Mercurial > prosody-modules
view mod_aws_profile/README.markdown @ 5406:b86d80e21c60
mod_http_oauth2: Validate consistency of response and grant types
Ensure that these correlated fields make sense per RFC 7591 ยง 2.1, even
though we currently only check the response type during authorization.
This could probably all be deleted if (when!) we remove the implicit
grant, since then these things don't make any sense anymore.
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Tue, 02 May 2023 16:34:31 +0200 |
| parents | 1d719d4ef18f |
| children |
line wrap: on
line source
# Introduction This module adds support for reading AWS IAM access credentials from EC2 instance metadata, to allow Prosody modules to gain role-based access to AWS services. # Configuring ``` {.lua} modules_enabled = { "aws_profile"; } ``` There is no other configuration. # Usage in other modules Other modules can import the credentials as a shared table: ``` {.lua} local aws_credentials = module:shared("/*/aws_profile/credentials"); do_something(aws_credentials.access_key, aws_credentials.secret_key); ``` Note that credentials are time-limited, and will change periodically. The shared table will automatically be updated. If you need to know when this happens, you can also hook the `'aws_profile/credentials-refreshed'` event: ``` {.lua} module:hook_global("aws_profile/credentials-refreshed", function (new_credentials) -- do something with new_credentials.access_key/secret_key end); ``` # Compatibility Meant for use with Prosody 0.11.x, may work in older versions.