diff --git a/README.md b/README.md index e1a9b93..0f4fc31 100644 --- a/README.md +++ b/README.md @@ -347,6 +347,12 @@ Default value: `null` If you wish to use a specific AWS credentials profile you can specify it here, otherwise it will use the environment default. You can also specify it with the environment variable `AWS_PROFILE` +##### options.roleArn +Type: `String` +Default value: `null` + +If you wish to assume a specific role from an EC2 instance you can specify it here, otherwise it will use the environment default. + ##### options.accessKeyId Type: `String` Default value: `null` @@ -517,5 +523,3 @@ Adding more warnings for various failure cases ### 0.10.0 * Making NPM a regular dependency to resolve [#20](https://github.com/Tim-B/grunt-aws-lambda/issues/20) - [pull request by timdp](https://github.com/Tim-B/grunt-aws-lambda/pull/27) - - diff --git a/tasks/lambda_deploy.js b/tasks/lambda_deploy.js index 3e79bad..64abebc 100644 --- a/tasks/lambda_deploy.js +++ b/tasks/lambda_deploy.js @@ -24,6 +24,7 @@ module.exports = function (grunt) { var options = this.options({ profile: null, + roleArn: null, accessKeyId: null, secretAccessKey: null, credentialsJSON: null, @@ -37,6 +38,15 @@ module.exports = function (grunt) { AWS.config.credentials = credentials; } + if (options.roleArn !== null) { + AWS.config.credentials = new AWS.EC2MetadataCredentials({ + httpOptions: { timeout: 5000 } // 5 second timeout + }); + AWS.config.credentials = new AWS.TemporaryCredentials({ + RoleArn: options.roleArn + }); + } + if (options.accessKeyId !== null && options.secretAccessKey !== null) { AWS.config.update({accessKeyId: options.accessKeyId, secretAccessKey: options.secretAccessKey}); }