Documentation

Overview

    Package endpointcreds provides support for retrieving credentials from an arbitrary HTTP endpoint.

    The credentials endpoint Provider can receive both static and refreshable credentials that will expire. Credentials are static when an "Expiration" value is not provided in the endpoint's response.

    Static credentials will never expire once they have been retrieved. The format of the static credentials response:

    {
        "AccessKeyId" : "MUA...",
        "SecretAccessKey" : "/7PC5om....",
    }
    

    Refreshable credentials will expire within the "ExpiryWindow" of the Expiration value in the response. The format of the refreshable credentials response:

    {
        "AccessKeyId" : "MUA...",
        "SecretAccessKey" : "/7PC5om....",
        "Token" : "AQoDY....=",
        "Expiration" : "2016-02-25T06:03:31Z"
    }
    

    Errors should be returned in the following format and only returned with 400 or 500 HTTP status codes.

    {
        "code": "ErrorCode",
        "message": "Helpful error message."
    }
    

    Index

    Constants

    View Source
    const ProviderName = `CredentialsEndpointProvider`

      ProviderName is the name of the credentials provider.

      Variables

      This section is empty.

      Functions

      This section is empty.

      Types

      type HTTPClient

      type HTTPClient interface {
      	Do(*http.Request) (*http.Response, error)
      }

        HTTPClient is a client for sending HTTP requests

        type Options

        type Options struct {
        	// Endpoint to retrieve credentials from. Required
        	Endpoint string
        
        	// HTTPClient to handle sending HTTP requests to the target endpoint.
        	HTTPClient HTTPClient
        
        	// Set of options to modify how the credentials operation is invoked.
        	APIOptions []func(*middleware.Stack) error
        
        	// The Retryer to be used for determining whether a failed requested should be retried
        	Retryer aws.Retryer
        
        	// Optional authorization token value if set will be used as the value of
        	// the Authorization header of the endpoint credential request.
        	AuthorizationToken string
        }

          Options is structure of configurable options for Provider

          type Provider

          type Provider struct {
          	// contains filtered or unexported fields
          }

            Provider satisfies the aws.CredentialsProvider interface, and is a client to retrieve credentials from an arbitrary endpoint.

            func New

            func New(endpoint string, optFns ...func(*Options)) *Provider

              New returns a credentials Provider for retrieving AWS credentials from arbitrary endpoint.

              func (*Provider) Retrieve

              func (p *Provider) Retrieve(ctx context.Context) (aws.Credentials, error)

                Retrieve will attempt to request the credentials from the endpoint the Provider was configured for. And error will be returned if the retrieval fails.

                Source Files

                Directories

                Path Synopsis
                internal