creds

package

v2.6.6 Latest Latest Go to latest Published: Feb 19, 2024 License: MIT Imports: 22 Imported by: 8

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/akerl/speculate

Links

Open Source Insights

Documentation ¶

Index ¶

Variables
func StringToCommand(raw string) ([]string, error)
type AssumeRoleOptions
type Creds
type DefaultMfaPrompt
- func (p *DefaultMfaPrompt) Prompt(arn string) (string, error)
type ExecResult
type GetSessionTokenOptions
type LifetimeLimits
type MfaPrompt
type MultiMfaPrompt
type UserAgentItem
type WritableMfaPrompt

Constants ¶

This section is empty.

Variables ¶

View Source

var AssumeRoleLifetimeLimits = LifetimeLimits{Min: 900, Max: 3600 * 12, Default: 3600}

AssumeRoleLifetimeLimits describes the min, max, and default lifespan for the sts:AssumeRole call

View Source

var SessionTokenLifetimeLimits = LifetimeLimits{Min: 900, Max: 3600 * 36, Default: 3600}

SessionTokenLifetimeLimits describes the min, max, and default lifespan for the sts:GetSessionToken call

View Source

var Translations = map[string]map[string]string{
	"envvar": {
		"AWS_ACCESS_KEY_ID":     "AccessKey",
		"AWS_SECRET_ACCESS_KEY": "SecretKey",
		"AWS_SESSION_TOKEN":     "SessionToken",
		"AWS_SECURITY_TOKEN":    "SessionToken",
		"AWS_DEFAULT_REGION":    "Region",
		"AWS_REGION":            "Region",
	},
	"console": {
		"sessionId":    "AccessKey",
		"sessionKey":   "SecretKey",
		"sessionToken": "SessionToken",
	},
}

Translations defines common mappings for credential variables

Functions ¶

func StringToCommand ¶ added in v2.3.1

func StringToCommand(raw string) ([]string, error)

StringToCommand converts a string to a command slice for use in Exec

Types ¶

type AssumeRoleOptions ¶

type AssumeRoleOptions struct {
	RoleName    string
	AccountID   string
	SessionName string
	Policy      string
	Lifetime    int64
	UseMfa      bool
	MfaCode     string
	MfaPrompt   MfaPrompt
}

AssumeRoleOptions defines the available parameters for assuming roles

type Creds ¶

type Creds struct {
	AccessKey, SecretKey, SessionToken, Region string
	UserAgentItems                             []UserAgentItem
}

Creds defines a set of AWS credentials

func New ¶

func New(argCreds map[string]string) (Creds, error)

New initializes credentials from a map

func NewFromEnv ¶

func NewFromEnv() (Creds, error)

NewFromEnv initializes credentials from the environment variables

func NewFromStsSdk ¶

func NewFromStsSdk(stsCreds *sts.Credentials) (Creds, error)

NewFromStsSdk initializes a credential object from an AWS SDK Credentials object

func (Creds) AccountID ¶

func (c Creds) AccountID() (string, error)

AccountID returns the user's account ID

func (Creds) AssumeRole ¶

func (c Creds) AssumeRole(options AssumeRoleOptions) (Creds, error)

AssumeRole executes an AWS role assumption

func (Creds) Client ¶

func (c Creds) Client() (*sts.STS, error)

Client returns an AWS STS client for these creds

func (Creds) Exec ¶ added in v2.1.0

func (c Creds) Exec(command []string) ExecResult

Exec runs a command with the provided credentials

func (Creds) ExecString ¶ added in v2.1.0

func (c Creds) ExecString(command string) ExecResult

ExecString runs a simple command with the provided credentials

func (Creds) GetSessionToken ¶

func (c Creds) GetSessionToken(options GetSessionTokenOptions) (Creds, error)

GetSessionToken executes an AWS session token request

func (Creds) MfaArn ¶

func (c Creds) MfaArn() (string, error)

MfaArn returns the user's virtual MFA token ARN

func (Creds) Session ¶

func (c Creds) Session() (*session.Session, error)

Session returns an AWS SDK session suitable for making API clients

func (Creds) ToConsoleURL ¶

func (c Creds) ToConsoleURL() (string, error)

