NAME
Amazon::S3::Thin::Credentials - AWS credentials data container
SYNOPSIS
my$credentials= Amazon::S3::Thin::Credentials->new($aws_access_key_id,$aws_secret_access_key,# optional:$aws_session_token);my$key=$credentials->access_key_id();my$secret=$credentials->secret_access_key();my$session_token=$credentials->session_token();
1;
DESCRIPTION
This module contains AWS credentials and provide getters to the data.
# Load from argumentsmy$creds= Amazon::S3::Thin::Credentials->new($access_key,$secret_key,$session_token);# Load from environmentmy$creds= Amazon::S3::Thin::Credentials->from_env;# Load from instance profilemy$creds= Amazon::S3::Thin::Credentials->from_metadata(role=>'foo',version=> 2);# Load from ECS task rolemy$creds= Amazon::S3::Thin::Credentials->from_ecs_container;
from_env()
Instantiate Amazon::S3::Thin::Credentials and attempts to populate the credentials from current environment.
Croaks if either AWS_ACCESS_KEY_ID or AWS_SECRET_ACCESS_KEY are not set but supports the optional AWS_SESSION_TOKEN variable.
my$creds= Amazon::S3::Thin::Credentials->from_env;
from_metadata()
Instantiate Amazon::S3::Thin::Credentials and attempts to populate the credentials from the EC2 metadata service. An instance can have multiple IAM roles applied so you may optionally specify a role, otherwise the first one will be used.
In November 2019 AWS released version 2 of the instance metadata service which is more secure against Server Side Request Forgery attacks. Using v2 is highly recommended thus it is the default here.
my$creds= Amazon::S3::Thin::Credentials->from_metadata(role=>'foo',# The name of the IAM role on the instanceversion=> 2# Metadata service version - either 1 or 2);
from_ecs_container()
Instantiate Amazon::S3::Thin::Credentials and attempts to populate the credentials from the ECS task role.
my$creds= Amazon::S3::Thin::Credentials->from_ecs_container;
access_key_id()
Returns access_key_id
secret_access_key()
Returns secret_access_key
session_token()
Returns session_token