generated from jsynowiec/node-typescript-boilerplate
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Adding an example script that polls a real account with STS credentials.
- Loading branch information
Showing
7 changed files
with
319 additions
and
22 deletions.
There are no files selected for viewing
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,75 @@ | ||
| import { Poller } from '../src/poller.js'; | ||
| import { AppConfigDataClient } from '@aws-sdk/client-appconfigdata'; | ||
| import { parse } from 'yaml'; | ||
| import { fromTemporaryCredentials } from '@aws-sdk/credential-providers'; | ||
| import { STSClient, GetCallerIdentityCommand } from '@aws-sdk/client-sts'; | ||
| import { AwsCredentialIdentity, Provider } from '@smithy/types'; | ||
|
|
||
| /** | ||
| * This is a made-up format, corresponding to an AppConfig profile | ||
| * that I created in my personal AWS account for testing. | ||
| */ | ||
| interface SampleFormat { | ||
| Content: { | ||
| description: string; | ||
| advantages: string[]; | ||
| }; | ||
| } | ||
|
|
||
| /** | ||
| * This helps me avoid mentioning my AWS account id in a public repo. | ||
| * https://stackoverflow.com/a/74546015 | ||
| * | ||
| * Normally there's no need for this. | ||
| */ | ||
| const getAWSAccountId = async (): Promise<string> => { | ||
| const response = await new STSClient().send(new GetCallerIdentityCommand({})); | ||
| return String(response.Account); | ||
| }; | ||
|
|
||
| /** | ||
| * I'm using a temporary credentials provider (based on STS assumeRole) | ||
| * to give confidence that the credentials will refresh themselves after | ||
| * the duration expires. | ||
| */ | ||
| const getCredentialsProvider = ( | ||
| awsAccountId: string, | ||
| ): Provider<AwsCredentialIdentity> => { | ||
| return fromTemporaryCredentials({ | ||
| params: { | ||
| // This is a role I created in my personal AWS account for testing. | ||
| RoleArn: `arn:aws:iam::${awsAccountId}:role/AppConfigReader`, | ||
| DurationSeconds: 900, | ||
| }, | ||
| }); | ||
| }; | ||
|
|
||
| const dataClient = new AppConfigDataClient({ | ||
| credentials: getCredentialsProvider(await getAWSAccountId()), | ||
| }); | ||
|
|
||
| const poller = new Poller<SampleFormat>({ | ||
| dataClient: dataClient, | ||
| sessionConfig: { | ||
| // These refer to an AppConfig profile I created in my personal | ||
| // AWS account for testing. | ||
| ApplicationIdentifier: 'PollerTest', | ||
| EnvironmentIdentifier: 'Live', | ||
| ConfigurationProfileIdentifier: 'YamlTest', | ||
| }, | ||
| configTransformer: (s): SampleFormat => parse(s), | ||
| logger: console.log, | ||
| pollIntervalSeconds: 60, | ||
| }); | ||
|
|
||
| await poller.start(); | ||
|
|
||
| console.log('Starting at:', new Date()); | ||
|
|
||
| setInterval(() => { | ||
| const obj = poller.getConfigurationObject(); | ||
| console.log('Current config entry', obj); | ||
| }, 1000 * 60); | ||
|
|
||
| // This will run forever until you manually terminate it. | ||
| // Normally you would call poller.stop() if you want the program to exit. |
Oops, something went wrong.