credscache

package

v0.2.0 Latest Latest Go to latest Published: Feb 19, 2023 License: MIT Imports: 11 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/Aton-Kish/aws-credscache-go

Links

Open Source Insights

Documentation ¶

Overview ¶

Package credscache provides credentials caching utilities for the AWS SDK for Go v2.

Inject the file cache provider ¶

By default, the file cache provider outputs cache files to the current directory.

cfg, err := config.LoadDefaultConfig(context.Background(), config.WithAssumeRoleCredentialOptions(func(options *stscreds.AssumeRoleOptions) {
	options.TokenProvider = stscreds.StdinTokenProvider
}))
if err != nil {
	log.Fatal(err)
}

injected, err := credscache.InjectFileCacheProvider(&cfg)
if err != nil {
	log.Fatal(err)
}

if !injected {
	log.Print("unable to inject file cache provider")
}

You can share cache with the AWS CLI by specifying `$HOME/.aws/cli/cache` (experimental feature).

cfg, err := config.LoadDefaultConfig(context.Background(), config.WithAssumeRoleCredentialOptions(func(options *stscreds.AssumeRoleOptions) {
	options.TokenProvider = stscreds.StdinTokenProvider
}))
if err != nil {
	log.Fatal(err)
}

injected, err := credscache.InjectFileCacheProvider(&cfg, func(o *credscache.FileCacheOptions) {
	home, _ := os.UserHomeDir()
	o.FileCacheDir = filepath.Join(home, ".aws/cli/cache")
})
if err != nil {
	log.Fatal(err)
}

if !injected {
	log.Print("unable to inject file cache provider")
}

Index ¶

Constants
Variables
func AssumeRoleCacheKey(provider *stscreds.AssumeRoleProvider) (string, error)
func InjectFileCacheProvider(cfg *aws.Config, optFns ...func(o *FileCacheOptions)) (bool, error)
func LoadCredentials(path string) (*aws.Credentials, error)
func StoreCredentials(path string, creds *aws.Credentials) error
type AssumeRoleProviderUnsafeAccessor
- func NewAssumeRoleProviderUnsafeAccessor(ptr *stscreds.AssumeRoleProvider) (*AssumeRoleProviderUnsafeAccessor, error)
- func (a *AssumeRoleProviderUnsafeAccessor) Options() stscreds.AssumeRoleOptions
type CredentialsCacheUnsafeAccessor
- func NewCredentialsCacheUnsafeAccessor(ptr *aws.CredentialsCache) (*CredentialsCacheUnsafeAccessor, error)
- func (a *CredentialsCacheUnsafeAccessor) Provider() aws.CredentialsProvider
- func (a *CredentialsCacheUnsafeAccessor) SetProvider(provider aws.CredentialsProvider)
type FileCacheOptions
type FileCacheProvider
- func NewFileCacheProvider(provider aws.CredentialsProvider, cacheKey string, ...) *FileCacheProvider
- func (p *FileCacheProvider) Retrieve(ctx context.Context) (aws.Credentials, error)
type FileCacheProviderError
type InjectionError

Examples ¶

AssumeRoleCacheKey
AssumeRoleCacheKey (WithRoleSessionNameAndMFASerial)
InjectFileCacheProvider
InjectFileCacheProvider (SpecifiedFileCacheDir)
LoadCredentials
StoreCredentials

Constants ¶

View Source

const (
	FileCacheProviderName = "FileCacheProvider"
)

Variables ¶

View Source

var (
	ErrNilPointer = credscache.ErrNilPointer
)

Functions ¶

func AssumeRoleCacheKey ¶

func AssumeRoleCacheKey(provider *stscreds.AssumeRoleProvider) (string, error)

Example ¶

package main

import (
	"fmt"
	"log"

	credscache "github.com/Aton-Kish/aws-credscache-go/sdkv2"
	"github.com/aws/aws-sdk-go-v2/credentials/stscreds"
	"github.com/aws/aws-sdk-go-v2/service/sts"
)

func main() {
	key, err := credscache.AssumeRoleCacheKey(stscreds.NewAssumeRoleProvider(&sts.Client{}, "role_arn"))
	if err != nil {
		log.Fatal(err)
	}

	fmt.Println(key)
}

Output:

de1969e7a880d858c9bef3ba110acf78869d4527

Example (WithRoleSessionNameAndMFASerial) ¶

package main

import (
	"fmt"
	"log"

	credscache "github.com/Aton-Kish/aws-credscache-go/sdkv2"
	"github.com/aws/aws-sdk-go-v2/aws"
	"github.com/aws/aws-sdk-go-v2/credentials/stscreds"
	"github.com/aws/aws-sdk-go-v2/service/sts"
)

func main() {
	key, err := credscache.AssumeRoleCacheKey(stscreds.NewAssumeRoleProvider(&sts.Client{}, "role_arn", func(o *stscreds.AssumeRoleOptions) {
		o.RoleSessionName = "role_session_name"
		o.SerialNumber = aws.String("mfa_serial")
	}))
	if err != nil {
		log.Fatal(err)
	}

	fmt.Println(key)
}

Output:

cda918cacd9e1d1c71d510d187e90c5817e04b97

func InjectFileCacheProvider ¶

func InjectFileCacheProvider(cfg *aws.Config, optFns ...func(o *FileCacheOptions)) (bool, error)

