unboundsoftware/nginx-s3-upload
Archived
6
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Activity
This repository has been archived on 2026-03-07. You can view files and clone it. You cannot open issues or pull requests or push a commit.
Files
ef6bb3fdef1f07d65de0c4b412aef77c5c4a92d8
nginx-s3-upload/fetcher.lua
T

35 lines
1.0 KiB
Lua
Raw Normal View History

Fetch access key, secret and token from metadata service using resty-http if not provided as ENV-props
2019-08-02 11:46:00 +02:00
local fetcher = {}
function fetcher.fetch()
local key = os.getenv("AWS_ACCESS_KEY_ID")
local secret = os.getenv("AWS_SECRET_ACCESS_KEY")
if (key and secret) then
ngx.log(ngx.STDERR, "Key: " .. key .. ", Secret: " .. secret)
return key, secret, nil
end
local http = require "resty.http"
local JSON = require "JSON"
local httpc = http.new()
local res, err = httpc:request_uri("http://169.254.169.254/latest/meta-data/iam/security-credentials/", { method = "GET" })
if not res then
ngx.log(ngx.STDERR, "failed to get IAM role: ", err)
return
end
local role = res.body
res, err = httpc:request_uri("http://169.254.169.254/latest/meta-data/iam/security-credentials/" .. role, { method = "GET" })
if not res then
ngx.log(ngx.STDERR, "failed to get role info: ", err)
return
end
local json = res.body
local table = JSON:decode(json)
key = table["AccessKeyId"]
secret = table["SecretAccessKey"]
local token = table["Token"]
return key, secret, token
end
return fetcher
Reference in New Issue Copy Permalink