sigv4authextension

package module

v0.98.0 Latest Latest Go to latest Published: Apr 11, 2024 License: Apache-2.0 Imports: 20 Imported by: 12

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/open-telemetry/opentelemetry-collector-contrib

Links

Open Source Insights

README ¶

Authenticator - Sigv4

Status
Stability	beta
Distributions	contrib
Issues
Code Owners	@Aneurysm9, @erichsueh3

This extension provides Sigv4 authentication for making requests to AWS services. For more information on the Sigv4 process, please look here.

Configuration

The configuration fields are as follows:

assume_role: Optional. Specifies the configuration needed to assume a role
- arn: The Amazon Resource Name (ARN) of a role to assume
- session_name: Optional. The name of a role session
- sts_region: The AWS region where STS is used to assumed the configured role
  - Note that if a role is intended to be assumed, and sts_region is not provided, then sts_region will default to the value for region if region is provided
region: Optional. The AWS region for the service you are exporting to for AWS Sigv4. This is differentiated from sts_region to handle cross region authentication
- Note that an attempt will be made to obtain a valid region from the endpoint of the service you are exporting to
- List of AWS regions
service: Optional. The AWS service for AWS Sigv4
- Note that an attempt will be made to obtain a valid service from the endpoint of the service you are exporting to

extensions:
  sigv4auth:
    assume_role:
      arn: "arn:aws:iam::123456789012:role/aws-service-role/access"
      sts_region: "us-east-1"

receivers:
  hostmetrics:
    scrapers:
      memory:

exporters:
  prometheusremotewrite:
    endpoint: "https://aps-workspaces.us-west-2.amazonaws.com/workspaces/ws-XXX/api/v1/remote_write"
    auth:
      authenticator: sigv4auth

service:
  extensions: [sigv4auth]
  pipelines:
    metrics:
      receivers: [hostmetrics]
      processors: []
      exporters: [prometheusremotewrite]

Notes

The collector must have valid AWS credentials as used by the AWS SDK for Go

Documentation ¶

Overview ¶

Package sigv4authextension implements the `auth.Client` interface. This extension provides the Sigv4 process of adding authentication information to AWS API requests sent by HTTP. As such, the extension can be used for HTTP based exporters that export to AWS services.

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func NewFactory ¶

func NewFactory() extension.Factory

NewFactory creates a factory for the Sigv4 Authenticator extension.

Types ¶

type AssumeRole ¶

type AssumeRole struct {
	ARN         string `mapstructure:"arn,omitempty"`
	SessionName string `mapstructure:"session_name,omitempty"`
	STSRegion   string `mapstructure:"sts_region,omitempty"`
}

AssumeRole holds the configuration needed to assume a role

type Config ¶

type Config struct {
	Region     string     `mapstructure:"region,omitempty"`
	Service    string     `mapstructure:"service,omitempty"`
	AssumeRole AssumeRole `mapstructure:"assume_role"`
	// contains filtered or unexported fields
}

Config stores the configuration for the Sigv4 Authenticator

func (*Config) Validate ¶

func (cfg *Config) Validate() error

Validate checks that the configuration is valid. We aim to catch most errors here to ensure that we fail early and to avoid revalidating static data.

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
internal
metadata

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL