Documentation ¶
Index ¶
- Constants
- Variables
- func AllIssuesHandlers(cred *RefreshableCred, roleName string, opts *CredentialsOpts) (http.HandlerFunc, http.HandlerFunc, http.HandlerFunc)
- func BuildAuthorizationHeader(request *http.Request, body io.ReadSeeker, signedHeadersString string, ...) string
- func CheckValidToken(w http.ResponseWriter, r *http.Request) error
- func CreateSignFunction(privateKey crypto.PrivateKey, certificate x509.Certificate, ...) func(*request.Request)
- func CreateStringToSign(canonicalRequest string, signerParams SignerParams) string
- func FindTokenTTLSeconds(r *http.Request) (string, error)
- func GenerateToken(length int) (string, error)
- func GetCredentialsFileContents() ([]string, error)
- func GetNewCredentialsFileContents(profileName string, readLines []string, cred *TemporaryCredential) []string
- func GetWriteOnlyCredentialsFile() (*os.File, error)
- func InsertToken(token string, expirationTime time.Time) error
- func ReadCertificateBundleData(certificateBundle string) ([]*x509.Certificate, error)
- func ReadPrivateKeyData(privateKey string) (crypto.PrivateKey, error)
- func Serve(port int, credentialsOptions CredentialsOpts)
- func Update(credentialsOptions CredentialsOpts, profile string, once bool)
- func WriteTo(profileName string, readLines []string, cred *TemporaryCredential) error
- type AccessDeniedException
- func (s *AccessDeniedException) Code() string
- func (s *AccessDeniedException) Error() string
- func (s AccessDeniedException) GoString() string
- func (s *AccessDeniedException) Message() string
- func (s *AccessDeniedException) OrigErr() error
- func (s *AccessDeniedException) RequestID() string
- func (s *AccessDeniedException) StatusCode() int
- func (s AccessDeniedException) String() string
- type AssumedRoleUser
- type CertificateData
- type CreateSessionInput
- func (s CreateSessionInput) GoString() string
- func (s *CreateSessionInput) SetCert(v string) *CreateSessionInput
- func (s *CreateSessionInput) SetDurationSeconds(v int64) *CreateSessionInput
- func (s *CreateSessionInput) SetInstanceProperties(v map[string]*string) *CreateSessionInput
- func (s *CreateSessionInput) SetProfileArn(v string) *CreateSessionInput
- func (s *CreateSessionInput) SetRoleArn(v string) *CreateSessionInput
- func (s *CreateSessionInput) SetSessionName(v string) *CreateSessionInput
- func (s *CreateSessionInput) SetTrustAnchorArn(v string) *CreateSessionInput
- func (s CreateSessionInput) String() string
- func (s *CreateSessionInput) Validate() error
- type CreateSessionOutput
- func (s CreateSessionOutput) GoString() string
- func (s *CreateSessionOutput) SetCredentialSet(v []*CredentialResponse) *CreateSessionOutput
- func (s *CreateSessionOutput) SetEnrollmentArn(v string) *CreateSessionOutput
- func (s *CreateSessionOutput) SetSubjectArn(v string) *CreateSessionOutput
- func (s CreateSessionOutput) String() string
- type CredentialProcessOutput
- type CredentialResponse
- func (s CredentialResponse) GoString() string
- func (s *CredentialResponse) SetAssumedRoleUser(v *AssumedRoleUser) *CredentialResponse
- func (s *CredentialResponse) SetCredentials(v *Credentials) *CredentialResponse
- func (s *CredentialResponse) SetPackedPolicySize(v int64) *CredentialResponse
- func (s *CredentialResponse) SetRoleArn(v string) *CredentialResponse
- func (s *CredentialResponse) SetSourceIdentity(v string) *CredentialResponse
- func (s CredentialResponse) String() string
- type CredentialSummary
- func (s CredentialSummary) GoString() string
- func (s *CredentialSummary) SetEnabled(v bool) *CredentialSummary
- func (s *CredentialSummary) SetFailed(v bool) *CredentialSummary
- func (s *CredentialSummary) SetIssuer(v string) *CredentialSummary
- func (s *CredentialSummary) SetSeenAt(v time.Time) *CredentialSummary
- func (s *CredentialSummary) SetSerialNumber(v string) *CredentialSummary
- func (s *CredentialSummary) SetX509Certificate(v []byte) *CredentialSummary
