in src/aws-cpp-sdk-identity-management/source/auth/STSProfileCredentialsProvider.cpp [90:163]
static ProfileState CheckProfile(const Aws::Config::Profile& profile, bool topLevelProfile)
{
constexpr int STATIC_CREDENTIALS = 1;
constexpr int PROCESS_CREDENTIALS = 2;
constexpr int SOURCE_PROFILE = 4;
constexpr int ROLE_ARN = 8;
int state = 0;
if (!profile.GetCredentials().IsExpiredOrEmpty())
{
state += STATIC_CREDENTIALS;
}
if (!profile.GetCredentialProcess().empty())
{
state += PROCESS_CREDENTIALS;
}
if (!profile.GetSourceProfile().empty())
{
state += SOURCE_PROFILE;
}
if (!profile.GetRoleArn().empty())
{
state += ROLE_ARN;
}
if (topLevelProfile)
{
switch(state)
{
case 1:
return ProfileState::Static;
case 2:
return ProfileState::Process;
case 12: // just source profile && role arn available
return ProfileState::SourceProfile;
case 13: // static creds && source profile && role arn
if (profile.GetName() == profile.GetSourceProfile())
{
return ProfileState::SelfReferencing;
}
// source-profile over-rule static credentials in top-level profiles (except when self-referencing)
return ProfileState::SourceProfile;
default:
// All other cases are considered malformed configuration.
return ProfileState::Invalid;
}
}
else
{
switch(state)
{
case 1:
return ProfileState::Static;
case 2:
return ProfileState::Process;
case 12: // just source profile && role arn available
return ProfileState::SourceProfile;
case 13: // static creds && source profile && role arn
if (profile.GetName() == profile.GetSourceProfile())
{
return ProfileState::SelfReferencing;
}
return ProfileState::Static; // static credentials over-rule source-profile (except when self-referencing)
default:
// All other cases are considered malformed configuration.
return ProfileState::Invalid;
}
}
}