package ec2rolecreds

import "github.com/aws/aws-sdk-go-v2/aws/ec2rolecreds"

Index

Constants

const ProviderName = "EC2RoleProvider"

ProviderName provides a name of EC2Role provider

Types

type Provider

type Provider struct {
	aws.SafeCredentialsProvider

	// Required EC2Metadata client to use when connecting to EC2 metadata service.
	Client *ec2metadata.Client

	// ExpiryWindow will allow the credentials to trigger refreshing prior to
	// the credentials actually expiring. This is beneficial so race conditions
	// with expiring credentials do not cause request to fail unexpectedly
	// due to ExpiredTokenException exceptions.
	//
	// So a ExpiryWindow of 10s would cause calls to IsExpired() to return true
	// 10 seconds before the credentials are actually expired.
	//
	// If ExpiryWindow is 0 or less it will be ignored.
	ExpiryWindow time.Duration
}

A Provider retrieves credentials from the EC2 service, and keeps track if those credentials are expired.

The NewProvider function must be used to create the Provider.

p := &ec2rolecreds.NewProvider(ec2metadata.New(cfg))

// Expire the credentials 10 minutes before IAM states they should. Proactivily
// refreshing the credentials.
p.ExpiryWindow = 10 * time.Minute

func NewProvider

func NewProvider(client *ec2metadata.Client) *Provider

NewProvider returns an initialized Provider value configured to retrieve credentials from EC2 Instance Metadata service.

Source Files

provider.go

Version
v0.9.0
Published
May 28, 2019
Platform
darwin/amd64
Imports
9 packages
Last checked
5 minutes ago

Tools for package owners.