- func (s CredentialSummary) String() string
- type Credentials
- func (s Credentials) GoString() string
- func (s *Credentials) SetAccessKeyId(v string) *Credentials
- func (s *Credentials) SetExpiration(v string) *Credentials
- func (s *Credentials) SetSecretAccessKey(v string) *Credentials
- func (s *Credentials) SetSessionToken(v string) *Credentials
- func (s Credentials) String() string
- type CredentialsOpts
- type Endpoint
- type RefreshableCred
- type RequestHeaderOpts
- type RequestOpts
- type RequestQueryStringOpts
- type ResourceNotFoundException
- func (s *ResourceNotFoundException) Code() string
- func (s *ResourceNotFoundException) Error() string
- func (s ResourceNotFoundException) GoString() string
- func (s *ResourceNotFoundException) Message() string
- func (s *ResourceNotFoundException) OrigErr() error
- func (s *ResourceNotFoundException) RequestID() string
- func (s *ResourceNotFoundException) StatusCode() int
- func (s ResourceNotFoundException) String() string
- type RolesAnywhere
- func (c *RolesAnywhere) CreateSession(input *CreateSessionInput) (*CreateSessionOutput, error)
- func (c *RolesAnywhere) CreateSessionRequest(input *CreateSessionInput) (req *request.Request, output *CreateSessionOutput)
- func (c *RolesAnywhere) CreateSessionWithContext(ctx aws.Context, input *CreateSessionInput, opts ...request.Option) (*CreateSessionOutput, error)
- type RolesAnywhereSigner
- type SessionToken
- type SignerParams
- type SigningOpts
- type SigningResult
- type TemporaryCredential
- type ValidationException
- func (s *ValidationException) Code() string
- func (s *ValidationException) Error() string
- func (s ValidationException) GoString() string
- func (s *ValidationException) Message() string
- func (s *ValidationException) OrigErr() error
- func (s *ValidationException) RequestID() string
- func (s *ValidationException) StatusCode() int
- func (s ValidationException) String() string
Constants ¶
const ( ServiceName = "Roles Anywhere" // Name of service. EndpointsID = "rolesanywhere" // ID to lookup a service endpoint with. ServiceID = "Roles Anywhere" // ServiceID is a unique identifier of a specific service. )
Service information constants
const BufferSize = 49152
const DEFAULT_TOKEN_TTL_SECONDS = "21600"
const DefaultPort = 9911
const EC2_METADATA_TOKEN_HEADER = "x-aws-ec2-metadata-token"
const EC2_METADATA_TOKEN_TTL_HEADER = "x-aws-ec2-metadata-token-ttl-seconds"
const LocalHostAddress = "127.0.0.1"
const MAX_TOKENS = 256
const REFRESHABLE_CRED_CODE = "Success"
const REFRESHABLE_CRED_TYPE = "AWS-HMAC"
const SECURITY_CREDENTIALS_RESOURCE_PATH = "/latest/meta-data/iam/security-credentials/"
const TOKEN_RESOURCE_PATH = "/latest/api/token"
const UpdateRefreshTime = time.Minute * time.Duration(5)
const X_FORWARDED_FOR_HEADER = "X-Forwarded-For"
Variables ¶
var RefreshTime = time.Minute * time.Duration(5)
Functions ¶
func AllIssuesHandlers ¶
func AllIssuesHandlers(cred *RefreshableCred, roleName string, opts *CredentialsOpts) (http.HandlerFunc, http.HandlerFunc, http.HandlerFunc)
func BuildAuthorizationHeader ¶
func BuildAuthorizationHeader(request *http.Request, body io.ReadSeeker, signedHeadersString string, signature string, certificate x509.Certificate, signerParams SignerParams) string
Builds the complete authorization header
func CheckValidToken ¶
func CheckValidToken(w http.ResponseWriter, r *http.Request) error
Helper function that checks to see whether the token provided in the request is valid
func CreateSignFunction ¶
func CreateSignFunction(privateKey crypto.PrivateKey, certificate x509.Certificate, certificateChain []x509.Certificate) func(*request.Request)
Create a function that will sign requests, given the signing certificate, optional certificate chain, and the private key
func CreateStringToSign ¶
func CreateStringToSign(canonicalRequest string, signerParams SignerParams) string
Create the string to sign.
