feat(rt): ec2 imds region provider (#341)

Author: aajtodd

aws-runtime/aws-config/common/src/aws/sdk/kotlin/runtime/config/imds/ImdsClient.kt

@@ -53,7 +53,7 @@ public class ImdsClient private constructor(builder: Builder) : Closeable {
 
     private val maxRetries: UInt = builder.maxRetries
     private val endpointConfiguration: EndpointConfiguration = builder.endpointConfiguration
-    private val tokenTtl: Duration = builder.tokenTTL
+    private val tokenTtl: Duration = builder.tokenTtl
     private val clock: Clock = builder.clock
     private val platformProvider: PlatformProvider = builder.platformProvider
     private val httpClient: SdkHttpClient
@@ -160,7 +160,7 @@ public class ImdsClient private constructor(builder: Builder) : Closeable {
         /**
          * Override the time-to-live for the session token
          */
-        public var tokenTTL: Duration = Duration.seconds(DEFAULT_TOKEN_TTL_SECONDS)
+        public var tokenTtl: Duration = Duration.seconds(DEFAULT_TOKEN_TTL_SECONDS)
 
         /**
          * The HTTP engine to use to make requests with. This is here to facilitate testing and can otherwise be ignored

aws-runtime/aws-config/common/src/aws/sdk/kotlin/runtime/region/DefaultRegionProviderChain.kt

@@ -5,11 +5,13 @@
 
 package aws.sdk.kotlin.runtime.region
 
+import aws.smithy.kotlin.runtime.io.Closeable
+
 /**
  * [RegionProvider] that looks for region in this order:
  *  1. Check `aws.region` system property (JVM only)
  *  2. Check the `AWS_REGION` environment variable (JVM, Node, Native)
  *  3. Check the AWS config files/profile for region information
  *  4. If running on EC2, check the EC2 metadata service for region
  */
-public expect class DefaultRegionProviderChain public constructor() : RegionProvider
+public expect class DefaultRegionProviderChain public constructor() : RegionProvider, Closeable

aws-runtime/aws-config/common/src/aws/sdk/kotlin/runtime/region/ImdsRegionProvider.kt

@@ -0,0 +1,45 @@
+/*
+ * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * SPDX-License-Identifier: Apache-2.0.
+ */
+
+package aws.sdk.kotlin.runtime.region
+
+import aws.sdk.kotlin.runtime.config.AwsSdkSetting
+import aws.sdk.kotlin.runtime.config.imds.ImdsClient
+import aws.sdk.kotlin.runtime.config.resolve
+import aws.smithy.kotlin.runtime.io.Closeable
+import aws.smithy.kotlin.runtime.util.Platform
+import aws.smithy.kotlin.runtime.util.PlatformEnvironProvider
+import aws.smithy.kotlin.runtime.util.asyncLazy
+
+private const val REGION_PATH: String = "/latest/meta-data/placement/region"
+
+/**
+ * [RegionProvider] that uses EC2 instance metadata service (IMDS) to provider region information
+ *
+ * @param client the IMDS client to use to resolve region information with
+ * @param platformProvider the [PlatformEnvironProvider] instance
+ */
+public class ImdsRegionProvider(
+    private val client: Lazy<ImdsClient> = lazy { ImdsClient() },
+    private val platformProvider: PlatformEnvironProvider = Platform,
+) : RegionProvider, Closeable {
+    private val resolvedRegion = asyncLazy(::loadRegion)
+
+    override suspend fun getRegion(): String? {
+        if (AwsSdkSetting.AwsEc2MetadataDisabled.resolve(platformProvider) == true) {
+            return null
+        }
+
+        return resolvedRegion.get()
+    }
+
+    private suspend fun loadRegion(): String = client.value.get(REGION_PATH)
+
+    override fun close() {
+        if (client.isInitialized()) {
+            client.value.close()
+        }
+    }
+}

aws-runtime/aws-config/common/test/aws/sdk/kotlin/runtime/config/imds/ImdsClientTest.kt

