module Amazonka.Auth
(
Auth (..),
withAuth,
discover,
runCredentialChain,
fromKeys,
fromSession,
fromTemporarySession,
fromKeysEnv,
fromFilePath,
fromFileEnv,
fromContainer,
fromContainerEnv,
fromAssumedRole,
fromWebIdentity,
fromWebIdentityEnv,
fromDefaultInstanceProfile,
fromNamedInstanceProfile,
fromSSO,
AccessKey (..),
SecretKey (..),
SessionToken (..),
AsAuthError (..),
AuthError (..),
Env,
EnvNoAuth,
Env' (..),
)
where
import Amazonka.Auth.ConfigFile (fromFileEnv, fromFilePath)
import Amazonka.Auth.Container (fromContainer, fromContainerEnv)
import Amazonka.Auth.Exception
import Amazonka.Auth.InstanceProfile (fromDefaultInstanceProfile, fromNamedInstanceProfile)
import Amazonka.Auth.Keys (fromKeys, fromKeysEnv, fromSession, fromTemporarySession)
import Amazonka.Auth.SSO (fromSSO)
import Amazonka.Auth.STS (fromAssumedRole, fromWebIdentity, fromWebIdentityEnv)
import Amazonka.Core.Lens.Internal (catching_)
import Amazonka.EC2.Metadata
import Amazonka.Env (Env, Env' (..), EnvNoAuth)
import Amazonka.Prelude
import Amazonka.Types
import Control.Monad.Catch (MonadCatch (..), throwM)
discover ::
(MonadCatch m, MonadIO m, Foldable withAuth) =>
Env' withAuth ->
m Env
discover :: forall (m :: * -> *) (withAuth :: * -> *).
(MonadCatch m, MonadIO m, Foldable withAuth) =>
Env' withAuth -> m Env
discover =
forall (m :: * -> *) a b. MonadCatch m => [a -> m b] -> a -> m b
runCredentialChain
[ forall (m :: * -> *) (withAuth :: * -> *).
MonadIO m =>
Env' withAuth -> m Env
fromKeysEnv,
forall (m :: * -> *) (withAuth :: * -> *).
(MonadIO m, Foldable withAuth) =>
Env' withAuth -> m Env
fromFileEnv,
forall (m :: * -> *) (withAuth :: * -> *).
MonadIO m =>
Env' withAuth -> m Env
fromWebIdentityEnv,
forall (m :: * -> *) (withAuth :: * -> *).
MonadIO m =>
Env' withAuth -> m Env
fromContainerEnv,
\Env' withAuth
env -> do
Bool
onEC2 <- forall (m :: * -> *). MonadIO m => Manager -> m Bool
isEC2 forall a b. (a -> b) -> a -> b
$ forall (withAuth :: * -> *). Env' withAuth -> Manager
manager Env' withAuth
env
forall (f :: * -> *). Applicative f => Bool -> f () -> f ()
unless Bool
onEC2 forall a b. (a -> b) -> a -> b
$ forall (m :: * -> *) e a. (MonadThrow m, Exception e) => e -> m a
throwM AuthError
CredentialChainExhausted
forall (m :: * -> *) (withAuth :: * -> *).
MonadIO m =>
Env' withAuth -> m Env
fromDefaultInstanceProfile Env' withAuth
env
]
runCredentialChain :: MonadCatch m => [a -> m b] -> a -> m b
runCredentialChain :: forall (m :: * -> *) a b. MonadCatch m => [a -> m b] -> a -> m b
runCredentialChain [a -> m b]
chain a
env =
case [a -> m b]
chain of
[] -> forall (m :: * -> *) e a. (MonadThrow m, Exception e) => e -> m a
throwM AuthError
CredentialChainExhausted
a -> m b
provider : [a -> m b]
chain' ->
forall (m :: * -> *) a r.
MonadCatch m =>
Getting (First a) SomeException a -> m r -> m r -> m r
catching_ forall a. AsAuthError a => Prism' a AuthError
_AuthError (a -> m b
provider a
env) forall a b. (a -> b) -> a -> b
$ forall (m :: * -> *) a b. MonadCatch m => [a -> m b] -> a -> m b
runCredentialChain [a -> m b]
chain' a
env