From 0b91c4e6707f81ae614b165177bf4a65d20f667d Mon Sep 17 00:00:00 2001
From: Alba Mendez <alba.mendez@basetis.com>
Date: Thu, 22 Mar 2018 14:59:48 +0100
Subject: [PATCH] Add --dns-route53-credentials option

---
 .../certbot_dns_route53/__init__.py               |  2 ++
 .../certbot_dns_route53/dns_route53.py            | 15 ++++++++++++++-
 2 files changed, 16 insertions(+), 1 deletion(-)

diff --git a/certbot-dns-route53/certbot_dns_route53/__init__.py b/certbot-dns-route53/certbot_dns_route53/__init__.py
index 8659617ef..8dbe3dc43 100644
--- a/certbot-dns-route53/certbot_dns_route53/__init__.py
+++ b/certbot-dns-route53/certbot_dns_route53/__init__.py
@@ -12,6 +12,8 @@ Named Arguments
                                           to propagate before asking the ACME
                                           server to verify the DNS record.
                                           (Default: 10)
+``--dns-route53-credentials``             Load AWS credentials from specified
+                                          file. (Default: None)
 ========================================  =====================================
 
 
diff --git a/certbot-dns-route53/certbot_dns_route53/dns_route53.py b/certbot-dns-route53/certbot_dns_route53/dns_route53.py
index f71935de2..5fe27385f 100644
--- a/certbot-dns-route53/certbot_dns_route53/dns_route53.py
+++ b/certbot-dns-route53/certbot_dns_route53/dns_route53.py
@@ -6,6 +6,7 @@ import time
 import boto3
 import zope.interface
 from botocore.exceptions import NoCredentialsError, ClientError
+from botocore.credentials import SharedCredentialProvider
 
 from certbot import errors
 from certbot import interfaces
@@ -35,9 +36,21 @@ class Authenticator(dns_common.DNSAuthenticator):
 
     def __init__(self, *args, **kwargs):
         super(Authenticator, self).__init__(*args, **kwargs)
-        self.r53 = boto3.client("route53")
+        if self.conf("credentials"):
+            creds = SharedCredentialProvider(self.conf("credentials")).load()
+            if creds is None:
+                raise errors.PluginError("Couldn't load AWS credentials")
+            self.r53 = boto3.client("route53",
+                aws_access_key_id=creds.access_key, aws_secret_access_key=creds.secret_key)
+        else:
+            self.r53 = boto3.client("route53")
         self._resource_records = collections.defaultdict(list) # type: DefaultDict[str, List[Dict[str, str]]]
 
+    @classmethod
+    def add_parser_arguments(cls, add):  # pylint: disable=arguments-differ
+        super(Authenticator, cls).add_parser_arguments(add)
+        add('credentials', help='Load AWS credentials from specified file.')
+
     def more_info(self):  # pylint: disable=missing-docstring,no-self-use
         return "Solve a DNS01 challenge using AWS Route53"