Documentation

Overview

    Package credentials provides credential retrieval and management.

    Almost all of the code in this directory has been adapted from the AWS SDK for Go. https://github.com/aws/aws-sdk-go.

    A key simplification is that Mechanical Turk does not support temporary credentials (session tokens), and so credentials do not need to support expiry.

    Index

    Constants

    View Source
    const EnvProviderName = "EnvProvider"

      EnvProviderName provides a name of Env provider

      View Source
      const SharedCredsProviderName = "SharedCredentialsProvider"

        SharedCredsProviderName provides a name of SharedCreds provider

        View Source
        const StaticProviderName = "StaticProvider"

          StaticProviderName provides a name of Static provider

          Variables

            Default credentials for use when credentials are not explicitly specified.

            View Source
            var Logger *log.Logger

              Logger can be set to help diagnose problems acquiring credentials

              Functions

              This section is empty.

              Types

              type ChainProvider

              type ChainProvider struct {
              	Providers []Provider
              }

                A ChainProvider will search for a provider which returns credentials and cache that provider until Retrieve is called again.

                The ChainProvider provides a way of chaining multiple providers together which will pick the first available using priority order of the Providers in the list.

                If none of the Providers retrieve valid credentials Value, ChainProvider's Retrieve() will return an error.

                If a Provider is found which returns valid credentials Value ChainProvider will cache that Provider until Retrieve is called again.

                func (*ChainProvider) Retrieve

                func (c *ChainProvider) Retrieve() (Value, error)

                  Retrieve returns the credentials value or error if no provider returned without error.

                  type Credentials

                  type Credentials struct {
                  	// contains filtered or unexported fields
                  }

                    A Credentials provides synchronous safe retrieval of AWS credentials Value.

                    This model for credentials is based on the AWS SDK for Go. Note, however, that AWS Mechanical Turk does not support temporary credentials, so this implementation is significantly simpler.

                    func NewChainCredentials

                    func NewChainCredentials(providers ...Provider) *Credentials

                      NewChainCredentials returns a pointer to a new Credentials object wrapping a chain of providers.

                      func NewCredentials

                      func NewCredentials(provider Provider) *Credentials

                        NewCredentials returns a pointer to a new Credentials with the provider set.

                        func NewEnvCredentials

                        func NewEnvCredentials() *Credentials

                          NewEnvCredentials returns a pointer to a new Credentials object wrapping the environment variable provider.

                          func NewSharedCredentials

                          func NewSharedCredentials(filename, profile string) *Credentials

                            NewSharedCredentials returns a pointer to a new Credentials object wrapping the Profile file provider.

                            func NewStaticCredentials

                            func NewStaticCredentials(id, secret string) *Credentials

                              NewStaticCredentials returns a pointer to a new Credentials object wrapping a static credentials value provider.

                              func (*Credentials) Get

                              func (c *Credentials) Get() (Value, error)

                                Get returns the credentials value, or error if the credentials Value failed to be retrieved.

                                type EnvProvider

                                type EnvProvider struct{}

                                  A EnvProvider retrieves credentials from the environment variables of the running process. Environment credentials never expire.

                                  Environment variables used:

                                  * Access Key ID: AWS_ACCESS_KEY_ID or AWS_ACCESS_KEY * Secret Access Key: AWS_SECRET_ACCESS_KEY or AWS_SECRET_KEY

                                  func (*EnvProvider) Retrieve

                                  func (e *EnvProvider) Retrieve() (Value, error)

                                    Retrieve retrieves the keys from the environment.

                                    type Provider

                                    type Provider interface {
                                    	// Retrieve returns the credentials value, or an error if the
                                    	// credentials cannot be obtained.
                                    	Retrieve() (Value, error)
                                    }

                                      A Provider is the interface for any component which will provide credentials.

                                      type SharedCredentialsProvider

                                      type SharedCredentialsProvider struct {
                                      	// Path to the shared credentials file.
                                      	//
                                      	// If empty will look for "AWS_SHARED_CREDENTIALS_FILE" env variable. If the
                                      	// env value is empty will default to current user's home directory.
                                      	// Linux/OSX: "$HOME/.aws/credentials"
                                      	// Windows:   "%USERPROFILE%\.aws\credentials"
                                      	Filename string
                                      
                                      	// AWS Profile to extract credentials from the shared credentials file. If empty
                                      	// will default to environment variable "AWS_PROFILE" or "default" if
                                      	// environment variable is also not set.
                                      	Profile string
                                      	// contains filtered or unexported fields
                                      }

                                        A SharedCredentialsProvider retrieves credentials from the current user's home directory.

                                        Profile ini file example: $HOME/.aws/credentials

                                        func (*SharedCredentialsProvider) Retrieve

                                        func (p *SharedCredentialsProvider) Retrieve() (Value, error)

                                          Retrieve reads and extracts the shared credentials from the current users home directory.

                                          type StaticProvider

                                          type StaticProvider struct {
                                          	Value
                                          }

                                            A StaticProvider is a set of credentials which are set programmatically, and will never expire.

                                            func (*StaticProvider) Retrieve

                                            func (s *StaticProvider) Retrieve() (Value, error)

                                              Retrieve returns the credentials or error if the credentials are invalid.

                                              type Value

                                              type Value struct {
                                              	// AWS Access Key ID
                                              	AccessKeyID string
                                              
                                              	// AWS Secret Access Key
                                              	SecretAccessKey string
                                              
                                              	// Name of the provider that provided these credentials.
                                              	ProviderName string
                                              }

                                                Value contains the individual AWS credentials fields. Note that AWS Mechanical Turk does not support temporary credentials, which means that there is no session token.