-
Notifications
You must be signed in to change notification settings - Fork 91
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
CDH | Add Aliyun STS Token support for KMS #591
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Nice work. Just curious, given that STS token is often a short-lived access credential, in what scenarios will 'sts_token_client' be used?
Yes. This is used in some scenarios where aliyun KMS will only be used at the launch time. In this scene a short-term token is enough. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM. Once all checks have been passed, it can be merged.
351c4c4
to
156fad0
Compare
@1570005763 Yea. Also a commit to make aliyun kms suites statically built-able. |
This patch will add STS token support for aliyun KMS client. The part of STS token code is also be reused by ecs_ram_role client. Also does some refactoring work upon the code. Signed-off-by: Xynnn007 <xynnn@linux.alibaba.com>
Signed-off-by: Xynnn007 <xynnn@linux.alibaba.com>
Signed-off-by: Xynnn007 <xynnn@linux.alibaba.com>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
cc @1570005763