From adf417809a7fdd44da0241efc76164b36e6e24be Mon Sep 17 00:00:00 2001
From: clint shryock <clint@ctshryock.com>
Date: Tue, 15 Dec 2015 10:49:23 -0600
Subject: [PATCH] add some comments on auth refactoring

---
 builtin/providers/aws/config.go | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/builtin/providers/aws/config.go b/builtin/providers/aws/config.go
index e7c7628dc4..e3e2243f1c 100644
--- a/builtin/providers/aws/config.go
+++ b/builtin/providers/aws/config.go
@@ -353,8 +353,12 @@ func getCreds(key, secret, token string) *awsCredentials.Credentials {
 	}
 
 	r, err := c.Get(metadataURL)
+	// Flag to determine if we should add the EC2Meta data provider. Default false
 	var useIAM bool
 	if err == nil {
+		// AWS will add a "Server: EC2ws" header value for the metadata request. We
+		// check the headers for this value to ensure something else didn't just
+		// happent to be listening on that IP:Port
 		if r.Header["Server"] != nil && strings.Contains(r.Header["Server"][0], "EC2") {
 			useIAM = true
 		}