prosody-modules: mod_aws_profile/README.markdown@0f5f2d4475b9 (annotated)

3702 1d719d4ef18f mod_aws_profile: New module for role-based access to AWS APIs Matthew Wild <mwild1@gmail.com> parents: diff changeset	1	# Introduction
1d719d4ef18f mod_aws_profile: New module for role-based access to AWS APIs Matthew Wild <mwild1@gmail.com> parents: diff changeset	2
1d719d4ef18f mod_aws_profile: New module for role-based access to AWS APIs Matthew Wild <mwild1@gmail.com> parents: diff changeset	3	This module adds support for reading AWS IAM access credentials from EC2 instance metadata,
1d719d4ef18f mod_aws_profile: New module for role-based access to AWS APIs Matthew Wild <mwild1@gmail.com> parents: diff changeset	4	to allow Prosody modules to gain role-based access to AWS services.
1d719d4ef18f mod_aws_profile: New module for role-based access to AWS APIs Matthew Wild <mwild1@gmail.com> parents: diff changeset	5
1d719d4ef18f mod_aws_profile: New module for role-based access to AWS APIs Matthew Wild <mwild1@gmail.com> parents: diff changeset	6	# Configuring
1d719d4ef18f mod_aws_profile: New module for role-based access to AWS APIs Matthew Wild <mwild1@gmail.com> parents: diff changeset	7
1d719d4ef18f mod_aws_profile: New module for role-based access to AWS APIs Matthew Wild <mwild1@gmail.com> parents: diff changeset	8	``` {.lua}
1d719d4ef18f mod_aws_profile: New module for role-based access to AWS APIs Matthew Wild <mwild1@gmail.com> parents: diff changeset	9	modules_enabled = {
1d719d4ef18f mod_aws_profile: New module for role-based access to AWS APIs Matthew Wild <mwild1@gmail.com> parents: diff changeset	10	"aws_profile";
1d719d4ef18f mod_aws_profile: New module for role-based access to AWS APIs Matthew Wild <mwild1@gmail.com> parents: diff changeset	11	}
1d719d4ef18f mod_aws_profile: New module for role-based access to AWS APIs Matthew Wild <mwild1@gmail.com> parents: diff changeset	12	```
1d719d4ef18f mod_aws_profile: New module for role-based access to AWS APIs Matthew Wild <mwild1@gmail.com> parents: diff changeset	13
1d719d4ef18f mod_aws_profile: New module for role-based access to AWS APIs Matthew Wild <mwild1@gmail.com> parents: diff changeset	14	There is no other configuration.
1d719d4ef18f mod_aws_profile: New module for role-based access to AWS APIs Matthew Wild <mwild1@gmail.com> parents: diff changeset	15
1d719d4ef18f mod_aws_profile: New module for role-based access to AWS APIs Matthew Wild <mwild1@gmail.com> parents: diff changeset	16	# Usage in other modules
1d719d4ef18f mod_aws_profile: New module for role-based access to AWS APIs Matthew Wild <mwild1@gmail.com> parents: diff changeset	17
1d719d4ef18f mod_aws_profile: New module for role-based access to AWS APIs Matthew Wild <mwild1@gmail.com> parents: diff changeset	18	Other modules can import the credentials as a shared table:
1d719d4ef18f mod_aws_profile: New module for role-based access to AWS APIs Matthew Wild <mwild1@gmail.com> parents: diff changeset	19
1d719d4ef18f mod_aws_profile: New module for role-based access to AWS APIs Matthew Wild <mwild1@gmail.com> parents: diff changeset	20	``` {.lua}
1d719d4ef18f mod_aws_profile: New module for role-based access to AWS APIs Matthew Wild <mwild1@gmail.com> parents: diff changeset	21	local aws_credentials = module:shared("/*/aws_profile/credentials");
1d719d4ef18f mod_aws_profile: New module for role-based access to AWS APIs Matthew Wild <mwild1@gmail.com> parents: diff changeset	22	do_something(aws_credentials.access_key, aws_credentials.secret_key);
1d719d4ef18f mod_aws_profile: New module for role-based access to AWS APIs Matthew Wild <mwild1@gmail.com> parents: diff changeset	23	```
1d719d4ef18f mod_aws_profile: New module for role-based access to AWS APIs Matthew Wild <mwild1@gmail.com> parents: diff changeset	24
1d719d4ef18f mod_aws_profile: New module for role-based access to AWS APIs Matthew Wild <mwild1@gmail.com> parents: diff changeset	25	Note that credentials are time-limited, and will change periodically. The
1d719d4ef18f mod_aws_profile: New module for role-based access to AWS APIs Matthew Wild <mwild1@gmail.com> parents: diff changeset	26	shared table will automatically be updated. If you need to know when this
1d719d4ef18f mod_aws_profile: New module for role-based access to AWS APIs Matthew Wild <mwild1@gmail.com> parents: diff changeset	27	happens, you can also hook the `'aws_profile/credentials-refreshed'` event:
1d719d4ef18f mod_aws_profile: New module for role-based access to AWS APIs Matthew Wild <mwild1@gmail.com> parents: diff changeset	28
1d719d4ef18f mod_aws_profile: New module for role-based access to AWS APIs Matthew Wild <mwild1@gmail.com> parents: diff changeset	29	``` {.lua}
1d719d4ef18f mod_aws_profile: New module for role-based access to AWS APIs Matthew Wild <mwild1@gmail.com> parents: diff changeset	30	module:hook_global("aws_profile/credentials-refreshed", function (new_credentials)
1d719d4ef18f mod_aws_profile: New module for role-based access to AWS APIs Matthew Wild <mwild1@gmail.com> parents: diff changeset	31	-- do something with new_credentials.access_key/secret_key
1d719d4ef18f mod_aws_profile: New module for role-based access to AWS APIs Matthew Wild <mwild1@gmail.com> parents: diff changeset	32	end);
1d719d4ef18f mod_aws_profile: New module for role-based access to AWS APIs Matthew Wild <mwild1@gmail.com> parents: diff changeset	33	```
1d719d4ef18f mod_aws_profile: New module for role-based access to AWS APIs Matthew Wild <mwild1@gmail.com> parents: diff changeset	34
1d719d4ef18f mod_aws_profile: New module for role-based access to AWS APIs Matthew Wild <mwild1@gmail.com> parents: diff changeset	35	# Compatibility
1d719d4ef18f mod_aws_profile: New module for role-based access to AWS APIs Matthew Wild <mwild1@gmail.com> parents: diff changeset	36
1d719d4ef18f mod_aws_profile: New module for role-based access to AWS APIs Matthew Wild <mwild1@gmail.com> parents: diff changeset	37	Meant for use with Prosody 0.11.x, may work in older versions.

author	Matthew Wild <mwild1@gmail.com>
	Tue, 18 Jan 2022 17:01:18 +0000
changeset 4880	0f5f2d4475b9
parent 3702	1d719d4ef18f
permissions	-rw-r--r--