Datasource for reading from AWS Systems Manager Parameters

* Includes single value and multi-value results - will drop latter

1 files changed, 57 insertions, 14 deletions

diff --git a/aws/ec2info.go b/aws/ec2info.go
index ca1c6526..07a39680 100644
--- a/aws/ec2info.go
+++ b/aws/ec2info.go
@@ -1,7 +1,11 @@
 package aws
 
 import (
+	"log"
 	"net/http"
+	"os"
+	"strconv"
+	"sync"
 	"time"
 
 	"github.com/aws/aws-sdk-go/aws"
@@ -11,6 +15,13 @@ import (
 
 var describerClient InstanceDescriber
 
+var (
+	co ClientOptions
+	coInit sync.Once
+	sdkSession *session.Session
+	sdkSessionInit sync.Once
+)
+
 // ClientOptions -
 type ClientOptions struct {
 	Timeout time.Duration
@@ -28,14 +39,58 @@ type InstanceDescriber interface {
 	DescribeInstances(*ec2.DescribeInstancesInput) (*ec2.DescribeInstancesOutput, error)
 }
 
+// Centralised reading of AWS_TIMEOUT
+// ... but cannot use in vault/auth.go as different strconv.Atoi error handling
+func GetClientOptions() (ClientOptions) {
+	coInit.Do(func() {
+		timeout := os.Getenv("AWS_TIMEOUT")
+		if timeout != "" {
+			t, err := strconv.Atoi(timeout)
+			if err != nil {
+				log.Fatalf("Invalid AWS_TIMEOUT value '%s' - must be an integer\n", timeout)
+			}
+
+			co.Timeout = time.Duration(t) * time.Millisecond
+		}
+	})
+	return co
+}
+
+func SDKSession() (*session.Session) {
+	sdkSessionInit.Do(func() {
+		options := GetClientOptions()
+		timeout := options.Timeout
+		if timeout == 0 {
+			timeout = 500 * time.Millisecond
+		}
+
+		config := aws.NewConfig()
+		config = config.WithHTTPClient(&http.Client{Timeout: timeout})
+
+		// Waiting for https://github.com/aws/aws-sdk-go/issues/1103
+		metaClient := NewEc2Meta(options)
+		metaRegion := metaClient.Region()
+		_, default1 := os.LookupEnv("AWS_REGION");
+		_, default2 := os.LookupEnv("AWS_DEFAULT_REGION");
+		if metaRegion != "unknown" && !default1 && !default2 {
+			config = config.WithRegion(metaRegion)
+		}
+
+		sdkSession = session.Must(session.NewSessionWithOptions(session.Options{
+			Config: *config,
+			SharedConfigState: session.SharedConfigEnable,
+		}))
+	})
+	return sdkSession
+}
+
 // NewEc2Info -
 func NewEc2Info(options ClientOptions) *Ec2Info {
 	metaClient := NewEc2Meta(options)
 	return &Ec2Info{
 		describer: func() InstanceDescriber {
 			if describerClient == nil {
-				region := metaClient.Region()
-				describerClient = ec2Client(region, options)
+				describerClient = ec2.New(SDKSession())
 			}
 			return describerClient
 		},
@@ -44,18 +99,6 @@ func NewEc2Info(options ClientOptions) *Ec2Info {
 	}
 }
 
-func ec2Client(region string, options ClientOptions) (client InstanceDescriber) {
-	config := aws.NewConfig()
-	config = config.WithRegion(region)
-	timeout := options.Timeout
-	if timeout == 0 {
-		timeout = 500 * time.Millisecond
-	}
-	config = config.WithHTTPClient(&http.Client{Timeout: timeout})
-	client = ec2.New(session.New(config))
-	return client
-}
-
 // Tag -
 func (e *Ec2Info) Tag(tag string, def ...string) string {
 	output := e.describeInstance()