process

Credential-process provider. Runs an external command and reads JSON credentials from its standard output, per the AWS CLI’s credential_process spec.

Expected output: { “Version”: 1, “AccessKeyId”: “…”, “SecretAccessKey”: “…”, “SessionToken”: “…”, // optional “Expiration”: “ISO 8601 Z” // optional; absent = non-expiring }

Types

Error

</>

pub type Error {
  LaunchFailed(reason: String)
  BadOutput(reason: String)
}

Constructors

```
LaunchFailed(reason: String)
```
We could not even start the configured command.
```
BadOutput(reason: String)
```
The command ran but produced an unexpected exit code or output.

ProcessCredentials

</>

pub type ProcessCredentials {
  ProcessCredentials(
    access_key_id: String,
    secret_access_key: String,
    session_token: option.Option(String),
    expires_at: option.Option(Int),
  )
}

Constructors

ProcessCredentials(
  access_key_id: String,
  secret_access_key: String,
  session_token: option.Option(String),
  expires_at: option.Option(Int),
)

Runner

</>

pub type Runner =
  fn(String, List(String)) -> Result(#(Int, BitArray), Nil)

Values

fetch

</>

pub fn fetch(
  runner: fn(String, List(String)) -> Result(
    #(Int, BitArray),
    Nil,
  ),
  command: String,
) -> Result(ProcessCredentials, Error)

Run the given command line and decode its stdout as credential-process JSON. command is the verbatim string from credential_process; we split it on whitespace into program + arguments before launch.