Wormhole Credentials Provider
Credentials provider for the AWS SDK which will fallback to the wormhole where no other credentials are available.
usage
add to project (not actually published yet!)
yarn add wormhole-credentials-providerand then do stuff
const AWS = ;const credentialsProvider = ; credentialsProvider ;running in debug
this will force a refresh once a minute
WCP_DEBUG=true node src/example.jsAWS Account number
export the account number your credentials will be generated from
export AWS_ACCOUNT_NUMBER=1234567890Certificates
If you have a .pem
export CERT_LOCATION=/path/to/your/combined/dev/cert.pemIf you have a .p12
export CERT_LOCATION=/path/to/your/combined/dev/cert.p12export CERT_PASSPHRASE=my_passwordIf you have an unencrypted .crt
export CERT_LOCATION=/path/to/your/dev/cert.crtexport CERT_KEY=/path/to/your/combined/dev/cert_key.keyIf the none of the above are found, the default service certificate locations will be used. This is useful if you are using this on an Cosmos launched EC2.
These are:
/etc/pki/tls/certs/client.crt/etc/pki/tls/private/client.keyHow do I change the AWS region ?
CPS Wormhole will look for the AWS_REGION environment variable. If it's not found, it will default to eu-west-1. Export the region you want if it differs from the default.
What is Wormhole and how do I get access?
Wormhole provides temporary credentials that can be used with Amazon’s AWS SDKs and APIs. The In the absence of other credentials types, this credentials provider will attempt to retrieve credentials Wormhole which are then used SDK calls.
You can access the wormhole docs here.
todo
- look at improving method to determine whether execution environment is AWS EC2
- check how we determine whether we are running in a lambda
- add a build script
- remove example
- move to the BBC organisation
- publish
- itegrate with one of our services which has a long-running process
- can we return the credentials provider array and set that in AWS config?
- proxy support
- swap out axios for a BBC shaped http client