in Gems/AWSCore/Code/Source/Credential/AWSDefaultCredentialHandler.cpp [41:95]
std::shared_ptr<Aws::Auth::AWSCredentialsProvider> AWSDefaultCredentialHandler::GetCredentialsProvider()
{
{
AZStd::lock_guard<AZStd::mutex> credentialsLock{m_credentialMutex};
auto credentials = m_environmentCredentialsProvider->GetAWSCredentials();
if (!credentials.IsEmpty())
{
return m_environmentCredentialsProvider;
}
}
{
AZStd::lock_guard<AZStd::mutex> credentialsLock{m_credentialMutex};
AZStd::string newProfileName = "";
AWSCoreInternalRequestBus::BroadcastResult(newProfileName, &AWSCoreInternalRequests::GetProfileName);
if (newProfileName != m_profileName)
{
m_profileName = newProfileName;
SetProfileCredentialsProvider(Aws::MakeShared<Aws::Auth::ProfileConfigFileAWSCredentialsProvider>(
AWSDEFAULTCREDENTIALHANDLER_ALLOC_TAG, m_profileName.c_str()));
}
auto credentials = m_profileCredentialsProvider->GetAWSCredentials();
if (!credentials.IsEmpty())
{
return m_profileCredentialsProvider;
}
}
{
AZStd::lock_guard<AZStd::mutex> credentialsLock{ m_credentialMutex };
bool allowAWSMetadata = false;
AWSCoreInternalRequestBus::BroadcastResult(allowAWSMetadata, &AWSCoreInternalRequests::IsAllowedAWSMetadataCredentials);
if (allowAWSMetadata)
{
const auto ec2MetadataDisabled = Aws::Environment::GetEnv(AWS_EC2_METADATA_DISABLED);
if (Aws::Utils::StringUtils::ToLower(ec2MetadataDisabled.c_str()) != "true")
{
if (!m_instanceProfileCredentialsProvider)
{
SetInstanceProfileCredentialProvider(
Aws::MakeShared<Aws::Auth::InstanceProfileCredentialsProvider>(AWSDEFAULTCREDENTIALHANDLER_ALLOC_TAG));
}
auto credentials = m_instanceProfileCredentialsProvider->GetAWSCredentials();
if (!credentials.IsEmpty())
{
return m_instanceProfileCredentialsProvider;
}
}
}
}
return nullptr;
}