NAME

Amazon::S3::Thin::Credentials - AWS credentials data container

SYNOPSIS

    my $credentials = Amazon::S3::Thin::Credentials->new(
        $aws_access_key_id, $aws_secret_access_key,
        # optional:
        $aws_session_token
    );
    
    my $key = $credentials->access_key_id();
    my $secret = $credentials->secret_access_key();
    my $session_token = $credentials->session_token();

1;

DESCRIPTION

This module contains AWS credentials and provide getters to the data.

    # Load from arguments
    my $creds = Amazon::S3::Thin::Credentials->new($access_key, $secret_key, $session_token);

    # Load from environment
    my $creds = Amazon::S3::Thin::Credentials->from_env;

    # Load from instance profile
    my $creds = Amazon::S3::Thin::Credentials->from_instance(role => 'foo', version => 2);

from_env()

Instantiate Amazon::S3::Thin::Credentials and attempts to populate the credentials from current environment.

Croaks if either AWS_ACCESS_KEY_ID or AWS_SECRET_ACCESS_KEY are not set but supports the optional AWS_SESSION_TOKEN variable.

    my $creds = Amazon::S3::Thin::Credentials->from_env;

from_metadata()

Instantiate Amazon::S3::Thin::Credentials and attempts to populate the credentials from the EC2 metadata service. An instance can have multiple IAM roles applied so you may optionally specify a role, otherwise the first one will be used.

In November 2019 AWS released version 2 of the instance metadata service which is more secure against Server Side Request Forgery attacks. Using v2 is highly recommended thus it is the default here.

    my $creds = Amazon::S3::Thin::Credentials->from_instance(
        role => 'foo',      # The name of the IAM role on the instance
        version => 2        # Metadata service version - either 1 or 2
    );

access_key_id()

Returns access_key_id

secret_access_key()

Returns secret_access_key

session_token()

Returns session_token