package aws
import "github.com/oslokommune/okctl/pkg/credentials/aws"
Package aws knows how to orchestrate a login to AWS using various methods
Index ¶
- Constants
- func AreExpired(expires time.Time) bool
- type Auth
- func New(persister Persister, retriever Retriever, retrievers ...Retriever) *Auth
- func (a *Auth) AsEnv() ([]string, error)
- func (a *Auth) Raw() (*Credentials, error)
- func (a *Auth) Resolve() (*Credentials, error)
- type AuthStatic
- func NewAuthStatic(creds *Credentials) *AuthStatic
- func (a *AuthStatic) Invalidate()
- func (a *AuthStatic) Retrieve() (*Credentials, error)
- func (a *AuthStatic) Valid() bool
- type Authenticator
- type Credentials
- type FileSystemIniStorer
- func NewFileSystemIniStorer(awsConfigFileName, awsCredentialsFileName, baseDir string, fileSystem *afero.Afero) *FileSystemIniStorer
- func (f *FileSystemIniStorer) Read() (*IniStorerData, error)
- func (f *FileSystemIniStorer) Write(data *IniStorerData) error
- type InMemoryPersister
- func NewInMemoryStorage() *InMemoryPersister
- func (n *InMemoryPersister) Get() (*Credentials, error)
- func (n *InMemoryPersister) Save(credentials *Credentials) error
- type IniConfig
- type IniCredentials
- type IniPersister
- func NewIniPersister(store IniStorer) *IniPersister
- func (s *IniPersister) Get() (*Credentials, error)
- func (s *IniPersister) Save(credentials *Credentials) error
- type IniStorer
- type IniStorerData
- type KeyGetter
- type Persister
- type Retriever
- func NewAuthEnvironment(region string, getter KeyGetter) (Retriever, error)
- func NewAuthProfile(region string, getter KeyGetter) (Retriever, error)
- type StsProviderFn
Constants ¶
const IniProfileName = "default"
IniProfileName sets the aws profile name, we use the default, umm, default
Functions ¶
func AreExpired ¶
AreExpired returns true if the credentials have expired
Types ¶
type Auth ¶
type Auth struct {
Retrievers []Retriever
Persister Persister
// contains filtered or unexported fields
}
Auth stores state for fetching credentials
func New ¶
New returns an AWS credentials provider, it will attempt to retrieve valid credentials by following the retrievers in the order they are provided
func (*Auth) AsEnv ¶
AsEnv returns the AWS credentials as env vars
func (*Auth) Raw ¶
func (a *Auth) Raw() (*Credentials, error)
Raw returns the raw credentials
func (*Auth) Resolve ¶
func (a *Auth) Resolve() (*Credentials, error)
Resolve the available authenticators until we succeed
type AuthStatic ¶
type AuthStatic struct {
Credentials *Credentials
IsValid bool
}
AuthStatic simply returns the provided credentials
func NewAuthStatic ¶
func NewAuthStatic(creds *Credentials) *AuthStatic
NewAuthStatic returns an initialised static authenticator
func (*AuthStatic) Invalidate ¶
func (a *AuthStatic) Invalidate()
Invalidate the authenticator
func (*AuthStatic) Retrieve ¶
func (a *AuthStatic) Retrieve() (*Credentials, error)
Retrieve returns the stored credentials
func (*AuthStatic) Valid ¶
func (a *AuthStatic) Valid() bool
Valid returns true if the authenticator is valid
type Authenticator ¶
type Authenticator interface {
Raw() (*Credentials, error)
AsEnv() ([]string, error)
}
Authenticator knows how to orchestrate getting credentials
type Credentials ¶
type Credentials struct {
AwsProfile string
AccessKeyID string
SecretAccessKey string
SessionToken string
SecurityToken string
PrincipalARN string
Expires time.Time
Region string
}
Credentials contains all data required for using AWS
type FileSystemIniStorer ¶
type FileSystemIniStorer struct {
FileSystem *afero.Afero
BaseDir string
AwsCredentialsFileName string
AwsConfigFileName string
}
FileSystemIniStorer maintains the required state for reading and writing the aws credentials from a file system
func NewFileSystemIniStorer ¶
func NewFileSystemIniStorer(awsConfigFileName, awsCredentialsFileName, baseDir string, fileSystem *afero.Afero) *FileSystemIniStorer
NewFileSystemIniStorer returns an initialises file system ini storer
func (*FileSystemIniStorer) Read ¶
func (f *FileSystemIniStorer) Read() (*IniStorerData, error)
Read the data from the filesystem
func (*FileSystemIniStorer) Write ¶
func (f *FileSystemIniStorer) Write(data *IniStorerData) error
Write the data to the filesystem
type InMemoryPersister ¶
type InMemoryPersister struct {
// contains filtered or unexported fields
}
InMemoryPersister is useful for tests and stores the credentials in memory
func NewInMemoryStorage ¶
func NewInMemoryStorage() *InMemoryPersister
NewInMemoryStorage creates a new in memory persister
func (*InMemoryPersister) Get ¶
func (n *InMemoryPersister) Get() (*Credentials, error)
Get the credentials from memory
func (*InMemoryPersister) Save ¶
func (n *InMemoryPersister) Save(credentials *Credentials) error
Save the credentials in memory
type IniConfig ¶
type IniConfig struct {
Region string `ini:"region"`
}
IniConfig serialises the credentials into a ~/.aws/config format
type IniCredentials ¶
type IniCredentials struct {
AccessKeyID string `ini:"aws_access_key_id"`
SecretAccessKey string `ini:"aws_secret_access_key"`
SessionToken string `ini:"aws_session_token"`
SecurityToken string `ini:"aws_security_token"`
PrincipalARN string `ini:"x_principal_arn"`
Expires time.Time `ini:"x_security_token_expires"`
}
IniCredentials serialises the credentials into a ~/.aws/credentials format
type IniPersister ¶
type IniPersister struct {
// contains filtered or unexported fields
}
IniPersister knows how to serialise the credentials to a format compatible with the aws-cli
func NewIniPersister ¶
func NewIniPersister(store IniStorer) *IniPersister
NewIniPersister creates a new ini storer
func (*IniPersister) Get ¶
func (s *IniPersister) Get() (*Credentials, error)
Get retrieves credentials from store and deserializes them
func (*IniPersister) Save ¶
func (s *IniPersister) Save(credentials *Credentials) error
Save serialises and stores the provided credentials
type IniStorer ¶
type IniStorer interface {
Write(*IniStorerData) error
Read() (*IniStorerData, error)
}
IniStorer defines the operations required for writing and reading the serialised credentials
type IniStorerData ¶
IniStorerData contains the data to be read and written
type KeyGetter ¶
KeyGetter defines an interface for retrieving string values based on a key
type Persister ¶
type Persister interface {
Save(credentials *Credentials) error
Get() (*Credentials, error)
}
Persister defines the operations required for a concrete implementation for persisting the credentials
type Retriever ¶
type Retriever interface {
Retrieve() (*Credentials, error)
Invalidate()
Valid() bool
}
Retriever knows how to retrieve credentials
func NewAuthEnvironment ¶
NewAuthEnvironment creates a retriever that fetches credentials from environment variables
func NewAuthProfile ¶
NewAuthProfile creates a retriever that fetches credentials from AWS profile environment variable
type StsProviderFn ¶
StsProviderFn knows how to create an STS API client
Source Files ¶
- Version
- v0.0.106 (latest)
- Published
- Oct 21, 2022
- Platform
- linux/amd64
- Imports
- 10 packages
- Last checked
- 4 days ago –
Tools for package owners.