ToConsoleURL returns a console URL for the role

func (Creds) ToCustomConsoleURL ¶

func (c Creds) ToCustomConsoleURL(dest string) (string, error)

ToCustomConsoleURL returns a console URL with a custom path

func (Creds) ToEnvVars ¶

func (c Creds) ToEnvVars() []string

ToEnvVars returns environment variables suitable for evaling on the current platform

func (Creds) ToEnviron ¶ added in v2.1.0

func (c Creds) ToEnviron() []string

ToEnviron returns a golang os.Environ object built from the current env plus these credentials

func (Creds) ToLinuxEnvVars ¶ added in v2.0.8

func (c Creds) ToLinuxEnvVars() []string

ToLinuxEnvVars returns environment variables suitable for eval-ing into the POSIX shell

func (Creds) ToMap ¶

func (c Creds) ToMap() map[string]string

ToMap returns the credentials as a map of field names to strings

func (*Creds) ToSdk ¶

func (c *Creds) ToSdk() *credentials.Credentials

ToSdk returns an AWS SDK Credentials object

func (Creds) ToSignoutURL ¶

func (c Creds) ToSignoutURL() (string, error)

ToSignoutURL returns a signout URL for the console

func (Creds) ToWindowsEnvVars ¶ added in v2.0.8

func (c Creds) ToWindowsEnvVars() []string

ToWindowsEnvVars returns environment variables suitable for eval-ing into Windows Powershell

func (Creds) Translate ¶

func (c Creds) Translate(dictionary map[string]string) map[string]string

Translate converts credentials based on a map of field names

func (Creds) UserName ¶

func (c Creds) UserName() (string, error)

UserName returns the current user name

type DefaultMfaPrompt ¶

type DefaultMfaPrompt struct {
	PromptTextFunc func(string) string
}

DefaultMfaPrompt defines the standard CLI-based MFA prompt

func (*DefaultMfaPrompt) Prompt ¶

func (p *DefaultMfaPrompt) Prompt(arn string) (string, error)

Prompt asks the user for their MFA token

type ExecResult ¶ added in v2.1.0

type ExecResult struct {
	Error    error  `json:"error"`
	ExitCode int    `json:"exitcode"`
	StdOut   string `json:"stdout"`
	StdErr   string `json:"stderr"`
}

ExecResult returns the results of executing a command

type GetSessionTokenOptions ¶

type GetSessionTokenOptions struct {
	Lifetime  int64
	UseMfa    bool
	MfaCode   string
	MfaPrompt MfaPrompt
}

GetSessionTokenOptions defines the available parameters for session tokens

type LifetimeLimits ¶ added in v2.1.3

type LifetimeLimits struct {
	Min, Max, Default int64
}

LifetimeLimits describes the minimum, maximum, and default values for credential lifespan

type MfaPrompt ¶

type MfaPrompt interface {
	Prompt(string) (string, error)
}

MfaPrompt defines an object which recieves an Mfa ARN and returns an Mfa code

type MultiMfaPrompt ¶ added in v2.0.6

type MultiMfaPrompt struct {
	Backends []MfaPrompt
}

MultiMfaPrompt allows a slice of sequential backends to check for Mfa

func (*MultiMfaPrompt) Prompt ¶ added in v2.0.6

func (m *MultiMfaPrompt) Prompt(arn string) (string, error)

Prompt iterates through the backends to find an Mfa code

func (*MultiMfaPrompt) RetryText ¶ added in v2.4.0

func (m *MultiMfaPrompt) RetryText(arn string) string

RetryText returns helper text for retrying a failed mfa storage

func (*MultiMfaPrompt) Store ¶ added in v2.4.0

func (m *MultiMfaPrompt) Store(arn, seed string) error

Store attempts to store the Mfa in a backend

type UserAgentItem ¶ added in v2.2.0

type UserAgentItem struct {
	Name, Version string
	Extra         []string
}

UserAgentItem defines an entry in the HTTP User Agent field

type WritableMfaPrompt ¶ added in v2.4.0

type WritableMfaPrompt interface {
	Store(string, string) error
	RetryText(string) string
}

WritableMfaPrompt defines an MFA Prompt which can store a new secret

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL