aws

package module

v0.3.0 Latest Latest Go to latest Published: Sep 20, 2022 License: MPL-2.0 Imports: 12 Imported by: 12

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/hashicorp/vault

Links

Open Source Insights

Documentation ¶

Index ¶

type AWSAuth
- func NewAWSAuth(opts ...LoginOption) (*AWSAuth, error)
- func (a *AWSAuth) Login(ctx context.Context, client *api.Client) (*api.Secret, error)
type LoginOption

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type AWSAuth ¶

type AWSAuth struct {
	// contains filtered or unexported fields
}

func NewAWSAuth ¶

func NewAWSAuth(opts ...LoginOption) (*AWSAuth, error)

NewAWSAuth initializes a new AWS auth method interface to be passed as a parameter to the client.Auth().Login method.

Supported options: WithRole, WithMountPath, WithIAMAuth, WithEC2Auth, WithPKCS7Signature, WithIdentitySignature, WithIAMServerIDHeader, WithNonce, WithRegion

func (a *AWSAuth) Login(ctx context.Context, client *api.Client) (*api.Secret, error)

Login sets up the required request body for the AWS auth method's /login endpoint, and performs a write to it. This method defaults to the "iam" auth type unless NewAWSAuth is called with WithEC2Auth().

The Vault client will set its credentials to the values of the AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, and AWS_SESSION environment variables. To specify a path to a credentials file on disk instead, set the environment variable AWS_SHARED_CREDENTIALS_FILE.

type LoginOption ¶

type LoginOption func(a *AWSAuth) error

func WithEC2Auth ¶

func WithEC2Auth() LoginOption

func WithIAMAuth ¶

func WithIAMAuth() LoginOption

func WithIAMServerIDHeader ¶

func WithIAMServerIDHeader(headerValue string) LoginOption

func WithIdentitySignature ¶

func WithIdentitySignature() LoginOption

WithIdentitySignature will have the client send the cryptographic identity document signature to verify EC2 auth logins. Only used by EC2 auth type. If this option is not provided, will default to using the PKCS #7 signature. The signature type used should match the type of the public AWS cert Vault has been configured with to verify EC2 instance identity. https://www.vaultproject.io/api/auth/aws#create-certificate-configuration

func WithMountPath ¶

func WithMountPath(mountPath string) LoginOption

func WithNonce ¶

func WithNonce(nonce string) LoginOption

WithNonce can be used to specify a named nonce for the ec2 auth login method. If not provided, an automatically-generated uuid will be used instead.

func WithPKCS7Signature ¶

func WithPKCS7Signature() LoginOption

WithPKCS7Signature will explicitly tell the client to send the PKCS #7 signature to verify EC2 auth logins. Only used by EC2 auth type. PKCS #7 is the default, but this method is provided for additional clarity. The signature type used should match the type of the public AWS cert Vault has been configured with to verify EC2 instance identity. https://www.vaultproject.io/api/auth/aws#create-certificate-configuration

func WithRegion ¶

func WithRegion(region string) LoginOption

func WithRole ¶

func WithRole(roleName string) LoginOption

Source Files ¶

View all Source files

aws.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL

Documentation ¶

Index ¶

Constants ¶

Variables ¶

Functions ¶

Types ¶

type AWSAuth ¶

func NewAWSAuth ¶

func (*AWSAuth) Login ¶

type LoginOption ¶

func WithEC2Auth ¶

func WithIAMAuth ¶

func WithIAMServerIDHeader ¶

func WithIdentitySignature ¶

func WithMountPath ¶

func WithNonce ¶

func WithPKCS7Signature ¶

func WithRegion ¶

func WithRole ¶

Source Files ¶