func()

in sdk/auth/credentials/credentials.go [533:606]


func (builder *RAMRoleARNCredentialsProviderBuilder) Build() (provider *RAMRoleARNCredentialsProvider, err error) {
	if builder.provider.credentialsProvider == nil {
		if builder.provider.accessKeyId != "" && builder.provider.accessKeySecret != "" && builder.provider.securityToken != "" {
			builder.provider.credentialsProvider, err = NewStaticSTSCredentialsProviderBuilder().
				WithAccessKeyId(builder.provider.accessKeyId).
				WithAccessKeySecret(builder.provider.accessKeySecret).
				WithSecurityToken(builder.provider.securityToken).
				Build()
			if err != nil {
				return
			}
		} else if builder.provider.accessKeyId != "" && builder.provider.accessKeySecret != "" {
			builder.provider.credentialsProvider, err = NewStaticAKCredentialsProviderBuilder().
				WithAccessKeyId(builder.provider.accessKeyId).
				WithAccessKeySecret(builder.provider.accessKeySecret).
				Build()
			if err != nil {
				return
			}
		} else {
			err = errors.NewClientError(errors.InvalidParamErrorCode, "Must specify a previous credentials provider to assume role", nil)
			return
		}
	}

	if builder.provider.roleArn == "" {
		if roleArn := os.Getenv("ALIBABA_CLOUD_ROLE_ARN"); roleArn != "" {
			builder.provider.roleArn = roleArn
		} else {
			err = errors.NewClientError(errors.InvalidParamErrorCode, "The RoleArn is empty", nil)
			return
		}
	}

	if builder.provider.roleSessionName == "" {
		if roleSessionName := os.Getenv("ALIBABA_CLOUD_ROLE_SESSION_NAME"); roleSessionName != "" {
			builder.provider.roleSessionName = roleSessionName
		} else {
			builder.provider.roleSessionName = "aliyun-go-sdk-" + strconv.FormatInt(time.Now().UnixNano()/1000, 10)
		}
	}

	// duration seconds
	if builder.provider.durationSeconds == 0 {
		// default to 3600
		builder.provider.durationSeconds = 3600
	}

	if builder.provider.durationSeconds < 900 {
		err = errors.NewClientError(errors.InvalidParamErrorCode, "Session duration should be in the range of 900s - max session duration", nil)
		return
	}

	// sts endpoint
	if builder.provider.stsEndpoint == "" {
		if !builder.provider.enableVpc {
			builder.provider.enableVpc = strings.ToLower(os.Getenv("ALIBABA_CLOUD_VPC_ENDPOINT_ENABLED")) == "true"
		}
		prefix := "sts"
		if builder.provider.enableVpc {
			prefix = "sts-vpc"
		}
		if builder.provider.stsRegion != "" {
			builder.provider.stsEndpoint = fmt.Sprintf("%s.%s.aliyuncs.com", prefix, builder.provider.stsRegion)
		} else if region := os.Getenv("ALIBABA_CLOUD_STS_REGION"); region != "" {
			builder.provider.stsEndpoint = fmt.Sprintf("%s.%s.aliyuncs.com", prefix, region)
		} else {
			builder.provider.stsEndpoint = "sts.aliyuncs.com"
		}
	}

	provider = builder.provider
	return
}