create prefix for assumeRoleArn (#459)

uswitch · Jul 7, 2021 · 8103483 · 8103483
1 parent aae2073
commit 8103483
Show file tree

Hide file tree

Showing 3 changed files with 10 additions and 4 deletions.
diff --git a/cmd/kiam/agent.go b/cmd/kiam/agent.go
@@ -89,7 +89,7 @@ func (opts *agentCommand) run() error {
 	b := kiamserver.NewKiamGatewayBuilder().WithAddress(opts.serverAddress).WithKeepAlive(opts.keepaliveParams)
 	_, err := b.WithTLS(opts.certificatePath, opts.keyPath, opts.caPath)
 	if err != nil {
-		log.Errorf("error configuring TLS: ", err.Error())
+		log.Errorf("error configuring TLS: %s", err.Error())
 		return err
 	}
 

diff --git a/pkg/aws/sts/cache.go b/pkg/aws/sts/cache.go
@@ -25,8 +25,6 @@ import (
 )
 
 type credentialsCache struct {
-	arnResolver     ARNResolver
-	baseARN         string
 	cache           *cache.Cache
 	expiring        chan *CachedCredentials
 	sessionName     string

diff --git a/pkg/server/server_builder.go b/pkg/server/server_builder.go
@@ -61,7 +61,15 @@ func (b *KiamServerBuilder) WithAWSSTSGateway() (*KiamServerBuilder, error) {
 	if err != nil {
 		return nil, err
 	}
-	cfg.WithCredentialsFromAssumedRole(sts.NewSTSCredentialsProvider(), b.config.AssumeRoleArn)
+	arnResolver, err := newRoleARNResolver(b.config)
+	if err != nil {
+		return nil, err
+	}
+	assumeRoleARN, err := arnResolver.Resolve(b.config.AssumeRoleArn)
+	if err != nil {
+		return nil, err
+	}
+	cfg.WithCredentialsFromAssumedRole(sts.NewSTSCredentialsProvider(), assumeRoleARN.ARN)
 	stsGateway, err := sts.DefaultGateway(cfg.Config())
 	if err != nil {
 		return nil, err