Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type AWSConfigProvider ¶
type AWSConfigProvider struct {
// contains filtered or unexported fields
}
AWSConfigProvider Fetches profile and credential data from aws configuration files
func NewAWSConfigProvider ¶
func NewAWSConfigProvider(configPath string, credentialsPath string) (*AWSConfigProvider, error)
NewAWSConfigProvider returns a pointer to a new instance of the AWSConfigProvider
func (*AWSConfigProvider) GetCredentials ¶
func (c *AWSConfigProvider) GetCredentials(profileName string) (*CredentialsValue, error)
GetCredentials returns credentials for a profile in the credentials file if it exists and is not expired, or nil otherwise
func (*AWSConfigProvider) GetProfile ¶
func (c *AWSConfigProvider) GetProfile(profileName string) (*ProfileConfig, error)
GetProfile retrieves a profile from the config file if it exists, or an error if no profile is found
func (*AWSConfigProvider) SetCredentials ¶
func (c *AWSConfigProvider) SetCredentials(profileName string, credentials *CredentialsValue) error
SetCredentials stores the provided credentials in the credentials file
type AssumeRoleOptions ¶
type AssumeRoleOptions struct {
ProfileName string
SourceProfile string
RoleARN string
MFASerial string
ExternalID string
RoleSessionName string
SessionDuration time.Duration
}
AssumeRoleOptions holds the configurations values to be passed to the AssumeRole function
type ConfigProvider ¶
type ConfigProvider interface {
GetProfile(profileName string) (*ProfileConfig, error)
GetCredentials(profileName string) (*CredentialsValue, error)
SetCredentials(profileName string, credentials *CredentialsValue) error
}
ConfigProvider is an interface to retrieve config and credentials stored locally
type CredentialsClient ¶
type CredentialsClient struct {
ConfigProvider ConfigProvider
CredentialsProvider CredentialsProvider
}
CredentialsClient manages locally stored data and fetching fresh credentials
func NewCredentialsClient ¶
func NewCredentialsClient(configPath string, credentialsPath string) (*CredentialsClient, error)
NewCredentialsClient creates a new credentials client that can assume role and fetch temporary credentials
func (*CredentialsClient) GetCredentials ¶
func (c *CredentialsClient) GetCredentials(options AssumeRoleOptions) (*CredentialsValue, error)
GetCredentials retrieves credentials from the credentials file. If they are not valid or not present, fresh credentials are fetched from the STS service
type CredentialsProvider ¶
type CredentialsProvider interface {
AssumeRole(options AssumeRoleOptions) (*CredentialsValue, error)
}
CredentialsProvider is an interface to retrieve temporary credentials for a profile in the AWS config file
type CredentialsValue ¶
type CredentialsValue struct {
AccessKeyID string `ini:"aws_access_key_id"`
SecretAccessKey string `ini:"aws_secret_access_key"`
SessionToken string `ini:"aws_session_token"`
SessionExpiration time.Time `ini:"aws_session_expiration"`
}
CredentialsValue represents the temporary credentials returned by AWS or read from the credentials file
type ProfileConfig ¶
type ProfileConfig struct {
SourceProfile string `ini:"source_profile"`
RoleArn string `ini:"role_arn"`
MfaSerial string `ini:"mfa_serial"`
ExternalID string `ini:"external_id"`
Region string `ini:"region"`
RoleSessionName string `ini:"role_session_name"`
}
ProfileConfig contains the properties for a profile stored in the config file
type STSCredentialsProvider ¶
type STSCredentialsProvider struct{}
STSCredentialsProvider fetches credentials from the AWS STS Service
func (*STSCredentialsProvider) AssumeRole ¶
func (s *STSCredentialsProvider) AssumeRole(options AssumeRoleOptions) (*CredentialsValue, error)
AssumeRole calls sts:AssumeRole and returns temporary credentials
Source Files