Skip to content

Add CloudShell and environment variable credential support #301

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 2 commits into
base: master
Choose a base branch
from
Open

Add CloudShell and environment variable credential support #301

wants to merge 2 commits into from

Conversation

dap0am
Copy link

@dap0am dap0am commented Aug 1, 2025

Summary

• Implements CloudShell metadata endpoint support using IMDSv2-like flow at localhost:1338
• Adds support for standard AWS environment variables (AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, AWS_SESSION_TOKEN)
• Integrates both credential providers into the existing credential chain with comprehensive test coverage

Changes

  • CloudShell support: Token-based authentication flow for CloudShell metadata endpoint
  • Environment variables: Support for AWS credential environment variables with optional session token
  • Testing: 12 new comprehensive tests covering success/failure scenarios for both credential methods
  • Integration: Seamless integration into existing credential provider chain without breaking changes

Test Results

All tests pass (32 total: 20 existing + 12 new)

Test plan

  • Unit tests for CloudShell credential retrieval (success/failure scenarios)
  • Unit tests for environment variable credential retrieval (with/without session token)
  • Integration tests confirming both methods work in the main credential chain
  • Existing tests continue to pass with mock updates
  • Manual testing in development environment

Fixes #285

dap0am added 2 commits August 2, 2025 00:48
@dap0am
Add CloudShell and environment variable credential support
c25e330 
Implements CloudShell metadata endpoint support using IMDSv2-like flow
with token-based authentication at localhost:1338. Also adds support
for standard AWS environment variables (AWS_ACCESS_KEY_ID,
AWS_SECRET_ACCESS_KEY, AWS_SESSION_TOKEN).

Both credential providers are integrated into the existing credential
chain with comprehensive test coverage. Addresses issue aws#285.
@dap0am
Fix inline comments to remove possessive language
c70e413
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Feature Request: Better CloudShell credential support
1 participant
@dap0am