Documentation

Index

Constants

View Source
const ProviderName = "EC2RoleProvider"

    ProviderName provides a name of EC2Role provider

    Variables

    This section is empty.

    Functions

    func NewCredentials

    func NewCredentials(c client.ConfigProvider, options ...func(*EC2RoleProvider)) *credentials.Credentials

      NewCredentials returns a pointer to a new Credentials object wrapping the EC2RoleProvider. Takes a ConfigProvider to create a EC2Metadata client. The ConfigProvider is satisfied by the session.Session type.

      func NewCredentialsWithClient

      func NewCredentialsWithClient(client *ec2metadata.EC2Metadata, options ...func(*EC2RoleProvider)) *credentials.Credentials

        NewCredentialsWithClient returns a pointer to a new Credentials object wrapping the EC2RoleProvider. Takes a EC2Metadata client to use when connecting to EC2 metadata service.

        Types

        type EC2RoleProvider

        type EC2RoleProvider struct {
        	credentials.Expiry
        
        	// Required EC2Metadata client to use when connecting to EC2 metadata service.
        	Client *ec2metadata.EC2Metadata
        
        	// ExpiryWindow will allow the credentials to trigger refreshing prior to
        	// the credentials actually expiring. This is beneficial so race conditions
        	// with expiring credentials do not cause request to fail unexpectedly
        	// due to ExpiredTokenException exceptions.
        	//
        	// So a ExpiryWindow of 10s would cause calls to IsExpired() to return true
        	// 10 seconds before the credentials are actually expired.
        	//
        	// If ExpiryWindow is 0 or less it will be ignored.
        	ExpiryWindow time.Duration
        }

          A EC2RoleProvider retrieves credentials from the EC2 service, and keeps track if those credentials are expired.

          Example how to configure the EC2RoleProvider with custom http Client, Endpoint or ExpiryWindow

          p := &ec2rolecreds.EC2RoleProvider{
              // Pass in a custom timeout to be used when requesting
              // IAM EC2 Role credentials.
              Client: ec2metadata.New(sess, aws.Config{
                  HTTPClient: &http.Client{Timeout: 10 * time.Second},
              }),
          
              // Do not use early expiry of credentials. If a non zero value is
              // specified the credentials will be expired early
              ExpiryWindow: 0,
          }
          

          func (*EC2RoleProvider) Retrieve

          func (m *EC2RoleProvider) Retrieve() (credentials.Value, error)

            Retrieve retrieves credentials from the EC2 service. Error will be returned if the request fails, or unable to extract the desired credentials.