private AWSSessionCredentials createSessionCredentials(Config config, SecretProvider secrets, BasicAWSCredentials baseCredential)
{
List<AcceptableUri> acceptableUris = buildAcceptableUriForSessionCredentials(config, baseCredential);
if (!config.get("temp_credentials", Boolean.class, true)) {
return new BasicSessionCredentials(
baseCredential.getAWSAccessKeyId(),
baseCredential.getAWSSecretKey(),
null
);
}
AWSSessionCredentialsFactory sessionCredentialsFactory =
new AWSSessionCredentialsFactory(baseCredential, acceptableUris);
Optional<String> roleArn = getSecretOptionalValue(secrets, "role_arn");
if (roleArn.isPresent()) {
sessionCredentialsFactory.withRoleArn(roleArn.get());
Optional<String> roleSessionName = secrets.getSecretOptional("role_session_name");
if (roleSessionName.isPresent()) {
sessionCredentialsFactory.withRoleSessionName(roleSessionName.get());
}
}
Optional<Integer> durationSeconds = config.getOptional("session_duration", Integer.class);
if (durationSeconds.isPresent()) {
sessionCredentialsFactory.withDurationSeconds(durationSeconds.get());
}
return sessionCredentialsFactory.get();
}