Documentation ¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type AWSConfigProvider ¶
type AWSConfigProvider struct {
// contains filtered or unexported fields
}
AWSConfigProvider Fetches profile and credential data from aws configuration files
func NewAWSConfigProvider ¶
func NewAWSConfigProvider(configPath string, credentialsPath string) (*AWSConfigProvider, error)
NewAWSConfigProvider returns a pointer to a new instance of the AWSConfigProvider
func (*AWSConfigProvider) GetCredentials ¶
func (c *AWSConfigProvider) GetCredentials(profileName string) (*CredentialsValue, error)
GetCredentials returns credentials for a profile in the credentials file if it exists and is not expired, or nil otherwise
func (*AWSConfigProvider) GetProfile ¶
func (c *AWSConfigProvider) GetProfile(profileName string) (*ProfileConfig, error)
GetProfile retrieves a profile from the config file if it exists, or an error if no profile is found
func (*AWSConfigProvider) SetCredentials ¶
func (c *AWSConfigProvider) SetCredentials(profileName string, credentials *CredentialsValue) error
SetCredentials stores the provided credentials in the credentials file
type AssumeRoleOptions ¶
type AssumeRoleOptions struct { ProfileName string SourceProfile string RoleARN string MFASerial string ExternalID string RoleSessionName string SessionDuration time.Duration }
AssumeRoleOptions holds the configurations values to be passed to the AssumeRole function
type ConfigProvider ¶
type ConfigProvider interface { GetProfile(profileName string) (*ProfileConfig, error) GetCredentials(profileName string) (*CredentialsValue, error) SetCredentials(profileName string, credentials *CredentialsValue) error }
ConfigProvider is an interface to retrieve config and credentials stored locally
type CredentialsClient ¶
type CredentialsClient struct { ConfigProvider ConfigProvider CredentialsProvider CredentialsProvider }
CredentialsClient manages locally stored data and fetching fresh credentials
func NewCredentialsClient ¶
func NewCredentialsClient(configPath string, credentialsPath string) (*CredentialsClient, error)
NewCredentialsClient creates a new credentials client that can assume role and fetch temporary credentials
func (*CredentialsClient) GetCredentials ¶
func (c *CredentialsClient) GetCredentials(options AssumeRoleOptions) (*CredentialsValue, error)
GetCredentials retrieves credentials from the credentials file. If they are not valid or not present, fresh credentials are fetched from the STS service
type CredentialsProvider ¶
type CredentialsProvider interface {
AssumeRole(options AssumeRoleOptions) (*CredentialsValue, error)
}
CredentialsProvider is an interface to retrieve temporary credentials for a profile in the AWS config file
type CredentialsValue ¶
type CredentialsValue struct { AccessKeyID string `ini:"aws_access_key_id"` SecretAccessKey string `ini:"aws_secret_access_key"` SessionToken string `ini:"aws_session_token"` SessionExpiration time.Time `ini:"aws_session_expiration"` }
CredentialsValue represents the temporary credentials returned by AWS or read from the credentials file
type ProfileConfig ¶
type ProfileConfig struct { SourceProfile string `ini:"source_profile"` RoleArn string `ini:"role_arn"` MfaSerial string `ini:"mfa_serial"` ExternalID string `ini:"external_id"` Region string `ini:"region"` RoleSessionName string `ini:"role_session_name"` }
ProfileConfig contains the properties for a profile stored in the config file
type STSCredentialsProvider ¶
type STSCredentialsProvider struct{}
STSCredentialsProvider fetches credentials from the AWS STS Service
func (*STSCredentialsProvider) AssumeRole ¶
func (s *STSCredentialsProvider) AssumeRole(options AssumeRoleOptions) (*CredentialsValue, error)
AssumeRole calls sts:AssumeRole and returns temporary credentials