func FindTokenTTLSeconds ¶
Helper function that finds a token's TTL in seconds
func GenerateToken ¶
Generates a random string with the specified length
func GetCredentialsFileContents ¶
Assume that the credentials file is located in the default path: `~/.aws/credentials`
func GetNewCredentialsFileContents ¶
func GetNewCredentialsFileContents(profileName string, readLines []string, cred *TemporaryCredential) []string
Function that will get the new conents of the credentials file after a refresh has been done
func GetWriteOnlyCredentialsFile ¶
Assume that the credentials file exists already and open it for write operations that will overwrite the existing contents of the file
func InsertToken ¶
Removes the token that expires the earliest
func ReadCertificateBundleData ¶
func ReadCertificateBundleData(certificateBundle string) ([]*x509.Certificate, error)
Reads certificate bundle data
func ReadPrivateKeyData ¶
func ReadPrivateKeyData(privateKey string) (crypto.PrivateKey, error)
Load the private key
func Serve ¶
func Serve(port int, credentialsOptions CredentialsOpts)
func Update ¶
func Update(credentialsOptions CredentialsOpts, profile string, once bool)
Updates credentials in the credentials file for the specified profile
Types ¶
type AccessDeniedException ¶
type AccessDeniedException struct { RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` Message_ *string `locationName:"message" type:"string"` // contains filtered or unexported fields }
func (*AccessDeniedException) Code ¶
func (s *AccessDeniedException) Code() string
Code returns the exception type name.
func (*AccessDeniedException) Error ¶
func (s *AccessDeniedException) Error() string
func (AccessDeniedException) GoString ¶
func (s AccessDeniedException) GoString() string
GoString returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
func (*AccessDeniedException) Message ¶
func (s *AccessDeniedException) Message() string
Message returns the exception's message.
func (*AccessDeniedException) OrigErr ¶
func (s *AccessDeniedException) OrigErr() error
OrigErr always returns nil, satisfies awserr.Error interface.
func (*AccessDeniedException) RequestID ¶
func (s *AccessDeniedException) RequestID() string
RequestID returns the service's response RequestID for request.
func (*AccessDeniedException) StatusCode ¶
func (s *AccessDeniedException) StatusCode() int
Status code returns the HTTP status code for the request's response error.
func (AccessDeniedException) String ¶
func (s AccessDeniedException) String() string
String returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
type AssumedRoleUser ¶
type AssumedRoleUser struct { Arn *string `locationName:"arn" type:"string"` AssumedRoleId *string `locationName:"assumedRoleId" type:"string"` // contains filtered or unexported fields }
func (AssumedRoleUser) GoString ¶
func (s AssumedRoleUser) GoString() string
GoString returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
func (*AssumedRoleUser) SetArn ¶
func (s *AssumedRoleUser) SetArn(v string) *AssumedRoleUser
SetArn sets the Arn field's value.
func (*AssumedRoleUser) SetAssumedRoleId ¶
func (s *AssumedRoleUser) SetAssumedRoleId(v string) *AssumedRoleUser
SetAssumedRoleId sets the AssumedRoleId field's value.
func (AssumedRoleUser) String ¶
func (s AssumedRoleUser) String() string
String returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
type CertificateData ¶
type CertificateData struct { // Type for the key contained in the certificate. // Passed back to the `sign-string` command KeyType string `json:"keyType"` // Certificate, as base64-encoded DER; used in the `x-amz-x509` // header in the API request. CertificateData string `json:"certificateData"` // Serial number of the certificate. Used in the credential // field of the Authorization header SerialNumber string `json:"serialNumber"` // Supported signing algorithms based on the KeyType Algorithms []string `json:"supportedAlgorithms"` }
Container for certificate data returned to the SDK as JSON.
func ReadCertificateData ¶
func ReadCertificateData(certificate string) (CertificateData, error)
Load the certificate and extract details required by the SDK to construct the StringToSign.
