From aa0358d155b023e62f0d7ae73b9beedd21953bbc Mon Sep 17 00:00:00 2001
From: Luca Comellini <luca.com@gmail.com>
Date: Wed, 28 Aug 2024 11:18:24 -0700
Subject: [PATCH] Add profile option for AWS (#730)

---
 cmd/sync/aws.go      | 64 +++++++++++++++++++++-----------------------
 cmd/sync/aws_test.go |  1 +
 examples/aws.md      |  2 ++
 3 files changed, 34 insertions(+), 33 deletions(-)

diff --git a/cmd/sync/aws.go b/cmd/sync/aws.go
index bd4fea40..11f8117c 100644
--- a/cmd/sync/aws.go
+++ b/cmd/sync/aws.go
@@ -4,11 +4,11 @@ import (
 	"context"
 	"errors"
 	"fmt"
-	"net/http"
 	"reflect"
 	"time"
 
 	"github.com/aws/aws-sdk-go-v2/aws"
+	"github.com/aws/aws-sdk-go-v2/aws/transport/http"
 	"github.com/aws/aws-sdk-go-v2/config"
 	"github.com/aws/aws-sdk-go-v2/feature/ec2/imds"
 	"github.com/aws/aws-sdk-go-v2/service/autoscaling"
@@ -31,26 +31,6 @@ func NewAWSClient(data []byte) (*AWSClient, error) {
 	if err != nil {
 		return nil, fmt.Errorf("error validating config: %w", err)
 	}
-
-	if cfg.Region == "self" {
-		httpClient := &http.Client{Timeout: connTimeoutInSecs * time.Second}
-
-		conf, loadErr := config.LoadDefaultConfig(context.TODO())
-		if loadErr != nil {
-			return nil, fmt.Errorf("unable to load default AWS config: %w", loadErr)
-		}
-
-		client := imds.NewFromConfig(conf, func(o *imds.Options) {
-			o.HTTPClient = httpClient
-		})
-
-		response, regionErr := client.GetRegion(context.TODO(), &imds.GetRegionInput{})
-		if regionErr != nil {
-			return nil, fmt.Errorf("unable to retrieve region from ec2metadata: %w", regionErr)
-		}
-		cfg.Region = response.Region
-	}
-
 	awsClient.config = cfg
 
 	err = awsClient.configure()
@@ -83,22 +63,40 @@ func (client *AWSClient) GetUpstreams() []Upstream {
 
 // configure configures the AWSClient with necessary parameters.
 func (client *AWSClient) configure() error {
-	httpClient := &http.Client{Timeout: connTimeoutInSecs * time.Second}
+	httpClient := http.NewBuildableClient().WithTimeout(connTimeoutInSecs * time.Second)
+
+	if client.config.Region == "self" {
+		conf, loadErr := config.LoadDefaultConfig(
+			context.TODO(),
+			config.WithSharedConfigProfile(client.config.Profile),
+			config.WithHTTPClient(httpClient),
+		)
+		if loadErr != nil {
+			return fmt.Errorf("unable to load default AWS config: %w", loadErr)
+		}
 
-	cfg, err := config.LoadDefaultConfig(context.TODO())
+		imdClient := imds.NewFromConfig(conf)
+
+		response, regionErr := imdClient.GetRegion(context.TODO(), &imds.GetRegionInput{})
+		if regionErr != nil {
+			return fmt.Errorf("unable to retrieve region from ec2metadata: %w", regionErr)
+		}
+		client.config.Region = response.Region
+	}
+
+	cfg, err := config.LoadDefaultConfig(
+		context.TODO(),
+		config.WithSharedConfigProfile(client.config.Profile),
+		config.WithRegion(client.config.Region),
+		config.WithHTTPClient(httpClient),
+	)
 	if err != nil {
 		return fmt.Errorf("unable to load default AWS config: %w", err)
 	}
 
-	client.svcEC2 = ec2.NewFromConfig(cfg, func(o *ec2.Options) {
-		o.Region = client.config.Region
-		o.HTTPClient = httpClient
-	})
+	client.svcEC2 = ec2.NewFromConfig(cfg)
 
-	client.svcAutoscaling = autoscaling.NewFromConfig(cfg, func(o *autoscaling.Options) {
-		o.Region = client.config.Region
-		o.HTTPClient = httpClient
-	})
+	client.svcAutoscaling = autoscaling.NewFromConfig(cfg)
 
 	return nil
 }
@@ -239,10 +237,10 @@ func prepareBatches(maxItems int, items []string) [][]string {
 	return batches
 }
 
-// Configuration for AWS Cloud Provider
-
+// Configuration for AWS Cloud Provider.
 type awsConfig struct {
 	Region    string        `yaml:"region"`
+	Profile   string        `yaml:"profile"`
 	Upstreams []awsUpstream `yaml:"upstreams"`
 }
 
diff --git a/cmd/sync/aws_test.go b/cmd/sync/aws_test.go
index 969c7055..ce84dd02 100644
--- a/cmd/sync/aws_test.go
+++ b/cmd/sync/aws_test.go
@@ -22,6 +22,7 @@ func getValidAWSConfig() *awsConfig {
 	cfg := awsConfig{
 		Region:    "us-west-2",
 		Upstreams: upstreams,
+		Profile:   "default",
 	}
 
 	return &cfg
diff --git a/examples/aws.md b/examples/aws.md
index 42896b6c..607ff1da 100644
--- a/examples/aws.md
+++ b/examples/aws.md
@@ -27,6 +27,7 @@ region: us-west-2
 api_endpoint: http://127.0.0.1:8080/api
 sync_interval: 5s
 cloud_provider: AWS
+profile: default
 upstreams:
  - name: backend-one
    autoscaling_group: backend-one-group
@@ -54,6 +55,7 @@ upstreams:
   empty if using AWS. Possible values are: `AWS`, `Azure`.
 - The `region` key defines the AWS region where we deploy NGINX Plus and the Auto Scaling groups. Setting `region` to
   `self` will use the EC2 Metadata service to retrieve the region of the current instance.
+- The optional `profile` key specifies the AWS profile to use.
 - The `upstreams` key defines the list of upstream groups. For each upstream group we specify:
   - `name` – The name we specified for the upstream block in the NGINX Plus configuration.
   - `autoscaling_group` – The name of the corresponding Auto Scaling group. Use of wildcards is supported. For example,