MiyamotoAkira/client.clj

## client.clj
(ns aws.client
  (:require [cognitect.aws.client.api :as aws]
            [cognitect.aws.util :as u]
            [clojure.java.io :as io]
            [clojure.tools.logging :as log]
            [cognitect.aws.config :as config]
            [cognitect.aws.credentials :as credentials])
  (:import (java.io File)))

(defn assumed-role-credentials-provider [parent-profile role-arn]
  (let [sts (aws/client {:api :sts
                         :credentials-provider (credentials/profile-credentials-provider parent-profile)})]
    (credentials/cached-credentials-with-auto-refresh
     (reify credentials/CredentialsProvider
       (fetch [_]
         (when-let [creds (:Credentials
                           (aws/invoke sts
                                       {:op      :AssumeRole
                                        :request {:RoleArn         role-arn
                                                  :RoleSessionName (str (gensym "example-session-"))}}))]
           (println creds)
           {:aws/access-key-id     (:AccessKeyId creds)
            :aws/secret-access-key (:SecretAccessKey creds)
            :aws/session-token     (:SessionToken creds)
            ::credentials/ttl      (credentials/calculate-ttl creds)}))))))


(defn assume-profile-credentials-provider
  ([]
   (assume-profile-credentials-provider (or (u/getenv "AWS_PROFILE")
                                            (u/getProperty "aws.profile")
                                            "default")))

  ([profile-name]
   (assume-profile-credentials-provider
    profile-name
    (or (io/file (u/getenv "AWS_CREDENTIAL_PROFILES_FILE"))
        (io/file (u/getProperty "user.home") ".aws" "credentials"))))

  ([profile-name ^File f]
   (credentials/cached-credentials-with-auto-refresh
    (reify credentials/CredentialsProvider
      (fetch [_]
        (when (.exists f)
          (let [profile (get (config/parse f) profile-name)]
            (if-let [source-profile (get profile "source_profile")]
              (if-let [role-arn (get profile "role_arn")]
                (.fetch (assumed-role-credentials-provider source-profile role-arn))
                (.fetch (credentials/profile-credentials-provider profile-name)))
              (.fetch (credentials/profile-credentials-provider profile-name))))))))))
	(ns aws.client
	(:require [cognitect.aws.client.api :as aws]
	[cognitect.aws.util :as u]
	[clojure.java.io :as io]
	[clojure.tools.logging :as log]
	[cognitect.aws.config :as config]
	[cognitect.aws.credentials :as credentials])
	(:import (java.io File)))

	(defn assumed-role-credentials-provider [parent-profile role-arn]
	(let [sts (aws/client {:api :sts
	:credentials-provider (credentials/profile-credentials-provider parent-profile)})]
	(credentials/cached-credentials-with-auto-refresh
	(reify credentials/CredentialsProvider
	(fetch [_]
	(when-let [creds (:Credentials
	(aws/invoke sts
	{:op :AssumeRole
	:request {:RoleArn role-arn
	:RoleSessionName (str (gensym "example-session-"))}}))]
	(println creds)
	{:aws/access-key-id (:AccessKeyId creds)
	:aws/secret-access-key (:SecretAccessKey creds)
	:aws/session-token (:SessionToken creds)
	::credentials/ttl (credentials/calculate-ttl creds)}))))))


	(defn assume-profile-credentials-provider
	([]
	(assume-profile-credentials-provider (or (u/getenv "AWS_PROFILE")
	(u/getProperty "aws.profile")
	"default")))

	([profile-name]
	(assume-profile-credentials-provider
	profile-name
	(or (io/file (u/getenv "AWS_CREDENTIAL_PROFILES_FILE"))
	(io/file (u/getProperty "user.home") ".aws" "credentials"))))

	([profile-name ^File f]
	(credentials/cached-credentials-with-auto-refresh
	(reify credentials/CredentialsProvider
	(fetch [_]
	(when (.exists f)
	(let [profile (get (config/parse f) profile-name)]
	(if-let [source-profile (get profile "source_profile")]
	(if-let [role-arn (get profile "role_arn")]
	(.fetch (assumed-role-credentials-provider source-profile role-arn))
	(.fetch (credentials/profile-credentials-provider profile-name)))
	(.fetch (credentials/profile-credentials-provider profile-name))))))))))