type CreateSessionInput ¶
type CreateSessionInput struct { Cert *string `location:"header" locationName:"x-amz-x509" type:"string"` DurationSeconds *int64 `locationName:"durationSeconds" min:"900" type:"integer"` InstanceProperties map[string]*string `locationName:"instanceProperties" type:"map"` // ProfileArn is a required field ProfileArn *string `location:"querystring" locationName:"profileArn" type:"string" required:"true"` // RoleArn is a required field RoleArn *string `location:"querystring" locationName:"roleArn" type:"string" required:"true"` SessionName *string `locationName:"sessionName" min:"2" type:"string"` TrustAnchorArn *string `location:"querystring" locationName:"trustAnchorArn" type:"string"` // contains filtered or unexported fields }
func (CreateSessionInput) GoString ¶
func (s CreateSessionInput) GoString() string
GoString returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
func (*CreateSessionInput) SetCert ¶
func (s *CreateSessionInput) SetCert(v string) *CreateSessionInput
SetCert sets the Cert field's value.
func (*CreateSessionInput) SetDurationSeconds ¶
func (s *CreateSessionInput) SetDurationSeconds(v int64) *CreateSessionInput
SetDurationSeconds sets the DurationSeconds field's value.
func (*CreateSessionInput) SetInstanceProperties ¶
func (s *CreateSessionInput) SetInstanceProperties(v map[string]*string) *CreateSessionInput
SetInstanceProperties sets the InstanceProperties field's value.
func (*CreateSessionInput) SetProfileArn ¶
func (s *CreateSessionInput) SetProfileArn(v string) *CreateSessionInput
SetProfileArn sets the ProfileArn field's value.
func (*CreateSessionInput) SetRoleArn ¶
func (s *CreateSessionInput) SetRoleArn(v string) *CreateSessionInput
SetRoleArn sets the RoleArn field's value.
func (*CreateSessionInput) SetSessionName ¶
func (s *CreateSessionInput) SetSessionName(v string) *CreateSessionInput
SetSessionName sets the SessionName field's value.
func (*CreateSessionInput) SetTrustAnchorArn ¶
func (s *CreateSessionInput) SetTrustAnchorArn(v string) *CreateSessionInput
SetTrustAnchorArn sets the TrustAnchorArn field's value.
func (CreateSessionInput) String ¶
func (s CreateSessionInput) String() string
String returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
func (*CreateSessionInput) Validate ¶
func (s *CreateSessionInput) Validate() error
Validate inspects the fields of the type to determine if they are valid.
type CreateSessionOutput ¶
type CreateSessionOutput struct { CredentialSet []*CredentialResponse `locationName:"credentialSet" type:"list"` EnrollmentArn *string `locationName:"enrollmentArn" type:"string"` SubjectArn *string `locationName:"subjectArn" type:"string"` // contains filtered or unexported fields }
func (CreateSessionOutput) GoString ¶
func (s CreateSessionOutput) GoString() string
GoString returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
func (*CreateSessionOutput) SetCredentialSet ¶
func (s *CreateSessionOutput) SetCredentialSet(v []*CredentialResponse) *CreateSessionOutput
SetCredentialSet sets the CredentialSet field's value.
func (*CreateSessionOutput) SetEnrollmentArn ¶
func (s *CreateSessionOutput) SetEnrollmentArn(v string) *CreateSessionOutput
SetEnrollmentArn sets the EnrollmentArn field's value.
func (*CreateSessionOutput) SetSubjectArn ¶
func (s *CreateSessionOutput) SetSubjectArn(v string) *CreateSessionOutput
SetSubjectArn sets the SubjectArn field's value.
func (CreateSessionOutput) String ¶
func (s CreateSessionOutput) String() string
String returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
type CredentialProcessOutput ¶
type CredentialProcessOutput struct { // This field should be hard-coded to 1 for now. Version int `json:"Version"` // AWS Access Key ID AccessKeyId string `json:"AccessKeyId"` // AWS Secret Access Key SecretAccessKey string `json:"SecretAccessKey"` // AWS Session Token for temporary credentials SessionToken string `json:"SessionToken"` // ISO8601 timestamp for when the credentials expire Expiration string `json:"Expiration"` }
Container that adheres to the format of credential_process output as specified by AWS.
