4 "github.com/aws/aws-sdk-go/aws/awserr"
8 // ErrNoValidProvidersFoundInChain Is returned when there are no valid
9 // providers in the ChainProvider.
11 // This has been deprecated. For verbose error messaging set
12 // aws.Config.CredentialsChainVerboseErrors to true
15 ErrNoValidProvidersFoundInChain = awserr.New("NoCredentialProviders",
16 `no valid providers in chain. Deprecated.
17 For verbose messaging see aws.Config.CredentialsChainVerboseErrors`,
21 // A ChainProvider will search for a provider which returns credentials
22 // and cache that provider until Retrieve is called again.
24 // The ChainProvider provides a way of chaining multiple providers together
25 // which will pick the first available using priority order of the Providers
28 // If none of the Providers retrieve valid credentials Value, ChainProvider's
29 // Retrieve() will return the error ErrNoValidProvidersFoundInChain.
31 // If a Provider is found which returns valid credentials Value ChainProvider
32 // will cache that Provider for all calls to IsExpired(), until Retrieve is
35 // Example of ChainProvider to be used with an EnvProvider and EC2RoleProvider.
36 // In this example EnvProvider will first check if any credentials are available
37 // via the environment variables. If there are none ChainProvider will check
38 // the next Provider in the list, EC2RoleProvider in this case. If EC2RoleProvider
39 // does not return any credentials ChainProvider will return the error
40 // ErrNoValidProvidersFoundInChain
42 // creds := NewChainCredentials(
46 // Client: ec2metadata.New(sess),
50 // // Usage of ChainCredentials with aws.Config
51 // svc := ec2.New(&aws.Config{Credentials: creds})
53 type ChainProvider struct {
59 // NewChainCredentials returns a pointer to a new Credentials object
60 // wrapping a chain of providers.
61 func NewChainCredentials(providers []Provider) *Credentials {
62 return NewCredentials(&ChainProvider{
63 Providers: append([]Provider{}, providers...),
67 // Retrieve returns the credentials value or error if no provider returned
70 // If a provider is found it will be cached and any calls to IsExpired()
71 // will return the expired state of the cached provider.
72 func (c *ChainProvider) Retrieve() (Value, error) {
74 for _, p := range c.Providers {
75 creds, err := p.Retrieve()
80 errs = append(errs, err)
85 err = ErrNoValidProvidersFoundInChain
87 err = awserr.NewBatchError("NoCredentialProviders", "no valid providers in chain", errs)
92 // IsExpired will returned the expired state of the currently cached provider
93 // if there is one. If there is no current provider, true will be returned.
94 func (c *ChainProvider) IsExpired() bool {
96 return c.curr.IsExpired()