Skip to content

Commit

Permalink
[Version 2] Fix AWS_PROFILE order in default credential chain (#1541)
Browse files Browse the repository at this point in the history
  • Loading branch information
@cjyclaire
cjyclaire authored Jun 20, 2017
1 parent 9d5a425 commit c2939e6
Show file tree
Hide file tree
Showing 3 changed files with 24 additions and 1 deletion.
2 changes: 2 additions & 0 deletions CHANGELOG.md
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,8 @@
Unreleased Changes
------------------

* Issue - Aws::CredentialProviderChain - Fetching `AWS_PROFILE` environment variable before using `default` profile.

2.9.44 (2017-06-20)
------------------

Expand Down
3 changes: 2 additions & 1 deletion aws-sdk-core/lib/aws-sdk-core/credential_provider_chain.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -62,7 +62,8 @@ def shared_credentials(options)
if options[:config]
SharedCredentials.new(profile_name: options[:config].profile)
else
SharedCredentials.new(profile_name: 'default')
SharedCredentials.new(
profile_name: ENV['AWS_PROFILE'].nil? ? 'default' : ENV['AWS_PROFILE'])
end
rescue Errors::NoSuchProfileError
nil
Expand Down
20 changes: 20 additions & 0 deletions aws-sdk-core/spec/aws/credential_provider_chain_spec.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -92,6 +92,26 @@ module Aws
expect(credentials.credentials.session_token).to eq('TOKEN_0')
end


it 'hydrates profile from ENV with AWS_PROFILE when available' do
mock_path = File.join(
File.dirname(__FILE__), '..', 'fixtures', 'credentials',
'mock_shared_credentials')
path = File.join('HOME', '.aws', 'credentials')
allow(Dir).to receive(:home).and_return('HOME')
allow(File).to receive(:exist?).with(path).and_return(true)
allow(File).to receive(:readable?).with(path).and_return(true)
allow(File).to receive(:read).with(path).and_return(File.read(mock_path))

env['AWS_PROFILE'] = 'fooprofile'
creds = CredentialProviderChain.new.resolve
expect(creds.profile_name).to eq('fooprofile')
expect(credentials.set?).to be(true)
expect(credentials.credentials.access_key_id).to eq('ACCESS_KEY_1')
expect(credentials.credentials.secret_access_key).to eq('SECRET_KEY_1')
expect(credentials.credentials.session_token).to eq('TOKEN_1')
end

it 'hydrates credentials from the instance profile service' do
path = '/latest/meta-data/iam/security-credentials/'
resp = <<-JSON.strip
Expand Down

0 comments on commit c2939e6

Please sign in to comment.