@@ -10,10 +10,6 @@ import aws.sdk.kotlin.runtime.endpoint.Endpoint
 import aws.sdk.kotlin.runtime.testing.TestPlatformProvider
 import aws.sdk.kotlin.runtime.testing.runSuspendTest
 import aws.smithy.kotlin.runtime.http.*
-import aws.smithy.kotlin.runtime.http.content.ByteArrayContent
-import aws.smithy.kotlin.runtime.http.request.HttpRequest
-import aws.smithy.kotlin.runtime.http.request.url
-import aws.smithy.kotlin.runtime.http.response.HttpResponse
 import aws.smithy.kotlin.runtime.httptest.TestConnection
 import aws.smithy.kotlin.runtime.httptest.buildTestConnection
 import aws.smithy.kotlin.runtime.time.Instant
@@ -29,33 +25,6 @@ import kotlin.time.ExperimentalTime
 @OptIn(ExperimentalTime::class)
 class ImdsClientTest {
 
-    private fun tokenRequest(host: String, ttl: Int): HttpRequest = HttpRequest {
-        val parsed = Url.parse(host)
-        url(parsed)
-        url.path = "/latest/api/token"
-        headers.append(X_AWS_EC2_METADATA_TOKEN_TTL_SECONDS, ttl.toString())
-    }
-
-    private fun tokenResponse(ttl: Int, token: String): HttpResponse = HttpResponse(
-        HttpStatusCode.OK,
-        Headers {
-            append(X_AWS_EC2_METADATA_TOKEN_TTL_SECONDS, ttl.toString())
-        },
-        ByteArrayContent(token.encodeToByteArray())
-    )
-
-    private fun imdsRequest(url: String, token: String): HttpRequest = HttpRequest {
-        val parsed = Url.parse(url)
-        url(parsed)
-        headers.append(X_AWS_EC2_METADATA_TOKEN, token)
-    }
-
-    private fun imdsResponse(body: String): HttpResponse = HttpResponse(
-        HttpStatusCode.OK,
-        Headers.Empty,
-        ByteArrayContent(body.encodeToByteArray())
-    )
-
     @Test
     fun testInvalidEndpointOverrideFailsCreation() {
         val connection = TestConnection()
@@ -122,7 +91,7 @@ class ImdsClientTest {
             engine = connection
             endpointConfiguration = EndpointConfiguration.ModeOverride(EndpointMode.IPv6)
             clock = testClock
-            tokenTTL = Duration.seconds(600)
+            tokenTtl = Duration.seconds(600)
         }
 
         val r1 = client.get("/latest/metadata")
@@ -169,7 +138,7 @@ class ImdsClientTest {
             engine = connection
             endpointConfiguration = EndpointConfiguration.ModeOverride(EndpointMode.IPv6)
             clock = testClock
-            tokenTTL = Duration.seconds(600)
+            tokenTtl = Duration.seconds(600)
         }
 
         val r1 = client.get("/latest/metadata")

aws-runtime/aws-config/common/test/aws/sdk/kotlin/runtime/config/imds/ImdsTestUtils.kt

@@ -0,0 +1,41 @@
+/*
+ * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * SPDX-License-Identifier: Apache-2.0.
+ */
+
+package aws.sdk.kotlin.runtime.config.imds
+
+import aws.smithy.kotlin.runtime.http.Headers
+import aws.smithy.kotlin.runtime.http.HttpStatusCode
+import aws.smithy.kotlin.runtime.http.Url
+import aws.smithy.kotlin.runtime.http.content.ByteArrayContent
+import aws.smithy.kotlin.runtime.http.request.HttpRequest
+import aws.smithy.kotlin.runtime.http.request.url
+import aws.smithy.kotlin.runtime.http.response.HttpResponse
+
+fun tokenRequest(host: String, ttl: Int): HttpRequest = HttpRequest {
+    val parsed = Url.parse(host)
+    url(parsed)
+    url.path = "/latest/api/token"
+    headers.append(X_AWS_EC2_METADATA_TOKEN_TTL_SECONDS, ttl.toString())
+}
+
+fun tokenResponse(ttl: Int, token: String): HttpResponse = HttpResponse(
+    HttpStatusCode.OK,
+    Headers {
+        append(X_AWS_EC2_METADATA_TOKEN_TTL_SECONDS, ttl.toString())
+    },
+    ByteArrayContent(token.encodeToByteArray())
+)
+
+fun imdsRequest(url: String, token: String): HttpRequest = HttpRequest {
+    val parsed = Url.parse(url)
+    url(parsed)
+    headers.append(X_AWS_EC2_METADATA_TOKEN, token)
+}
+
+fun imdsResponse(body: String): HttpResponse = HttpResponse(
+    HttpStatusCode.OK,
+    Headers.Empty,
+    ByteArrayContent(body.encodeToByteArray())
+)

