rex/awsSTS
1
0
Fork 0
mirror of https://github.com/ThomasTJdev/nim_awsSTS synced 2026-01-07 07:11:13 +00:00
Code Issues Projects Releases Packages Wiki Activity
No description
14 commits 1 branch 9 tags 51 KiB
Find a file
Exact
ThomasTJdev 4170b92e4b
 Implement pooling
2025-02-14 07:23:00 +01:00
.github/workflows Refactor 2024-01-27 15:55:25 +01:00
src Implement pooling 2025-02-14 07:23:00 +01:00
tests Refactor 2024-01-27 15:55:25 +01:00
.gitignore Refactor 2024-01-27 15:55:25 +01:00
awsSTS.nimble Implement pooling 2025-02-14 07:23:00 +01:00
config.nims init 2021-06-26 09:48:10 +02:00
LICENSE Initial commit 2021-06-26 05:58:48 +02:00
README.md Implement pooling 2025-02-14 07:23:00 +01:00

README.md

awsSTS

AWS Security Token Service API in Nim

This nim package is for generating AWS Security Token Service and temporary ASIAxxx credentials.

AWS Security Token Service (AWS STS) is a web service that enables you to request temporary, limited-privilege credentials for AWS Identity and Access Management (IAM) users or for users that you authenticate (federated users).

This package is purely for generating ASIAxxxx credentials, which can be used in other services.

Example

General one time call

import awsSTS

awsSTSInitHttpPool(size = 5)

let
  myAccessKey   = "AKIDEXAMPLE"
  mySecretKey   = "23456OIUYTREXAMPLE"
  role          = "arn:aws:iam::87654322345:role/Role-I-Can-And-May"
  serverRegion  = "eu-west-1"

let creds = awsSTScreateASIA(myAccessKey, mySecretKey, serverRegion, role)

echo creds.AWS_ACCESS_KEY_ID
echo creds.AWS_SECRET_ACCESS_KEY
echo creds.AWS_SESSION_TOKEN

Keep in global variable and auto-renew

Auto-renew and keep credentials in global variable. Accessible from all threads.

import awsSTS/sts

awsSTSInitHttpPool(size = 5)

let
  myAccessKey   = "AKIDEXAMPLE"
  mySecretKey   = "23456OIUYTREXAMPLE"
  role          = "arn:aws:iam::87654322345:role/Role-I-Can-And-May"
  serverRegion  = "eu-west-1"

let creds = stsGet(myAccessKey, mySecretKey, serverRegion, role)

echo creds.AWS_ACCESS_KEY_ID
echo creds.AWS_SECRET_ACCESS_KEY
echo creds.AWS_SESSION_TOKEN

Reusable HttpClient pool

In version 2.1.0, an HTTP pool was implemented to handle HTTP requests. The pool includes monitoring of consecutive errors, age of clients, and number of requests. Based on these, the clients will be recycled.

The pool requires initialization with awsSTSInitHttpPool(size = 5).

The pool is enabled by default when using --threads:on (so always in Nim v2.x). The pool is disabled when using -d:disableAwsStsHttpPool and the method reverts back to using an individual HttpClient for each call.

When running single-threaded, the pool is disabled by default. To enable the pool, use -d:awsStsHttpPool.

On initialization, the pool will echo status. Disable this with -d:awsStsHttpPoolNoEcho.

Changelog

2.1.0

  • Added http pool for reusing http clients.
  • Made awsSTScreateASIA public, so the wrapper awsSTScreate is not needed.

v1.0.4

Replacing dependency sigv4 with awsSigV4. The allows us to ignore the dependency balls.

awsCredsMonitor() has been removed.