Expose AWS env vars for web identity token file (#1774)

Signed-off-by: Le Tran <le.tran@kasten.io> Signed-off-by: Le Tran <le.tran@kasten.io> Co-authored-by: Le Tran <le.tran@kasten.io> Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
kanisterio · Dec 7, 2022 · a41c00b · a41c00b
1 parent 65c7cea
commit a41c00b
Showing 1 changed file with 6 additions and 6 deletions.
diff --git a/pkg/aws/aws.go b/pkg/aws/aws.go
@@ -55,8 +55,8 @@ const (
 	Region = "AWS_REGION"
 
 	// From AWS SDK "aws/session/env_config.go"
-	webIdentityTokenFilePathEnvKey = "AWS_WEB_IDENTITY_TOKEN_FILE"
-	roleARNEnvKey                  = "AWS_ROLE_ARN"
+	WebIdentityTokenFilePathEnvKey = "AWS_WEB_IDENTITY_TOKEN_FILE"
+	RoleARNEnvKey                  = "AWS_ROLE_ARN"
 
 	// TODO: Make this configurable via `config`
 	AssumeRoleDurationDefault = 60 * time.Minute
@@ -108,7 +108,7 @@ func authenticateAWSCredentials(
 		return nil, "", err
 	}
 	if creds != nil {
-		return creds, os.Getenv(roleARNEnvKey), nil
+		return creds, os.Getenv(RoleARNEnvKey), nil
 	}
 
 	return nil, "", errors.New("Missing AWS credentials, please check that either AWS access keys or web identity token are provided")
@@ -140,13 +140,13 @@ func fetchWebIdentityTokenFromConfig(config map[string]string, assumeRoleDuratio
 }
 
 func fetchWebIdentityTokenFromFile(assumeRoleDuration time.Duration) (*credentials.Credentials, error) {
-	if os.Getenv(webIdentityTokenFilePathEnvKey) == "" || os.Getenv(roleARNEnvKey) == "" {
+	if os.Getenv(WebIdentityTokenFilePathEnvKey) == "" || os.Getenv(RoleARNEnvKey) == "" {
 		return nil, nil
 	}
 
 	creds, err := getCredentialsWithDuration(
-		os.Getenv(roleARNEnvKey),
-		stscreds.FetchTokenPath(os.Getenv(webIdentityTokenFilePathEnvKey)),
+		os.Getenv(RoleARNEnvKey),
+		stscreds.FetchTokenPath(os.Getenv(WebIdentityTokenFilePathEnvKey)),
 		assumeRoleDuration,
 	)
 	if err != nil {