aws_credential_types/
provider.rs

1/*
2 * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
3 * SPDX-License-Identifier: Apache-2.0
4 */
5
6//! AWS SDK Credentials
7//!
8//! ## Implementing your own credentials provider
9//!
10//! While for many use cases, using a built in credentials provider is sufficient, you may want to
11//! implement your own credential provider.
12//!
13//! ### With static credentials
14//!
15//! _Note: In general, you should prefer to use the credential providers that come
16//! with the AWS SDK to get credentials. It is __NOT__ secure to hardcode credentials
17//! into your application. Only use this approach if you really know what you're doing._
18//!
19#![cfg_attr(
20    feature = "hardcoded-credentials",
21    doc = r##"
22See [`Credentials::from_keys`](crate::Credentials::from_keys) for an example on how to use static credentials.
23    "##
24)]
25#![cfg_attr(
26    not(feature = "hardcoded-credentials"),
27    doc = r##"
28Enable the `hardcoded-credentials` feature to be able to use `Credentials::from_keys` to
29construct credentials from hardcoded values.
30    "##
31)]
32
33//!
34//! ### With dynamically loaded credentials
35//! If you are loading credentials dynamically, you can provide your own implementation of
36//! [`ProvideCredentials`](crate::provider::ProvideCredentials). Generally, this is best done by
37//! defining an inherent `async fn` on your structure, then calling that method directly from
38//! the trait implementation.
39//! ```rust
40//! use aws_credential_types::{
41//!     provider::{self, future, error::CredentialsError, ProvideCredentials},
42//!     Credentials,
43//! };
44//! #[derive(Debug)]
45//! struct SubprocessCredentialProvider;
46//!
47//! async fn invoke_command(command: &str) -> String {
48//!     // implementation elided...
49//!     # String::from("some credentials")
50//! }
51//!
52//! /// Parse access key and secret from the first two lines of a string
53//! fn parse_credentials(creds: &str) -> provider::Result {
54//!     let mut lines = creds.lines();
55//!     let akid = lines.next().ok_or(CredentialsError::provider_error("invalid credentials"))?;
56//!     let secret = lines.next().ok_or(CredentialsError::provider_error("invalid credentials"))?;
57//!     Ok(Credentials::new(akid, secret, None, None, "CustomCommand"))
58//! }
59//!
60//! impl SubprocessCredentialProvider {
61//!     async fn load_credentials(&self) -> provider::Result {
62//!         let creds = invoke_command("load-credentials.py").await;
63//!         parse_credentials(&creds)
64//!     }
65//! }
66//!
67//! impl ProvideCredentials for SubprocessCredentialProvider {
68//!     fn provide_credentials<'a>(&'a self) -> future::ProvideCredentials<'a> where Self: 'a {
69//!         future::ProvideCredentials::new(self.load_credentials())
70//!     }
71//! }
72//! ```
73
74mod credentials;
75pub mod error;
76pub mod future;
77pub mod token;
78
79pub use credentials::{ProvideCredentials, Result, SharedCredentialsProvider};