class Backends::Ec2::Authn::Ec2CredentialsHelper

Public Class Methods

get_credentials(options, delegated_user, logger) click to toggle source

Converts given user credentials to credentials supported by AWS. Currently only 'basic', 'x509' and 'voms' are supported as the initial credentials.

@param options [Hash] backend options @param delegated_user [Hash] current authenticated user @param logger [Logger] instance of the logging facility @return [::Aws::Credentials] credentials for the AWS EC2 client @effects none: call answered from within the backend

# File lib/backends/ec2/authn/ec2_credentials_helper.rb, line 13
def self.get_credentials(options, delegated_user, logger)
  case delegated_user.auth_.type
  when 'basic'
    # using provided basic credentials as access_key_id and secret_access_key
    handle_basic(options, delegated_user, logger)
  when 'x509'
    # everyone will be mapped to the same AWS account
    handle_x509(options, delegated_user, logger)
  when 'voms'
    # similar to 'x509', different VOs can be mapped to different AWS accounts
    handle_voms(options, delegated_user, logger)
  else
    # unsupported authentication type
    fail Backends::Errors::AuthenticationError, "Authentication strategy "               "#{delegated_user.auth_.type.inspect} is not supported by the EC2 backend!"
  end
end