(cloudwatch) check auth type before assume role (#8895)

2025-02-25 18:55:37 -06:00 · 2017-07-20 21:11:51 +09:00 · 2017-07-20 21:11:51 +09:00 · 9d50ab8fb5
commit 9d50ab8fb5
parent af56cc4c28
1 changed files with 4 additions and 1 deletions
--- a/pkg/api/cloudwatch/cloudwatch.go
+++ b/pkg/api/cloudwatch/cloudwatch.go
@ -39,6 +39,7 @@ type cwRequest struct {
 type datasourceInfo struct {
 	Profile       string
 	Region        string
 	AuthType      string
 	AssumeRoleArn string
 	Namespace     string
@ -47,6 +48,7 @@ type datasourceInfo struct {
 }
 func (req *cwRequest) GetDatasourceInfo() *datasourceInfo {
 	authType := req.DataSource.JsonData.Get("authType").MustString()
 	assumeRoleArn := req.DataSource.JsonData.Get("assumeRoleArn").MustString()
 	accessKey := ""
 	secretKey := ""
@ -61,6 +63,7 @@ func (req *cwRequest) GetDatasourceInfo() *datasourceInfo {
 	}
 	return &datasourceInfo{
 		AuthType:      authType,
 		AssumeRoleArn: assumeRoleArn,
 		Region:        req.Region,
 		Profile:       req.DataSource.Database,
@ -110,7 +113,7 @@ func getCredentials(dsInfo *datasourceInfo) (*credentials.Credentials, error) {
 	sessionToken := ""
 	var expiration *time.Time
 	expiration = nil
-	if strings.Index(dsInfo.AssumeRoleArn, "arn:aws:iam:") == 0 {
+	if dsInfo.AuthType == "arn" && strings.Index(dsInfo.AssumeRoleArn, "arn:aws:iam:") == 0 {
 		params := &sts.AssumeRoleInput{
 			RoleArn:         aws.String(dsInfo.AssumeRoleArn),
 			RoleSessionName: aws.String("GrafanaSession"),