prosody-modules
1d719d4ef18f
mod_aws_profile/README.markdown
Software / code / prosody-modules
Comparison
mod_aws_profile/README.markdown @ 3698:1d719d4ef18f
mod_aws_profile: New module for role-based access to AWS APIs
| author | Matthew Wild <mwild1@gmail.com> |
|---|---|
| date | Tue, 08 Oct 2019 17:32:50 +0100 |
comparison
equal
deleted
inserted
replaced
| 3697:a07bd12fe554 | 3698:1d719d4ef18f |
|---|---|
| 1 # Introduction | |
| 2 | |
| 3 This module adds support for reading AWS IAM access credentials from EC2 instance metadata, | |
| 4 to allow Prosody modules to gain role-based access to AWS services. | |
| 5 | |
| 6 # Configuring | |
| 7 | |
| 8 ``` {.lua} | |
| 9 modules_enabled = { | |
| 10 "aws_profile"; | |
| 11 } | |
| 12 ``` | |
| 13 | |
| 14 There is no other configuration. | |
| 15 | |
| 16 # Usage in other modules | |
| 17 | |
| 18 Other modules can import the credentials as a shared table: | |
| 19 | |
| 20 ``` {.lua} | |
| 21 local aws_credentials = module:shared("/*/aws_profile/credentials"); | |
| 22 do_something(aws_credentials.access_key, aws_credentials.secret_key); | |
| 23 ``` | |
| 24 | |
| 25 Note that credentials are time-limited, and will change periodically. The | |
| 26 shared table will automatically be updated. If you need to know when this | |
| 27 happens, you can also hook the `'aws_profile/credentials-refreshed'` event: | |
| 28 | |
| 29 ``` {.lua} | |
| 30 module:hook_global("aws_profile/credentials-refreshed", function (new_credentials) | |
| 31 -- do something with new_credentials.access_key/secret_key | |
| 32 end); | |
| 33 ``` | |
| 34 | |
| 35 # Compatibility | |
| 36 | |
| 37 Meant for use with Prosody 0.11.x, may work in older versions. |
