|
|
Add ImdsCredentialProvider that fetches and caches temporary AWS
credentials from the EC2 Instance Metadata Service (IMDSv2), enabling
S3Client to work on EC2 instances without static credentials.
- New ImdsCredentialProvider class (RefCounted) with RwLock-based
double-checked caching and 5-minute pre-expiration refresh
- S3ClientOptions gains optional CredentialProvider field; when set,
SignRequest/GeneratePresignedUrl use dynamic credentials and
invalidate the signing key cache on access key rotation
- Move CloudProvider enum and MockImdsService from zencompute to
zenutil for reuse; extend mock with IAM credential endpoints
- Add --imds flag to zens3-testbed for EC2 credential testing
- Integration tests using mock IMDS server verify fetch, caching,
invalidation, and unreachable endpoint graceful failure
|