fluent · iandrewt · Jun 26, 2024 · Jun 26, 2024 · Jun 29, 2024 · Jun 29, 2024
@@ -257,18 +257,28 @@ struct flb_aws_provider *flb_aws_env_provider_create();
  * used by host and path.
  */
 struct flb_aws_provider *flb_http_provider_create(struct flb_config *config,
-                                                  flb_sds_t host,
+                                                  flb_sds_t endpoint,
                                                   flb_sds_t path,
+                                                  flb_sds_t auth_token,
                                                   struct
                                                   flb_aws_client_generator
                                                   *generator);
 
+struct flb_aws_provider *flb_local_http_provider_create(struct flb_config *config,
+                                                        flb_sds_t endpoint,
+                                                        flb_sds_t auth_token,
+                                                        struct
+                                                        flb_aws_client_generator
+                                                        *generator);
+
+
+
 /*
- * ECS Provider
- * The ECS Provider is just a wrapper around the HTTP Provider
- * with the ECS credentials endpoint.
+ * Container Provider
+ * The Container Provider is just a wrapper around the HTTP Provider
+ * with the ECS/EKS credentials endpoint.
  */
-struct flb_aws_provider *flb_ecs_provider_create(struct flb_config *config,
+struct flb_aws_provider *flb_container_provider_create(struct flb_config *config,
                                                  struct
                                                  flb_aws_client_generator
                                                  *generator);
@@ -349,6 +359,27 @@ int try_lock_provider(struct flb_aws_provider *provider);
 
 void unlock_provider(struct flb_aws_provider *provider);
 
+/*
+ * HTTP Credentials Provider - retrieve credentials from a local http server
+ * Used to implement the Container Credentials provider.
+ * Equivalent to:
+ * https://github.com/aws/aws-sdk-go/tree/master/aws/credentials/endpointcreds
+ */
+
+struct flb_aws_provider_http {
+    struct flb_aws_credentials *creds;
+    time_t next_refresh;
+
+    struct flb_aws_client *client;
+
+    /* Endpoint to request credentials */
+    flb_sds_t endpoint;
+    flb_sds_t path;
+
+    /* Auth token */
+    flb_sds_t auth_token;
+    flb_sds_t auth_token_file;
+};
 
 #endif
 #endif /* FLB_HAVE_AWS */
@@ -144,13 +144,21 @@ flb_sds_t flb_aws_xml_error(char *response, size_t response_len);
 flb_sds_t flb_aws_error(char *response, size_t response_len);
 
 /*
- * Similar to 'flb_aws_error', except it prints the JSON error type and message
- * to the user in a error log.
+ * Similar to 'flb_aws_error', except it prints the JSON error __type and message
+ * field values to the user in a error log.
  * 'api' is the name of the API that was called; this is used in the error log.
  */
 void flb_aws_print_error(char *response, size_t response_len,
                          char *api, struct flb_output_instance *ins);
 
+/*
+ * Similar to 'flb_aws_error', except it prints the JSON error Code and Message
+ * field values to the user in a error log.
+ * 'api' is the name of the API that was called; this is used in the error log.
+ */
+void flb_aws_print_error_code(char *response, size_t response_len,
+                              char *api);
+
 /* Similar to 'flb_aws_print_error', but for APIs that return XML */
 void flb_aws_print_xml_error(char *response, size_t response_len,
                              char *api, struct flb_output_instance *ins);

@@ -581,11 +581,11 @@ static struct flb_aws_provider *standard_chain_create(struct flb_config
         }
     }
 
-    sub_provider = flb_ecs_provider_create(config, generator);
+    sub_provider = flb_container_provider_create(config, generator);
     if (sub_provider) {
-        /* ECS Provider will fail creation if we are not running in ECS */
+        /* HTTP Provider will fail creation if we are not running in ECS/EKS */
         mk_list_add(&sub_provider->_head, &implementation->sub_providers);
-        flb_debug("[aws_credentials] Initialized ECS Provider in standard chain");
+        flb_debug("[aws_credentials] Initialized HTTP Provider in standard chain");
     }
 
     sub_provider = flb_ec2_provider_create(config, generator);