Skip to content

Configuration

This library uses library-config('github.com/cloudboss/unobin-library-aws') for per-alias settings. Pass a value to library-configs: in factory source, usually from a factory input so stack files can choose the environment-specific settings.

Description

Configuration selects how a component reaches AWS. Every field is optional; an empty or nil Configuration means the SDK's default chain alone: env credentials, shared config and credentials files, SSO, web identity, container credentials, then IMDS. Static credential fields are deliberately absent; credentials enter through the chain, a profile, or role assumption.

Fields

region

string

profile

string

endpoint-url

string

endpoints

object 
object({
  s3: optional(string)
  sts: optional(string)
  kms: optional(string)
})

max-attempts

integer

retry-mode

string

shared-config-files

list(string)

shared-credentials-files

list(string)

custom-ca-bundle

string

http-proxy

string

https-proxy

string

no-proxy

string

assume-role

object 
object({
  role-arn: string
  role-session-name: optional(string)
  external-id: optional(string)
  duration-seconds: optional(integer)
  policy: optional(string)
  policy-arns: optional(list(string))
  source-identity: optional(string)
  tags: optional(map(string))
  transitive-tag-keys: optional(list(string))
})

assume-role-with-web-identity

object 
object({
  role-arn: string
  web-identity-token-file: string
  role-session-name: optional(string)
  duration-seconds: optional(integer)
  policy: optional(string)
  policy-arns: optional(list(string))
})