in aws_secretsmanager_agent/src/config.rs [293:345]
fn build(config_file: ConfigFile) -> Result<Config, Box<dyn std::error::Error>> {
let config = Config {
// Configurations that are allowed to be overridden.
log_level: LogLevel::from_str(config_file.log_level.as_str())?,
log_to_file: config_file.log_to_file,
http_port: parse_num::<u16>(
&config_file.http_port,
INVALID_HTTP_PORT_ERR_MSG,
None,
Some(1..1024),
)?,
ttl: Duration::from_secs(parse_num::<u64>(
&config_file.ttl_seconds,
INVALID_TTL_SECONDS_ERR_MSG,
Some(0..3601),
None,
)?),
cache_size: match NonZeroUsize::new(parse_num::<usize>(
&config_file.cache_size,
INVALID_CACHE_SIZE_ERR_MSG,
Some(0..1001),
None,
)?) {
Some(x) => x,
None => Err(INVALID_CACHE_SIZE_ERR_MSG)?,
},
ssrf_headers: config_file.ssrf_headers,
ssrf_env_variables: config_file.ssrf_env_variables,
path_prefix: config_file.path_prefix,
max_conn: parse_num::<usize>(
&config_file.max_conn,
BAD_MAX_CONN_MSG,
Some(1..1001),
None,
)?,
region: config_file.region,
ignore_transient_errors: config_file.ignore_transient_errors,
validate_credentials: config_file.validate_credentials,
};
// Additional validations.
if config.ssrf_headers.is_empty() {
Err(EMPTY_SSRF_LIST_MSG)?;
}
if config.ssrf_env_variables.is_empty() {
Err(EMPTY_ENV_LIST_MSG)?;
}
if !config.path_prefix.starts_with('/') {
Err(BAD_PREFIX_MSG)?;
}
Ok(config)
}