awsutil

package
v0.6.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 3, 2025 License: Apache-2.0 Imports: 17 Imported by: 1

Documentation

Index

Constants

View Source 
const (
	AwsFederatedSigninEndpointTemplate = "https://%v.signin.aws.amazon.com/federation"
	AwsConsoleURLTemplate              = "https://%v.console.aws.amazon.com/"
	DefaultIssuer                      = "Red Hat SRE"
)
View Source 
const (
	PolicyVersion = "2012-10-17"
)

Variables

This section is empty.

Functions

func AssumeRole 

func AssumeRole(
	stsClient stscreds.AssumeRoleAPIClient,
	roleSessionName string,
	roleArn string,
	inlinePolicy *PolicyDocument,
	policyARNs []types.PolicyDescriptorType,
) (aws.Credentials, error)

func AssumeRoleSequence 

func AssumeRoleSequence(
	seedClient stscreds.AssumeRoleAPIClient,
	roleArnSessionSequence []RoleArnSession,
	proxyURL *string,
	stsClientProviderFunc STSClientProviderFunc,
) (aws.Credentials, error)

func AssumeRoleWithJWT 

func AssumeRoleWithJWT(jwt string, roleArn string, stsClient stscreds.AssumeRoleWithWebIdentityAPIClient) (aws.Credentials, error)

func GetConsoleURL added in v0.1.11 

func GetConsoleURL(signinToken string, region string, sessionDurationMinutes int) (*url.URL, error)

func StsClient added in v0.1.20 

func StsClient(proxyURL *string) (*sts.Client, error)

Returns a new stsclient, proxy is optional.

Types

type AWSFederatedSessionData added in v0.1.11 

type AWSFederatedSessionData struct {
	SessionID    string `json:"sessionId"`
	SessionKey   string `json:"sessionKey"`
	SessionToken string `json:"sessionToken"`
}

type AWSSigninTokenResponse added in v0.1.11 

type AWSSigninTokenResponse struct {
	SigninToken string
}

func GetSigninToken added in v0.1.11 

func GetSigninToken(awsCredentials aws.Credentials, region string) (*AWSSigninTokenResponse, error)

type Condition added in v0.1.41 

type Condition struct {
	//nolint NotIpAddress is required from AWS Policy
	NotIpAddress IPAddress `json:"NotIpAddress"`
}

type IPAddress added in v0.1.41 

type IPAddress struct {
	//nolint SourceIp is required from AWS Policy
	SourceIp []string `json:"aws:SourceIp"`
}

type IdentityTokenValue added in v0.1.15 

type IdentityTokenValue string

IdentityTokenValue is for retrieving an identity token from the given file name

func (IdentityTokenValue) GetIdentityToken added in v0.1.15 

func (j IdentityTokenValue) GetIdentityToken() ([]byte, error)

GetIdentityToken retrieves the JWT token from the file and returns the contents as a []byte

type PolicyDocument added in v0.1.41 

type PolicyDocument struct {
	Version   string            `json:"Version"`
	Statement []PolicyStatement `json:"Statement"`
}

func NewPolicyDocument added in v0.1.41 

func NewPolicyDocument(version string, statements []PolicyStatement) PolicyDocument

func (PolicyDocument) BuildPolicyWithRestrictedIP added in v0.1.41 

func (p PolicyDocument) BuildPolicyWithRestrictedIP(ipAddress IPAddress) (PolicyDocument, error)

func (PolicyDocument) String added in v0.1.41 

func (p PolicyDocument) String() string

type PolicyDocumentInterface added in v0.1.41 

type PolicyDocumentInterface interface {
	String() (string, error)
	BuildPolicyWithRestrictedIP(ipAddress IPAddress) (PolicyDocument, error)
}

type PolicyStatement added in v0.1.41 

type PolicyStatement struct {
	Sid       string            `json:"Sid"`        // Statement ID
	Effect    string            `json:"Effect"`     // Allow or Deny
	Action    []string          `json:"Action"`     // allowed or denied action
	Principal map[string]string `json:",omitempty"` // principal that is allowed or denied
	Resource  *string           `json:",omitempty"` // object or objects that the statement covers
	Condition *Condition        `json:",omitempty"` // conditions for when a policy is in effect
}

func NewPolicyStatement added in v0.1.41 

func NewPolicyStatement(sid string, affect string, action []string) PolicyStatement

func (PolicyStatement) AddCondition added in v0.1.41 

func (ps PolicyStatement) AddCondition(condition *Condition) PolicyStatement

func (PolicyStatement) AddResource added in v0.1.41 

func (ps PolicyStatement) AddResource(resource *string) PolicyStatement

type RoleArnSession added in v0.1.23 

type RoleArnSession struct {
	Name            string
	RoleSessionName string
	RoleArn         string
	IsCustomerRole  bool
	Policy          *PolicyDocument
	PolicyARNs      []types.PolicyDescriptorType
}

type STSClientProviderFunc 

type STSClientProviderFunc func(optFns ...func(*config.LoadOptions) error) (stscreds.AssumeRoleAPIClient, error)
var DefaultSTSClientProviderFunc STSClientProviderFunc = func(optnFns ...func(options *config.LoadOptions) error) (stscreds.AssumeRoleAPIClient, error) {
	cfg, err := config.LoadDefaultConfig(context.TODO(), optnFns...)
	if err != nil {
		return nil, fmt.Errorf("failed to load default AWS config: %w", err)
	}
	return sts.NewFromConfig(cfg), nil
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.