func GenerateCredentials ¶
func GenerateCredentials(opts *CredentialsOpts) (CredentialProcessOutput, error)
Function to create session and generate credentials
type CredentialResponse ¶
type CredentialResponse struct { AssumedRoleUser *AssumedRoleUser `locationName:"assumedRoleUser" type:"structure"` Credentials *Credentials `locationName:"credentials" type:"structure"` PackedPolicySize *int64 `locationName:"packedPolicySize" type:"integer"` RoleArn *string `locationName:"roleArn" type:"string"` SourceIdentity *string `locationName:"sourceIdentity" type:"string"` // contains filtered or unexported fields }
func (CredentialResponse) GoString ¶
func (s CredentialResponse) GoString() string
GoString returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
func (*CredentialResponse) SetAssumedRoleUser ¶
func (s *CredentialResponse) SetAssumedRoleUser(v *AssumedRoleUser) *CredentialResponse
SetAssumedRoleUser sets the AssumedRoleUser field's value.
func (*CredentialResponse) SetCredentials ¶
func (s *CredentialResponse) SetCredentials(v *Credentials) *CredentialResponse
SetCredentials sets the Credentials field's value.
func (*CredentialResponse) SetPackedPolicySize ¶
func (s *CredentialResponse) SetPackedPolicySize(v int64) *CredentialResponse
SetPackedPolicySize sets the PackedPolicySize field's value.
func (*CredentialResponse) SetRoleArn ¶
func (s *CredentialResponse) SetRoleArn(v string) *CredentialResponse
SetRoleArn sets the RoleArn field's value.
func (*CredentialResponse) SetSourceIdentity ¶
func (s *CredentialResponse) SetSourceIdentity(v string) *CredentialResponse
SetSourceIdentity sets the SourceIdentity field's value.
func (CredentialResponse) String ¶
func (s CredentialResponse) String() string
String returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
type CredentialSummary ¶
type CredentialSummary struct { Enabled *bool `locationName:"enabled" type:"boolean"` Failed *bool `locationName:"failed" type:"boolean"` Issuer *string `locationName:"issuer" type:"string"` SeenAt *time.Time `locationName:"seenAt" type:"timestamp" timestampFormat:"iso8601"` SerialNumber *string `locationName:"serialNumber" type:"string"` // X509Certificate is automatically base64 encoded/decoded by the SDK. X509Certificate []byte `locationName:"x509Certificate" type:"blob"` // contains filtered or unexported fields }
func (CredentialSummary) GoString ¶
func (s CredentialSummary) GoString() string
GoString returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
func (*CredentialSummary) SetEnabled ¶
func (s *CredentialSummary) SetEnabled(v bool) *CredentialSummary
SetEnabled sets the Enabled field's value.
func (*CredentialSummary) SetFailed ¶
func (s *CredentialSummary) SetFailed(v bool) *CredentialSummary
SetFailed sets the Failed field's value.
func (*CredentialSummary) SetIssuer ¶
func (s *CredentialSummary) SetIssuer(v string) *CredentialSummary
SetIssuer sets the Issuer field's value.
func (*CredentialSummary) SetSeenAt ¶
func (s *CredentialSummary) SetSeenAt(v time.Time) *CredentialSummary
SetSeenAt sets the SeenAt field's value.
func (*CredentialSummary) SetSerialNumber ¶
func (s *CredentialSummary) SetSerialNumber(v string) *CredentialSummary
SetSerialNumber sets the SerialNumber field's value.
func (*CredentialSummary) SetX509Certificate ¶
func (s *CredentialSummary) SetX509Certificate(v []byte) *CredentialSummary
SetX509Certificate sets the X509Certificate field's value.
