Referring to ConfigFile instead of CredentialsFile

tmspzz · Jun 4, 2019 · de3fadf · de3fadf
1 parent c7a2b9a
commit de3fadf
Show file tree

Hide file tree

Showing 3 changed files with 17 additions and 4 deletions.
diff --git a/README.md b/README.md
@@ -225,7 +225,7 @@ To use configurations other than the `default` profile set the `$AWS_PROFILE`
 environment variable to your desired profile.
 
 Since version `0.21.0.58` Rome also supports privilege escalation via [Amazon STS](https://docs.aws.amazon.com/STS/latest/APIReference/Welcome.html)
-by specifying `role_arn` and `source_profile` in `~/.aws/credentials`
+by specifying `role_arn` and `source_profile` in `~/.aws/config`
 
 ### Selecting the AWS Region
 

diff --git a/src/Lib.hs b/src/Lib.hs
@@ -94,13 +94,15 @@ getAWSEnv = do
     (lookupEnv (T.unpack "AWS_PROFILE"))
   credentials <-
     runExceptT $ (AWS.credentialsFromFile =<< getAWSCredentialsFilePath) `catch` \(e :: IOError) -> ExceptT . return . Left . show $ e
+  config <-
+    runExceptT $ (AWS.configFromFile =<< getAWSConfigFilePath) `catch` \(e :: IOError) -> ExceptT . return . Left . show $ e
   (auth, _) <-
     AWS.catching AWS._MissingEnvError AWS.fromEnv $ \envError -> either
       throwError
       (\cred -> do
         let finalProfile = fromMaybe
               profile
-              (eitherToMaybe $ AWS.sourceProfileOf profile =<< credentials)
+              (eitherToMaybe $ AWS.sourceProfileOf profile =<< config)
         let
           authAndRegion =
             (,)
@@ -118,7 +120,7 @@ getAWSEnv = do
       credentials
   manager <- liftIO (Conduit.newManager Conduit.tlsManagerSettings)
   ref     <- liftIO (newIORef Nothing)
-  let roleARN = eitherToMaybe $ AWS.roleARNOf profile =<< credentials
+  let roleARN = eitherToMaybe $ AWS.roleARNOf profile =<< config
   let curerntEnv = AWS.Env region
                            (\_ _ -> pure ())
                            (AWS.retryConnectionFailure 3)

diff --git a/src/Network/AWS/Utils.hs b/src/Network/AWS/Utils.hs
@@ -3,6 +3,7 @@
 module Network.AWS.Utils
   ( ConfigFile
   , credentialsFromFile
+  , configFromFile
   , authFromCredentilas
   , parseConfigFile
   , regionOf
@@ -54,6 +55,16 @@ credentialsFromFile filePath = do
   withExceptT (("Could not parse " <> filePath <> ": ") <>) (action file)
   where action a = ExceptT . return $ parseCredentialsFile a
 
+-- | Reads `ConfigFile` from a file at a given path
+configFromFile
+  :: MonadIO m
+  => FilePath -- ^ The path to the file containing the credentials. Usually `~/.aws/config`
+  -> ExceptT String m ConfigFile
+configFromFile filePath = do
+  file <- liftIO (T.readFile filePath)
+  withExceptT (("Could not parse " <> filePath <> ": ") <>) (action file)
+  where action a = ExceptT . return $ parseConfigFile a
+
 authFromCredentilas :: T.Text -> CredentialsFile -> Either String AWS.Auth
 authFromCredentilas profile credentials = AWS.Auth <$> authEnv
  where
@@ -92,7 +103,7 @@ getPropertyFromCredentials profile property =
 
 getPropertyFromConfig
   :: T.Text -> T.Text -> ConfigFile -> Either String T.Text
-  getPropertyFromConfig profile property =
+getPropertyFromConfig profile property =
   lookupValue profile property . asIni
 
 sourceProfileOf :: T.Text -> ConfigFile -> Either String T.Text