package impersonate
import "cloud.google.com/go/auth/credentials/internal/impersonate"
Index ¶
Functions ¶
func NewTokenProvider ¶
func NewTokenProvider(opts *Options) (auth.TokenProvider, error)
NewTokenProvider uses a source credential, stored in Ts, to request an access token to the provided URL. Scopes can be defined when the access token is requested.
Types ¶
type Options ¶
type Options struct {
// Tp is the source credential used to generate a token on the
// impersonated service account. Required.
Tp auth.TokenProvider
// URL is the endpoint to call to generate a token
// on behalf of the service account. Required.
URL string
// Scopes that the impersonated credential should have. Required.
Scopes []string
// Delegates are the service account email addresses in a delegation chain.
// Each service account must be granted roles/iam.serviceAccountTokenCreator
// on the next service account in the chain. Optional.
Delegates []string
// TokenLifetimeSeconds is the number of seconds the impersonation token will
// be valid for. Defaults to 1 hour if unset. Optional.
TokenLifetimeSeconds int
// Client configures the underlying client used to make network requests
// when fetching tokens. Required.
Client *http.Client
// Logger is used for debug logging. If provided, logging will be enabled
// at the loggers configured level. By default logging is disabled unless
// enabled by setting GOOGLE_SDK_GO_LOGGING_LEVEL in which case a default
// logger will be used. Optional.
Logger *slog.Logger
}
Options for NewTokenProvider.
func (*Options) Token ¶
Token performs the exchange to get a temporary service account token to allow access to GCP.
Source Files ¶
impersonate.go
- Version
- v0.13.0
- Published
- Dec 16, 2024
- Platform
- darwin/amd64
- Imports
- 11 packages
- Last checked
- 5 minutes ago –
Tools for package owners.