key with permissions to publish CloudWatch metrics
AwsSecretAccessKey string
// AWS session token with permissions to publish CloudWatch metrics
AwsSessionToken string
// Required. The CloudWatch namespace under which metrics should be published
CloudWatchNamespace string
@ -174,7 +177,8 @@ func NewBridge(c *Config) (*Bridge, error) {
// If credentials are not provided in the variables, the chain of credential providers will search for credentials
// in environment variables, the shared credential file, and EC2 Instance Roles
if c.AwsAccessKeyId != "" && c.AwsSecretAccessKey != "" {
config.Credentials = credentials.NewStaticCredentials(c.AwsAccessKeyId, c.AwsSecretAccessKey, "")
// Utilise AWS session token if one is provided (Required for temporary AWS credentials)
config.Credentials = credentials.NewStaticCredentials(c.AwsAccessKeyId, c.AwsSecretAccessKey, c.AwsSessionToken)
}
sess, err := session.NewSession(config)