func (CredentialSummary) String ¶
func (s CredentialSummary) String() string
String returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
type Credentials ¶
type Credentials struct { AccessKeyId *string `locationName:"accessKeyId" type:"string"` Expiration *string `locationName:"expiration" type:"string"` // SecretAccessKey is a sensitive parameter and its value will be // replaced with "sensitive" in string returned by Credentials's // String and GoString methods. SecretAccessKey *string `locationName:"secretAccessKey" type:"string" sensitive:"true"` SessionToken *string `locationName:"sessionToken" type:"string"` // contains filtered or unexported fields }
func (Credentials) GoString ¶
func (s Credentials) GoString() string
GoString returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
func (*Credentials) SetAccessKeyId ¶
func (s *Credentials) SetAccessKeyId(v string) *Credentials
SetAccessKeyId sets the AccessKeyId field's value.
func (*Credentials) SetExpiration ¶
func (s *Credentials) SetExpiration(v string) *Credentials
SetExpiration sets the Expiration field's value.
func (*Credentials) SetSecretAccessKey ¶
func (s *Credentials) SetSecretAccessKey(v string) *Credentials
SetSecretAccessKey sets the SecretAccessKey field's value.
func (*Credentials) SetSessionToken ¶
func (s *Credentials) SetSessionToken(v string) *Credentials
SetSessionToken sets the SessionToken field's value.
func (Credentials) String ¶
func (s Credentials) String() string
String returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
type CredentialsOpts ¶
type RefreshableCred ¶
type RequestHeaderOpts ¶
type RequestHeaderOpts struct { // Certificate, as base64-encoded DER; used in the `x-amz-x509` // header in the API request. CertificateData string }
type RequestOpts ¶
type RequestOpts struct { // ARN of the Role to assume in the CreateSession call. RoleArn string // ARN of the Configuration to use in the CreateSession call. ConfigurationArn string // Certificate, as base64-encoded DER; used in the `x-amz-x509` // header in the API request. CertificateData string // Duration of the session that will be returned by CreateSession. DurationSeconds int }
Container for data that will be sent in a request to CreateSession.
type RequestQueryStringOpts ¶
type ResourceNotFoundException ¶
type ResourceNotFoundException struct { RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` Message_ *string `locationName:"message" type:"string"` // contains filtered or unexported fields }
func (*ResourceNotFoundException) Code ¶
func (s *ResourceNotFoundException) Code() string
Code returns the exception type name.
func (*ResourceNotFoundException) Error ¶
func (s *ResourceNotFoundException) Error() string
func (ResourceNotFoundException) GoString ¶
func (s ResourceNotFoundException) GoString() string
GoString returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
func (*ResourceNotFoundException) Message ¶
func (s *ResourceNotFoundException) Message() string
Message returns the exception's message.
func (*ResourceNotFoundException) OrigErr ¶
func (s *ResourceNotFoundException) OrigErr() error
OrigErr always returns nil, satisfies awserr.Error interface.
func (*ResourceNotFoundException) RequestID ¶
func (s *ResourceNotFoundException) RequestID() string
RequestID returns the service's response RequestID for request.
func (*ResourceNotFoundException) StatusCode ¶
func (s *ResourceNotFoundException) StatusCode() int
Status code returns the HTTP status code for the request's response error.
func (ResourceNotFoundException) String ¶
func (s ResourceNotFoundException) String() string
String returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
type RolesAnywhere ¶ added in v1.0.3
RolesAnywhere provides the API operation methods for making requests to RolesAnywhere Service. See this package's package overview docs for details on the service.
RolesAnywhere methods are safe to use concurrently. It is not safe to modify mutate any of the struct's properties though.
func NewClient ¶ added in v1.0.3
func NewClient(p client.ConfigProvider, cfgs ...*aws.Config) *RolesAnywhere
New creates a new instance of the RolesAnywhere client with a session. If additional configuration is needed for the client instance use the optional aws.Config parameter to add your extra config.
Example:
mySession := session.Must(session.NewSession()) // Create a RolesAnywhere client from just a session. svc := rolesanywhere.New(mySession) // Create a RolesAnywhere client with additional configuration svc := rolesanywhere.New(mySession, aws.NewConfig().WithRegion("us-west-2"))
func (*RolesAnywhere) CreateSession ¶ added in v1.0.3
func (c *RolesAnywhere) CreateSession(input *CreateSessionInput) (*CreateSessionOutput, error)
CreateSession API operation for RolesAnywhere Service.
Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.
See the AWS API reference guide for RolesAnywhere Service's API operation CreateSession for usage and error information.
Returned Error Types:
ValidationException
ResourceNotFoundException
AccessDeniedException
See also, https://docs.aws.amazon.com/goto/WebAPI/roles-anywhere-2018-05-10/CreateSession
func (*RolesAnywhere) CreateSessionRequest ¶ added in v1.0.3
func (c *RolesAnywhere) CreateSessionRequest(input *CreateSessionInput) (req *request.Request, output *CreateSessionOutput)
CreateSessionRequest generates a "aws/request.Request" representing the client's request for the CreateSession operation. The "output" return value will be populated with the request's response once the request completes successfully.
Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.
See CreateSession for more information on using the CreateSession API call, and error handling.
This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.
// Example sending a request using the CreateSessionRequest method. req, resp := client.CreateSessionRequest(params) err := req.Send() if err == nil { // resp is now filled fmt.Println(resp) }
See also, https://docs.aws.amazon.com/goto/WebAPI/roles-anywhere-2018-05-10/CreateSession
func (*RolesAnywhere) CreateSessionWithContext ¶ added in v1.0.3
func (c *RolesAnywhere) CreateSessionWithContext(ctx aws.Context, input *CreateSessionInput, opts ...request.Option) (*CreateSessionOutput, error)
CreateSessionWithContext is the same as CreateSession with the addition of the ability to pass a context and additional request options.
See CreateSession for details on how to use this API operation.
The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.
type RolesAnywhereSigner ¶
type RolesAnywhereSigner struct { PrivateKey crypto.PrivateKey Certificate x509.Certificate CertificateChain []x509.Certificate }
func (RolesAnywhereSigner) SignWithCurrTime ¶
func (v4x509 RolesAnywhereSigner) SignWithCurrTime(req *request.Request) error
Sign the request using the current time
type SessionToken ¶
type SignerParams ¶
type SignerParams struct { OverriddenDate time.Time RegionName string ServiceName string SigningAlgorithm string }
func (*SignerParams) GetFormattedShortSigningDateTime ¶
func (signerParams *SignerParams) GetFormattedShortSigningDateTime() string
Obtain the short date-time, formatted as specified by SigV4
func (*SignerParams) GetFormattedSigningDateTime ¶
func (signerParams *SignerParams) GetFormattedSigningDateTime() string
Obtain the date-time, formatted as specified by SigV4
func (*SignerParams) GetScope ¶
func (signerParams *SignerParams) GetScope() string
Obtain the scope as part of the SigV4-X509 signature
type SigningOpts ¶
type SigningOpts struct { // Private key to use for the signing operation. PrivateKey crypto.PrivateKey // Digest to use in the signing operation. For example, SHA256 Digest crypto.Hash }
type SigningResult ¶
type SigningResult struct { // Signature encoded in hex. Signature string `json:"signature"` }
Container for data returned after performing a signing operation.
func Sign ¶
func Sign(payload []byte, opts SigningOpts) (SigningResult, error)
Sign the provided payload with the specified options.
type TemporaryCredential ¶
type TemporaryCredential struct { AccessKeyId string SecretAccessKey string SessionToken string Expiration time.Time }
Structure to contain a temporary credential
type ValidationException ¶
type ValidationException struct { RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` Message_ *string `locationName:"message" type:"string"` // contains filtered or unexported fields }
func (*ValidationException) Code ¶
func (s *ValidationException) Code() string
Code returns the exception type name.
func (*ValidationException) Error ¶
func (s *ValidationException) Error() string
func (ValidationException) GoString ¶
func (s ValidationException) GoString() string
GoString returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".
func (*ValidationException) Message ¶
func (s *ValidationException) Message() string
Message returns the exception's message.
func (*ValidationException) OrigErr ¶
func (s *ValidationException) OrigErr() error
OrigErr always returns nil, satisfies awserr.Error interface.
func (*ValidationException) RequestID ¶
func (s *ValidationException) RequestID() string
RequestID returns the service's response RequestID for request.
func (*ValidationException) StatusCode ¶
func (s *ValidationException) StatusCode() int
Status code returns the HTTP status code for the request's response error.
func (ValidationException) String ¶
func (s ValidationException) String() string
String returns the string representation.
API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".