in src/Credential.php [86:178]
private function getCredentials($config)
{
if (is_null($config)) {
return new CredentialsProviderWrap('default', new DefaultCredentialsProvider());
}
switch ($config->type) {
case 'access_key':
$provider = new StaticAKCredentialsProvider([
'accessKeyId' => $config->accessKeyId,
'accessKeySecret' => $config->accessKeySecret,
]);
return new CredentialsProviderWrap('access_key', $provider);
case 'sts':
$provider = new StaticSTSCredentialsProvider([
'accessKeyId' => $config->accessKeyId,
'accessKeySecret' => $config->accessKeySecret,
'securityToken' => $config->securityToken,
]);
return new CredentialsProviderWrap('sts', $provider);
case 'bearer':
return new BearerTokenCredential($config->bearerToken);
case 'ram_role_arn':
if (!is_null($config->securityToken) && $config->securityToken !== '') {
$innerProvider = new StaticSTSCredentialsProvider([
'accessKeyId' => $config->accessKeyId,
'accessKeySecret' => $config->accessKeySecret,
'securityToken' => $config->securityToken,
]);
} else {
$innerProvider = new StaticAKCredentialsProvider([
'accessKeyId' => $config->accessKeyId,
'accessKeySecret' => $config->accessKeySecret,
]);
}
$provider = new RamRoleArnCredentialsProvider([
'credentialsProvider' => $innerProvider,
'roleArn' => $config->roleArn,
'roleSessionName' => $config->roleSessionName,
'policy' => $config->policy,
'durationSeconds' => $config->roleSessionExpiration,
'externalId' => $config->externalId,
'stsEndpoint' => $config->STSEndpoint,
], [
'connectTimeout' => $config->connectTimeout,
'readTimeout' => $config->readTimeout,
]);
return new CredentialsProviderWrap('ram_role_arn', $provider);
case 'rsa_key_pair':
$provider = new RsaKeyPairCredentialsProvider([
'publicKeyId' => $config->publicKeyId,
'privateKeyFile' => $config->privateKeyFile,
'durationSeconds' => $config->roleSessionExpiration,
'stsEndpoint' => $config->STSEndpoint,
], [
'connectTimeout' => $config->connectTimeout,
'readTimeout' => $config->readTimeout,
]);
return new CredentialsProviderWrap('rsa_key_pair', $provider);
case 'ecs_ram_role':
$provider = new EcsRamRoleCredentialsProvider([
'roleName' => $config->roleName,
'disableIMDSv1' => $config->disableIMDSv1,
], [
'connectTimeout' => $config->connectTimeout,
'readTimeout' => $config->readTimeout,
]);
return new CredentialsProviderWrap('ecs_ram_role', $provider);
case 'oidc_role_arn':
$provider = new OIDCRoleArnCredentialsProvider([
'roleArn' => $config->roleArn,
'oidcProviderArn' => $config->oidcProviderArn,
'oidcTokenFilePath' => $config->oidcTokenFilePath,
'roleSessionName' => $config->roleSessionName,
'policy' => $config->policy,
'durationSeconds' => $config->roleSessionExpiration,
'stsEndpoint' => $config->STSEndpoint,
], [
'connectTimeout' => $config->connectTimeout,
'readTimeout' => $config->readTimeout,
]);
return new CredentialsProviderWrap('oidc_role_arn', $provider);
case "credentials_uri":
$provider = new URLCredentialsProvider([
'credentialsURI' => $config->credentialsURI,
], [
'connectTimeout' => $config->connectTimeout,
'readTimeout' => $config->readTimeout,
]);
return new CredentialsProviderWrap('credentials_uri', $provider);
default:
throw new InvalidArgumentException('Unsupported credential type option: ' . $config->type . ', support: access_key, sts, bearer, ecs_ram_role, ram_role_arn, rsa_key_pair, oidc_role_arn, credentials_uri');
}
}