From 1d4d040a319d312bd1f6043b6be881ec8208cca5 Mon Sep 17 00:00:00 2001 From: Simon Sadedin Date: Sun, 25 Aug 2024 17:25:34 +1000 Subject: [PATCH] support SQS init from env, and use of temp session credentials --- .../AWSSQSNotificationChannel.groovy | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/src/main/groovy/bpipe/notification/AWSSQSNotificationChannel.groovy b/src/main/groovy/bpipe/notification/AWSSQSNotificationChannel.groovy index 343b6832..8b3276aa 100644 --- a/src/main/groovy/bpipe/notification/AWSSQSNotificationChannel.groovy +++ b/src/main/groovy/bpipe/notification/AWSSQSNotificationChannel.groovy @@ -19,6 +19,7 @@ import com.amazon.sqs.javamessaging.SQSConnectionFactory import com.amazonaws.auth.AWSCredentials import com.amazonaws.auth.AWSStaticCredentialsProvider import com.amazonaws.auth.BasicAWSCredentials +import com.amazonaws.auth.BasicSessionCredentials import com.amazonaws.services.sqs.AmazonSQSClientBuilder @Log @@ -63,6 +64,22 @@ class AWSSQSNotificationChannel extends JMSNotificationChannel { else throw new IllegalStateException("Profile $config.profile for SQS connection could not be found in your AWS credentials file") } + else + if(System.getenv('AWS_SECRET_ACCESS_KEY')) { + + if(System.getenv('AWS_SESSION_TOKEN')) { + credentials = new BasicSessionCredentials( + System.getenv('AWS_ACCESS_KEY_ID'), + System.getenv('AWS_SECRET_ACCESS_KEY'), + System.getenv('AWS_SESSION_TOKEN')) + + log.info("Using AWS SQS session credentials from environment") + } + else { + credentials = new BasicAWSCredentials(System.getenv('AWS_ACCESS_KEY_ID'),System.getenv('AWS_SECRET_ACCESS_KEY')); + log.info("Using AWS SQS fixed credentials from environment") + } + } if(credentials == null) { throw new IllegalStateException(