Example ¶

package main

import (
	"context"
	"log"

	credscache "github.com/Aton-Kish/aws-credscache-go/sdkv2"
	"github.com/aws/aws-sdk-go-v2/config"
	"github.com/aws/aws-sdk-go-v2/credentials/stscreds"
)

func main() {
	cfg, err := config.LoadDefaultConfig(context.Background(), config.WithAssumeRoleCredentialOptions(func(options *stscreds.AssumeRoleOptions) {
		options.TokenProvider = stscreds.StdinTokenProvider
	}))
	if err != nil {
		log.Fatal(err)
	}

	injected, err := credscache.InjectFileCacheProvider(&cfg)
	if err != nil {
		log.Fatal(err)
	}

	if !injected {
		log.Print("unable to inject file cache provider")
	}
}

Output:

Example (SpecifiedFileCacheDir) ¶

package main

import (
	"context"
	"log"
	"os"
	"path/filepath"

	credscache "github.com/Aton-Kish/aws-credscache-go/sdkv2"
	"github.com/aws/aws-sdk-go-v2/config"
	"github.com/aws/aws-sdk-go-v2/credentials/stscreds"
)

func main() {
	cfg, err := config.LoadDefaultConfig(context.Background(), config.WithAssumeRoleCredentialOptions(func(options *stscreds.AssumeRoleOptions) {
		options.TokenProvider = stscreds.StdinTokenProvider
	}))
	if err != nil {
		log.Fatal(err)
	}

	injected, err := credscache.InjectFileCacheProvider(&cfg, func(o *credscache.FileCacheOptions) {
		home, _ := os.UserHomeDir()
		o.FileCacheDir = filepath.Join(home, ".aws/cli/cache")
	})
	if err != nil {
		log.Fatal(err)
	}

	if !injected {
		log.Print("unable to inject file cache provider")
	}
}

Output:

func LoadCredentials ¶

func LoadCredentials(path string) (*aws.Credentials, error)

Example ¶

package main

import (
	"fmt"
	"log"

	credscache "github.com/Aton-Kish/aws-credscache-go/sdkv2"
)

func main() {
	path := "/home/gopher/.aws/cli/cache/de1969e7a880d858c9bef3ba110acf78869d4527.json"
	creds, err := credscache.LoadCredentials(path)
	if err != nil {
		log.Fatal(err)
	}

	fmt.Println(creds)
	// &aws.Credentials{
	// 	AccessKeyID:     "AccessKeyID",
	// 	SecretAccessKey: "SecretAccessKey",
	// 	SessionToken:    "SessionToken",
	// 	Source:          "",
	// 	CanExpire:       true,
	// 	Expires:         time.Date(2006, 1, 2, 15, 4, 5, 0, time.UTC),
	// }
}

Output:

func StoreCredentials ¶

func StoreCredentials(path string, creds *aws.Credentials) error

Example ¶

package main

import (
	"log"
	"time"

	credscache "github.com/Aton-Kish/aws-credscache-go/sdkv2"
	"github.com/aws/aws-sdk-go-v2/aws"
)

func main() {
	path := "/home/gopher/.aws/cli/cache/de1969e7a880d858c9bef3ba110acf78869d4527.json"
	creds := &aws.Credentials{
		AccessKeyID:     "AccessKeyID",
		SecretAccessKey: "SecretAccessKey",
		SessionToken:    "SessionToken",
		Source:          "TestProvider",
		CanExpire:       true,
		Expires:         time.Date(2006, 1, 2, 15, 4, 5, 0, time.UTC),
	}
	if err := credscache.StoreCredentials(path, creds); err != nil {
		log.Fatal(err)
	}
}

Output:

Types ¶

type AssumeRoleProviderUnsafeAccessor ¶

type AssumeRoleProviderUnsafeAccessor struct {
	// contains filtered or unexported fields
}

func NewAssumeRoleProviderUnsafeAccessor ¶

func NewAssumeRoleProviderUnsafeAccessor(ptr *stscreds.AssumeRoleProvider) (*AssumeRoleProviderUnsafeAccessor, error)

func (*AssumeRoleProviderUnsafeAccessor) Options ¶

func (a *AssumeRoleProviderUnsafeAccessor) Options() stscreds.AssumeRoleOptions

type CredentialsCacheUnsafeAccessor ¶

type CredentialsCacheUnsafeAccessor struct {
	// contains filtered or unexported fields
}

func NewCredentialsCacheUnsafeAccessor ¶

func NewCredentialsCacheUnsafeAccessor(ptr *aws.CredentialsCache) (*CredentialsCacheUnsafeAccessor, error)

func (*CredentialsCacheUnsafeAccessor) Provider ¶

func (a *CredentialsCacheUnsafeAccessor) Provider() aws.CredentialsProvider

func (*CredentialsCacheUnsafeAccessor) SetProvider ¶

func (a *CredentialsCacheUnsafeAccessor) SetProvider(provider aws.CredentialsProvider)

type FileCacheOptions ¶

type FileCacheOptions struct {
	FileCacheDir string
	ExpiryWindow time.Duration
}

type FileCacheProvider ¶

type FileCacheProvider struct {
	// contains filtered or unexported fields
}

func NewFileCacheProvider ¶

func NewFileCacheProvider(provider aws.CredentialsProvider, cacheKey string, optFns ...func(o *FileCacheOptions)) *FileCacheProvider

func (*FileCacheProvider) Retrieve ¶

func (p *FileCacheProvider) Retrieve(ctx context.Context) (aws.Credentials, error)

type FileCacheProviderError ¶

type FileCacheProviderError = credscache.FileCacheProviderError

type InjectionError ¶

type InjectionError = credscache.InjectionError

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL