diff options
author | Jon Marius Venstad <venstad@gmail.com> | 2021-04-13 12:12:32 +0200 |
---|---|---|
committer | Jon Marius Venstad <venstad@gmail.com> | 2021-04-13 12:12:32 +0200 |
commit | 27e019b44baf71be323d47754bda3f4aabdc9bcb (patch) | |
tree | c098994adce51558d3861c49bd00e2023d1ed43f /vespa-athenz/src/main/java/com | |
parent | c786930dbab9867817e05ee2fe097bbb50f29cd8 (diff) |
Support external-id in AwsCredentials
Diffstat (limited to 'vespa-athenz/src/main/java/com')
-rw-r--r-- | vespa-athenz/src/main/java/com/yahoo/vespa/athenz/aws/AwsCredentials.java | 12 |
1 files changed, 11 insertions, 1 deletions
diff --git a/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/aws/AwsCredentials.java b/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/aws/AwsCredentials.java index 30ff63fb108..b5473929184 100644 --- a/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/aws/AwsCredentials.java +++ b/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/aws/AwsCredentials.java @@ -25,12 +25,18 @@ public class AwsCredentials { private final AthenzDomain athenzDomain; private final AwsRole awsRole; private final ZtsClient ztsClient; + private final String externalId; private volatile AwsTemporaryCredentials credentials; public AwsCredentials(ZtsClient ztsClient, AthenzDomain athenzDomain, AwsRole awsRole) { + this(ztsClient, athenzDomain, awsRole, null); + } + + public AwsCredentials(ZtsClient ztsClient, AthenzDomain athenzDomain, AwsRole awsRole, String externalId) { this.ztsClient = ztsClient; this.athenzDomain = athenzDomain; this.awsRole = awsRole; + this.externalId = externalId; this.credentials = get(); } @@ -42,12 +48,16 @@ public class AwsCredentials { this(new DefaultZtsClient.Builder(ztsUrl).withSslContext(sslContext).build(), athenzDomain, awsRole); } + public AwsCredentials(URI ztsUrl, SSLContext sslContext, AthenzDomain athenzDomain, AwsRole awsRole, String externalId) { + this(new DefaultZtsClient.Builder(ztsUrl).withSslContext(sslContext).build(), athenzDomain, awsRole, externalId); + } + /** * Requests temporary credentials from ZTS or return cached credentials */ public AwsTemporaryCredentials get() { if(shouldRefresh(credentials)) { - this.credentials = ztsClient.getAwsTemporaryCredentials(athenzDomain, awsRole); + this.credentials = ztsClient.getAwsTemporaryCredentials(athenzDomain, awsRole, externalId); } return credentials; } |