|
1 | 1 | import { fromEnv } from "@aws-sdk/credential-provider-env"; |
2 | 2 | import { fromContainerMetadata, fromInstanceMetadata } from "@aws-sdk/credential-provider-imds"; |
| 3 | +import { fromSSO, isSsoProfile, validateSsoProfile } from "@aws-sdk/credential-provider-sso"; |
3 | 4 | import { AssumeRoleWithWebIdentityParams, fromTokenFile } from "@aws-sdk/credential-provider-web-identity"; |
4 | 5 | import { CredentialsProviderError } from "@aws-sdk/property-provider"; |
5 | 6 | import { ParsedIniData, Profile } from "@aws-sdk/shared-ini-file-loader"; |
6 | 7 | import { CredentialProvider, Credentials } from "@aws-sdk/types"; |
7 | 8 | import { getMasterProfileName, parseKnownFiles, SourceProfileInit } from "@aws-sdk/util-credentials"; |
8 | 9 |
|
9 | | -export const ENV_PROFILE = "AWS_PROFILE"; |
10 | | - |
11 | 10 | /** |
12 | 11 | * @see http://docs.aws.amazon.com/AWSJavaScriptSDK/latest/AWS/STS.html#assumeRole-property |
13 | 12 | * TODO update the above to link to V3 docs |
@@ -147,6 +146,16 @@ const resolveProfileData = async ( |
147 | 146 | return resolveStaticCredentials(data); |
148 | 147 | } |
149 | 148 |
|
| 149 | + if (isSsoProfile(data)) { |
| 150 | + const { sso_start_url, sso_account_id, sso_region, sso_role_name } = validateSsoProfile(data); |
| 151 | + return fromSSO({ |
| 152 | + ssoStartUrl: sso_start_url, |
| 153 | + ssoAccountId: sso_account_id, |
| 154 | + ssoRegion: sso_region, |
| 155 | + ssoRoleName: sso_role_name, |
| 156 | + })(); |
| 157 | + } |
| 158 | + |
150 | 159 | // If this is the first profile visited, role assumption keys should be |
151 | 160 | // given precedence over static credentials. |
152 | 161 | if (isAssumeRoleWithSourceProfile(data) || isAssumeRoleWithProviderProfile(data)) { |
|
0 commit comments