aws

package

v2.14.0 Latest Latest Go to latest Published: Apr 25, 2024 License: Apache-2.0 Imports: 20 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/kedacore/keda

Links

Open Source Insights

Documentation ¶

Overview ¶

This file contains all the logic for caching aws.Config across all the (AWS) triggers. The first time when an aws.Config is requested, it's cached based on the authentication info (roleArn, Key&Secret, keda itself) and it's returned every time when an aws.Config is requested for the same authentication info. This is required because if we don't cache and share them, each scaler generates and refresh it's own token although all the tokens grants the same permissions

Index ¶

Variables
func ClearAwsConfig(awsAuthorization AuthorizationMetadata)
func GetAwsConfig(ctx context.Context, awsRegion string, awsAuthorization AuthorizationMetadata) (*aws.Config, error)
func NewSigV4RoundTripper(config *scalersconfig.ScalerConfig) (http.RoundTripper, error)
type AuthorizationMetadata
- func GetAwsAuthorization(uniqueKey string, podIdentity kedav1alpha1.AuthPodIdentity, ...) (AuthorizationMetadata, error)

Constants ¶

This section is empty.

Variables ¶

View Source

var (
	// ErrAwsAMPNoAwsRegion is returned when "awsRegion" is missing from the config.
	ErrAwsAMPNoAwsRegion = errors.New("no awsRegion given")
)

View Source

var ErrAwsNoAccessKey = errors.New("awsAccessKeyID not found")

ErrAwsNoAccessKey is returned when awsAccessKeyID is missing.

Functions ¶

func ClearAwsConfig ¶

func ClearAwsConfig(awsAuthorization AuthorizationMetadata)

ClearAwsConfig wraps the removal of the config from the cache

func GetAwsConfig ¶

func GetAwsConfig(ctx context.Context, awsRegion string, awsAuthorization AuthorizationMetadata) (*aws.Config, error)

GetAwsConfig returns an *aws.Config for a given AuthorizationMetadata If AuthorizationMetadata uses static credentials or `aws` auth, we recover the *aws.Config from the shared cache. If not, we generate a new entry on each request

func NewSigV4RoundTripper ¶

func NewSigV4RoundTripper(config *scalersconfig.ScalerConfig) (http.RoundTripper, error)

NewSigV4RoundTripper returns a new http.RoundTripper that will sign requests using Amazon's Signature Verification V4 signing procedure. The request will then be handed off to the next RoundTripper provided by next. If next is nil, http.DefaultTransport will be used.

Credentials for signing are retrieving used the default AWS credential chain. If credentials could not be found, an error will be returned.

Types ¶

type AuthorizationMetadata ¶

type AuthorizationMetadata struct {
	AwsRoleArn string

	AwsAccessKeyID     string
	AwsSecretAccessKey string
	AwsSessionToken    string

	// Deprecated
	PodIdentityOwner bool
	// Pod identity owner is confusing and it'll be removed when we get
	// rid of the old aws podIdentities (aws-eks and aws-kiam) as UsingPodIdentity
	// replaces it. For more context:
	// https://github.com/kedacore/keda/pull/5061/#discussion_r1441016441
	UsingPodIdentity bool

	TriggerUniqueKey string
}

func GetAwsAuthorization ¶

func GetAwsAuthorization(uniqueKey string, podIdentity kedav1alpha1.AuthPodIdentity, triggerMetadata, authParams, resolvedEnv map[string]string) (AuthorizationMetadata, error)

GetAwsAuthorization returns an AuthorizationMetadata based on trigger information

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL