public async Task CreateWithRoleArn_CreatesClientWithCredentials()
        {
            var roleArn     = "test arn";
            var instance    = CreateInstance();
            var credentials = new SessionAWSCredentials("key", "secret", "token");

            StsClient.AssumeRoleAsync(Arg.Any <AssumeRoleRequest>()).Returns(new AssumeRoleResponse
            {
                Credentials = new Credentials
                {
                    AccessKeyId     = credentials.GetCredentials().AccessKey,
                    SecretAccessKey = credentials.GetCredentials().SecretKey,
                    SessionToken    = credentials.GetCredentials().Token,
                }
            });

            var result = await instance.Create(roleArn);

            await StsFactory.Received().Create();

            await StsClient.Received().AssumeRoleAsync(
                Arg.Is <AssumeRoleRequest>(req => req.RoleArn == roleArn && req.RoleSessionName != null)
                );

            TestUtils.AssertClientHasCredentials((AmazonServiceClient)result, credentials);
        }
        public AWSLambdaAPI(SessionAWSCredentials sessionAWSCredentials)
        {
            this.sessionAWSCredentials = sessionAWSCredentials;
            var credentials = sessionAWSCredentials.GetCredentials();

            basicAWSCredentials = new BasicAWSCredentials(credentials.AccessKey, credentials.SecretKey);
            amazonLambdaClient  = new AmazonLambdaClient(sessionAWSCredentials);
        }
        public AWSStepFunctionsAPI(SessionAWSCredentials sessionAWSCredentials)
        {
            this.sessionAWSCredentials = sessionAWSCredentials;
            var credentials = sessionAWSCredentials.GetCredentials();

            basicAWSCredentials       = new BasicAWSCredentials(credentials.AccessKey, credentials.SecretKey);
            amazonStepFunctionsClient = new AmazonStepFunctionsClient(sessionAWSCredentials);
        }
Exemple #4
0
        /// <summary>
        /// provide support for resolving AthenaAPI from AWS environment
        /// </summary>
        /// <param name="sessionAWSCredentials"></param>
        public AWSAthenaAPI(SessionAWSCredentials sessionAWSCredentials)
        {
            this.sessionAWSCredentials = sessionAWSCredentials;
            var credentials = sessionAWSCredentials.GetCredentials();

            basicAWSCredentials   = new BasicAWSCredentials(credentials.AccessKey, credentials.SecretKey);
            amazonAthenaClient    = new AmazonAthenaClient(sessionAWSCredentials);
            DefaultOutputLocation = Environment.GetEnvironmentVariable("AWSAthenaDefaultOutputLocation");
        }
        protected override void ProcessRecord()
        {
            try
            {
                AWSSAMLUtils          awsSamlUtils          = new AWSSAMLUtils();
                SessionAWSCredentials awsSessionCredentials = null;

                ICredentials userCredentials = GetUserCredentials(useCurrentCredentials);

                Uri uri = new Uri(identityProviderUrl);
                NetworkCredential networkCredentials = userCredentials.GetCredential(uri, "");
                if (CredentialCache.DefaultCredentials != userCredentials)
                {
                    ImpersonateUser(networkCredentials.UserName, networkCredentials.Password, networkCredentials.Domain);
                }

                string   samlAssertion = awsSamlUtils.GetSamlAssertion(identityProviderUrl);
                string[] awsSamlRoles  = awsSamlUtils.GetAwsSamlRoles(samlAssertion);
                UnImpersonateUser();

                string awsSamlRole = null;
                if (roleIndex < awsSamlRoles.Length)
                {
                    awsSamlRole = awsSamlRoles[roleIndex];
                }
                else if (!string.IsNullOrEmpty(role))
                {
                    awsSamlRole = awsSamlRoles.FirstOrDefault(p => p.Contains(role));
                    if (awsSamlRole == null)
                    {
                        throw new ArgumentException(string.Format("role {0} not found in list of available roles: {1}", role, string.Join(", ", awsSamlRoles)));
                    }
                }
                else
                {
                    awsSamlRole = AskUserForAwsSamlRole(awsSamlRoles);
                }

                awsSessionCredentials = awsSamlUtils.GetSamlRoleCredentails(samlAssertion, awsSamlRole);
                SetPowershellSamlProfile(awsSessionCredentials.GetCredentials());
            }
            catch
            {
                throw;
            }
        }
Exemple #6
0
 public AWSCredentialsFactoryTestCredentialSourceFixture(CredentialProfileOptions options, SessionAWSCredentials sessionCredentials, bool disable = false)
 {
     credentialSourceType = (CredentialSourceType)Enum.Parse(typeof(CredentialSourceType), options.CredentialSource, true);
     switch (credentialSourceType)
     {
         case CredentialSourceType.Environment:
             ImmutableCredentials credentials = sessionCredentials.GetCredentials();
             originalAWSAccessKeyIdValue = SetEnvironmentVariable(AWS_ACCESS_KEY_ID_ENVIRONMENT_VARIABLE, credentials.AccessKey);
             originalAWSSecretAccessKeyValue = SetEnvironmentVariable(AWS_SECRET_ACCESS_KEY_ENVIRONMENT_VARIABLE, credentials.SecretKey);
             originalAWSSessionTokenValue = SetEnvironmentVariable(AWS_SESSION_TOKEN_ENVIRONMENT_VARIABLE, credentials.Token);
             break;
         case CredentialSourceType.Ec2InstanceMetadata:
             originalAWSMetadataDisabled = SetEnvironmentVariable(EC2InstanceMetadata.AWS_EC2_METADATA_DISABLED, disable ? "true" : "false");
             break;
         case CredentialSourceType.EcsContainer:
             originalContainerURIEnvVariableValue = SetEnvironmentVariable(ECSTaskCredentials.ContainerCredentialsURIEnvVariable, disable ? null : MOCK_ECSContainer_URIEnvVariableValue);
             break;
     }
 }
        protected override void ProcessRecord()
        {
            try
            {
                AWSSAMLUtils          awsSamlUtils          = new AWSSAMLUtils();
                SessionAWSCredentials awsSessionCredentials = null;

                ICredentials userCredentials = AskUserForCredentials(useCurrentCredentials);

                Uri uri = new Uri(identityProviderUrl);
                NetworkCredential networkCredentials = userCredentials.GetCredential(uri, "");
                if (CredentialCache.DefaultCredentials != userCredentials)
                {
                    ImpersonateUser(networkCredentials.UserName, networkCredentials.Password, networkCredentials.Domain);
                }

                string   samlAssertion = awsSamlUtils.GetSamlAssertion(identityProviderUrl);
                string[] awsSamlRoles  = awsSamlUtils.GetAwsSamlRoles(samlAssertion);
                UnImpersonateUser();

                string awsSamlRole = null;
                if (roleIndex < awsSamlRoles.Length)
                {
                    awsSamlRole = awsSamlRoles[roleIndex];
                }
                else
                {
                    awsSamlRole = AskUserForAwsSamlRole(awsSamlRoles);
                }

                awsSessionCredentials = awsSamlUtils.GetSamlRoleCredentails(samlAssertion, awsSamlRole);
                SetPowershellSamlProfile(awsSessionCredentials.GetCredentials());
            }
            catch
            {
                throw;
            }
        }