bosh-registry 1.3074.0 → 1.3087.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 97de729d8bf32a6a9100db0cfae9d6000b9f5abe
-  data.tar.gz: 02776e6ef6c5b061c189dfec19160851082f0678
+  metadata.gz: f00a7d3c4c404d4476a44d2f6d7222c615f2faae
+  data.tar.gz: ade5cfa2fc3e6e38a8fafeb77b1016620ef89502
 SHA512:
-  metadata.gz: a4a374a6ec8252edbcbe7dedd5acc74f102e59c530488bdb8ccde81f78126ea122dbb55c01337d532f55cfc3951b72d2654a40072b4c72ec63d427c6e79a155d
-  data.tar.gz: 769612516555cc65d4d83562117fd22a2d469bdfe1f3e1194613574bdab1a735a759683d8cf00426f89552d446a27020108d9f7ee201de8633584a5071b579d0
+  metadata.gz: 01f2e826f55f57285d07461550096064ffa8e2ec43d566eb1bf06f7251d87ebb2aa86616a5c189a976b13d28cd268f0f6628a270d5240a7560517d576af2a911
+  data.tar.gz: 4c7272ead1ef067882f8d7240686c78967639d6017f174eed372b5bd773ff184309db8816a034eb8b6e1a7db5c971b50b6ae0f09d83ce2124ef2babf35e56268

data/README.md

@@ -52,12 +52,14 @@ the IP addresses belonging to a instances:
 
 These are the credentials to connect to AWS services:
 
-* `access_key_id` (required)
-  IAM Access Key ID
-* `secret_access_key` (required)
-  AWS IAM Secret Access Key
 * `region` (required)
   AWS EC2 Region
+* `credentials_source` (optional)
+  Where to get AWS credentials. This can be set to `static` for to use an `access_key_id` and `secret_access_key` or `env_or_profile` to get the credentials from environment variables or an EC2 instance profile. Defaults to `static` if not set.
+* `access_key_id` (optional, required when `credentials_source` is `static`)
+  AWS IAM user access key
+* `secret_access_key` (optional, required when `credentials_source` is `static`)
+  AWS IAM secret access key
 * `max_retries` (optional, defaults to 2)
   Max number of retries to connect to AWS
 
@@ -107,4 +109,4 @@ This is a sample of an Bosh Registry configuration file:
         api_key: bar
         tenant: foo
         domain: bar
-        region:
+        region:

data/lib/bosh/registry/instance_manager/aws.rb

@@ -15,14 +15,14 @@ module Bosh::Registry
 
         @aws_properties = cloud_config["aws"]
         @aws_options = {
-          :access_key_id => @aws_properties["access_key_id"],
-          :secret_access_key => @aws_properties["secret_access_key"],
           :max_retries => @aws_properties["max_retries"] || AWS_MAX_RETRIES,
           :ec2_endpoint => @aws_properties['ec2_endpoint'] || "ec2.#{@aws_properties['region']}.amazonaws.com",
           :logger => @logger
         }
         # configure optional parameters
         %w(
+          access_key_id
+          secret_access_key
           ssl_verify_peer
           ssl_ca_file
           ssl_ca_path
@@ -30,17 +30,45 @@ module Bosh::Registry
           @aws_options[k.to_sym] = @aws_properties[k] unless @aws_properties[k].nil?
         end
 
+        # credentials_source could be static (default) or env_or_profile
+        # static credentials must be included in aws_properties
+        # env_or_profile credentials will use the AWS DefaultCredentialsProvider
+        # to find AWS credentials in environment variables or EC2 instance profiles
+
+        if cloud_config['aws']['credentials_source'] == 'static' || cloud_config['aws']['credentials_source'].nil?
+          @aws_options[:access_key_id] = cloud_config['aws']['access_key_id']
+          @aws_options[:secret_access_key] = cloud_config['aws']['secret_access_key']
+        end
+
         @ec2 = AWS::EC2.new(@aws_options)
       end
 
       def validate_options(cloud_config)
         unless cloud_config.has_key?("aws") &&
             cloud_config["aws"].is_a?(Hash) &&
-            cloud_config["aws"]["access_key_id"] &&
-            cloud_config["aws"]["secret_access_key"] &&
             cloud_config["aws"]["region"]
           raise ConfigError, "Invalid AWS configuration parameters"
         end
+
+        credentials_source = cloud_config['aws']['credentials_source'] || 'static'
+
+        if credentials_source != 'env_or_profile' && credentials_source != 'static'
+          raise ConfigError, "Unknown credentials_source #{credentials_source}"
+        end
+
+        if credentials_source == 'static'
+          if cloud_config["aws"]["access_key_id"].nil? || cloud_config["aws"]["secret_access_key"].nil?
+              raise ConfigError, "Must use access_key_id and secret_access_key with static credentials_source"
+          end
+        end
+
+        if credentials_source == 'env_or_profile'
+          if cloud_config["aws"]["access_key_id"] || cloud_config["aws"]["secret_access_key"]
+              raise ConfigError, "Can't use access_key_id and secret_access_key with env_or_profile credentials_source"
+          end
+        end
+
+
       end
 
       # Get the list of IPs belonging to this instance
@@ -59,4 +87,4 @@ module Bosh::Registry
 
   end
 
-end
+end

data/lib/bosh/registry/version.rb

@@ -1,5 +1,5 @@
 module Bosh
   module Registry
-    VERSION = '1.3074.0'
+    VERSION = '1.3087.0'
   end
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: bosh-registry
 version: !ruby/object:Gem::Version
-  version: 1.3074.0
+  version: 1.3087.0
 platform: ruby
 authors:
 - VMware
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2015-09-19 00:00:00.000000000 Z
+date: 2015-09-25 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: sequel
@@ -114,14 +114,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 1.3074.0
+        version: 1.3087.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 1.3074.0
+        version: 1.3087.0
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement