From f59e71e0fa4f4f6b7d70ea5b9f06556708a5314c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Andrej=20Jan=C4=8Di=C4=8D?= <andrejjancic@gmail.com>
Date: Wed, 7 Dec 2022 15:30:15 +0100
Subject: [PATCH] Support Ec2InstanceMetadata instead of source profile

---
 .../sts/auth_cache/assume_role_credentials_adapter.ex | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

diff --git a/lib/ex_aws/sts/auth_cache/assume_role_credentials_adapter.ex b/lib/ex_aws/sts/auth_cache/assume_role_credentials_adapter.ex
index 4e04ebd..67e5bbe 100644
--- a/lib/ex_aws/sts/auth_cache/assume_role_credentials_adapter.ex
+++ b/lib/ex_aws/sts/auth_cache/assume_role_credentials_adapter.ex
@@ -16,6 +16,14 @@ defmodule ExAws.STS.AuthCache.AssumeRoleCredentialsAdapter do
     get_security_credentials(auth, source_profile_auth, expiration)
   end
 
+  def adapt_auth_config(%{credential_source: "Ec2InstanceMetadata"} = auth, _, expiration, _loader) do
+    instance_auth =
+      ExAws.Config.new(:sts, access_key_id: "dummy", secret_access_key: "dummy")
+      |>ExAws.InstanceMeta.security_credentials()
+
+    get_security_credentials(auth, instance_auth, expiration)
+  end
+
   def adapt_auth_config(auth, _, _, _), do: auth
 
   defp get_security_credentials(auth, source_profile_auth, expiration) do
@@ -39,8 +47,7 @@ defmodule ExAws.STS.AuthCache.AssumeRoleCredentialsAdapter do
         secret_access_key: result.body.secret_access_key,
         security_token: result.body.session_token,
         role_arn: auth.role_arn,
-        role_session_name: role_session_name,
-        source_profile: auth.source_profile
+        role_session_name: role_session_name
       }
     else
       {:error, reason} ->