aws-runtime/aws-config/common/test/aws/sdk/kotlin/runtime/region/ImdsRegionProviderTest.kt

@@ -0,0 +1,60 @@
+/*
+ * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * SPDX-License-Identifier: Apache-2.0.
+ */
+
+package aws.sdk.kotlin.runtime.region
+
+import aws.sdk.kotlin.runtime.config.AwsSdkSetting
+import aws.sdk.kotlin.runtime.config.imds.*
+import aws.sdk.kotlin.runtime.testing.TestPlatformProvider
+import aws.sdk.kotlin.runtime.testing.runSuspendTest
+import aws.smithy.kotlin.runtime.httptest.buildTestConnection
+import aws.smithy.kotlin.runtime.time.ManualClock
+import kotlin.test.Test
+import kotlin.test.assertEquals
+import kotlin.test.assertNull
+import kotlin.time.ExperimentalTime
+
+class ImdsRegionProviderTest {
+
+    @Test
+    fun testImdsDisabled() = runSuspendTest {
+        val platform = TestPlatformProvider(
+            env = mapOf(AwsSdkSetting.AwsEc2MetadataDisabled.environmentVariable to "true")
+        )
+
+        val provider = ImdsRegionProvider(platformProvider = platform)
+        assertNull(provider.getRegion())
+    }
+
+    @OptIn(ExperimentalTime::class)
+    @Test
+    fun testResolveRegion() = runSuspendTest {
+
+        val connection = buildTestConnection {
+            expect(
+                tokenRequest("http://169.254.169.254", DEFAULT_TOKEN_TTL_SECONDS),
+                tokenResponse(DEFAULT_TOKEN_TTL_SECONDS, "TOKEN_A")
+            )
+            expect(
+                imdsRequest("http://169.254.169.254/latest/meta-data/placement/region", "TOKEN_A"),
+                imdsResponse("us-east-2")
+            )
+        }
+
+        val testClock = ManualClock()
+
+        val client = ImdsClient {
+            engine = connection
+            clock = testClock
+        }
+
+        val provider = ImdsRegionProvider(client = lazyOf(client))
+        assertEquals("us-east-2", provider.getRegion())
+        connection.assertRequests()
+
+        // test that it's cached, test connection would fail if it tries again
+        assertEquals("us-east-2", provider.getRegion())
+    }
+}

aws-runtime/aws-config/jvm/src/aws/sdk/kotlin/runtime/region/DefaultRegionProviderChainJVM.kt

@@ -5,9 +5,20 @@
 
 package aws.sdk.kotlin.runtime.region
 
+import aws.smithy.kotlin.runtime.io.Closeable
+
 public actual class DefaultRegionProviderChain public actual constructor() :
     RegionProvider,
+    Closeable,
     RegionProviderChain(
         JvmSystemPropRegionProvider(),
-        EnvironmentRegionProvider()
-    )
+        EnvironmentRegionProvider(),
+        // TODO - profile
+        ImdsRegionProvider()
+    ) {
+    override fun close() {
+        providers.forEach { provider ->
+            if (provider is Closeable) provider.close()
+        }
+    }
+}

aws-runtime/aws-types/common/src/aws/sdk/kotlin/runtime/region/RegionProviderChain.kt

@@ -14,7 +14,7 @@ import aws.smithy.kotlin.runtime.logging.Logger
  * @param providers the list of providers to delegate to
  */
 public open class RegionProviderChain(
-    private vararg val providers: RegionProvider
+    protected vararg val providers: RegionProvider
 ) : RegionProvider {
     private val logger = Logger.getLogger<RegionProviderChain>()