From db20d8a8a6a03171a226a5a04571fab374af65c3 Mon Sep 17 00:00:00 2001 From: Lucas Bernardo Date: Thu, 20 Aug 2020 08:20:10 -0300 Subject: [PATCH] add aws session param --- README.md | 10 ++++++++-- bin/dynamo-backup-to-s3 | 2 ++ bin/dynamo-restore-from-s3 | 2 ++ lib/dynamo-backup.js | 4 ++++ lib/dynamo-restore.js | 4 +++- 5 files changed, 19 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index 08c26c4..3ca443f 100644 --- a/README.md +++ b/README.md @@ -28,6 +28,7 @@ Can be run as a command line script or as an npm module. --aws-key AWS access key. Will use AWS_ACCESS_KEY_ID env var if --aws-key not set --aws-secret AWS secret key. Will use AWS_SECRET_ACCESS_KEY env var if --aws-secret not set --aws-region AWS region. Will use AWS_DEFAULT_REGION env var if --aws-region not set + --aws-session AWS session Token. Will use AWS_SESSION_TOKEN env var if --aws-session not set ``` # npm module usage @@ -46,6 +47,7 @@ var backup = new DynamoBackup({ awsAccessKey: /* AWS access key */, awsSecretKey: /* AWS secret key */, awsRegion: /* AWS region */ + awsSessionToken: /* AWS Session Token */ }); backup.on('error', function(data) { @@ -83,6 +85,7 @@ var options = { awsAccessKey: /* AWS access key */, awsSecretKey: /* AWS secret key */, awsRegion: /* AWS region */, + awsSessionToken: /* AWS Session Token */, backupPath: /* folder to save backups in. default: 'DynamoDB-backup-YYYY-MM-DD-HH-mm-ss', base64Binary: /* whether or not to base64 encode binary data before saving to JSON */ }; @@ -186,6 +189,7 @@ Can be run as a command line script or as an npm module. --aws-key AWS access key. Will use AWS_ACCESS_KEY_ID env var if --aws-key not set --aws-secret AWS secret key. Will use AWS_SECRET_ACCESS_KEY env var if --aws-secret not set --aws-region AWS region. Will use AWS_DEFAULT_REGION env var if --aws-region not set + --aws-session AWS session Token. Will use AWS_SESSION_TOKEN env var if --aws-session not set ``` ## Examples @@ -238,7 +242,8 @@ var restore = new DynamoRestore({ concurrency: 200, // for large restores use 1 unit per MB as a rule of thumb (ie 1000 for 1GB restore) awsAccessKey: /* AWS access key */, awsSecretKey: /* AWS secret key */, - awsRegion: /* AWS region */ + awsRegion: /* AWS region */, + awsSessionToken: /* AWS Session Token */ }); restore.on('error', function(message) { @@ -275,7 +280,8 @@ var options = { stopOnFailure: /* true/false should a single failed batch stop the whole restore job? */, awsAccessKey: /* AWS access key */, awsSecretKey: /* AWS secret key */, - awsRegion: /* AWS region */ + awsRegion: /* AWS region */, + awsSessionToken: /* AWS Session Token */ }; var restore = new DynamoBackup.Restore(options); diff --git a/bin/dynamo-backup-to-s3 b/bin/dynamo-backup-to-s3 index d06b72b..f82620d 100755 --- a/bin/dynamo-backup-to-s3 +++ b/bin/dynamo-backup-to-s3 @@ -29,6 +29,7 @@ program .option('--aws-key ', 'AWS access key. Will use AWS_ACCESS_KEY_ID env var if --aws-key not set') .option('--aws-secret ', 'AWS secret key. Will use AWS_SECRET_ACCESS_KEY env var if --aws-secret not set') .option('--aws-region ', 'AWS region. Will use AWS_DEFAULT_REGION env var if --aws-region not set') + .option('--aws-session ', 'AWS session Token. Will use AWS_SESSION_TOKEN env var if --aws-session not set') .parse(process.argv); // run program @@ -39,6 +40,7 @@ var dynamoBackup = new DynamoBackup({ awsAccessKey: program.awsKey, awsSecretKey: program.awsSecret, awsRegion: program.awsRegion, + awsSessionToken: program.awsSession, backupPath: program.backupPath, bucket: program.bucket, excludedTables: program.excludedTables, diff --git a/bin/dynamo-restore-from-s3 b/bin/dynamo-restore-from-s3 index f2b8dd0..a69c97a 100755 --- a/bin/dynamo-restore-from-s3 +++ b/bin/dynamo-restore-from-s3 @@ -19,6 +19,7 @@ program .option('--aws-key ', 'AWS access key. Will use AWS_ACCESS_KEY_ID env var if --aws-key not set') .option('--aws-secret ', 'AWS secret key. Will use AWS_SECRET_ACCESS_KEY env var if --aws-secret not set') .option('--aws-region ', 'AWS region. Will use AWS_DEFAULT_REGION env var if --aws-region not set') + .option('--aws-session ', 'AWS session Token. Will use AWS_SESSION_TOKEN env var if --aws-session not set') .parse(process.argv); // Display help if needed @@ -49,6 +50,7 @@ var dynamoRestore = new DynamoRestore({ awsKey: program.awsKey, awsSecret: program.awsSecret, awsRegion: program.awsRegion, + awsSession: program.awsSession }); function translate(contentLength) { diff --git a/lib/dynamo-backup.js b/lib/dynamo-backup.js index a81e469..afc3b33 100644 --- a/lib/dynamo-backup.js +++ b/lib/dynamo-backup.js @@ -25,6 +25,7 @@ function DynamoBackup(options) { this.awsAccessKey = options.awsAccessKey; this.awsSecretKey = options.awsSecretKey; this.awsRegion = options.awsRegion; + this.awsSessionToken = options.awsSessionToken; this.debug = Boolean(options.debug); if (this.awsRegion) { @@ -34,6 +35,9 @@ function DynamoBackup(options) { params.accessKeyId = this.awsAccessKey; params.secretAccessKey = this.awsSecretKey; } + if (this.awsSessionToken) { + params.sessionToken = this.awsSessionToken; + } AWS.config.update(params); } diff --git a/lib/dynamo-restore.js b/lib/dynamo-restore.js index b341fb8..707c02e 100755 --- a/lib/dynamo-restore.js +++ b/lib/dynamo-restore.js @@ -24,11 +24,13 @@ function DynamoRestore(options) { options.awsKey = options.awsKey || process.env.AWS_ACCESS_KEY_ID; options.awsSecret = options.awsSecret || process.env.AWS_SECRET_ACCESS_KEY; options.awsRegion = options.awsRegion || process.env.AWS_DEFAULT_REGION || 'ap-southeast-2'; + options.awsSessionToken = options.awsSessionToken || process.env.AWS_SESSION_TOKEN; AWS.config.update({ accessKeyId: options.awsKey, secretAccessKey: options.awsSecret, - region: options.awsRegion + region: options.awsRegion, + sessionToken: options.awsSessionToken }); this.options = options;