Documentation ¶
Overview ¶
Package credscache provides credentials caching utilities for the AWS SDK for Go v2.
Inject the file cache provider ¶
By default, the file cache provider outputs cache files to the current directory.
cfg, err := config.LoadDefaultConfig(context.Background(), config.WithAssumeRoleCredentialOptions(func(options *stscreds.AssumeRoleOptions) { options.TokenProvider = stscreds.StdinTokenProvider })) if err != nil { log.Fatal(err) } injected, err := credscache.InjectFileCacheProvider(&cfg) if err != nil { log.Fatal(err) } if !injected { log.Print("unable to inject file cache provider") }
You can share cache with the AWS CLI by specifying `$HOME/.aws/cli/cache` (experimental feature).
cfg, err := config.LoadDefaultConfig(context.Background(), config.WithAssumeRoleCredentialOptions(func(options *stscreds.AssumeRoleOptions) { options.TokenProvider = stscreds.StdinTokenProvider })) if err != nil { log.Fatal(err) } injected, err := credscache.InjectFileCacheProvider(&cfg, func(o *credscache.FileCacheOptions) { home, _ := os.UserHomeDir() o.FileCacheDir = filepath.Join(home, ".aws/cli/cache") }) if err != nil { log.Fatal(err) } if !injected { log.Print("unable to inject file cache provider") }
Index ¶
- Constants
- Variables
- func AssumeRoleCacheKey(provider *stscreds.AssumeRoleProvider) (string, error)
- func InjectFileCacheProvider(cfg *aws.Config, optFns ...func(o *FileCacheOptions)) (bool, error)
- func LoadCredentials(path string) (*aws.Credentials, error)
- func StoreCredentials(path string, creds *aws.Credentials) error
- type AssumeRoleProviderUnsafeAccessor
- type CredentialsCacheUnsafeAccessor
- type FileCacheOptions
- type FileCacheProvider
- type FileCacheProviderError
- type InjectionError
Examples ¶
Constants ¶
View Source
const (
FileCacheProviderName = "FileCacheProvider"
)
Variables ¶
View Source
var (
ErrNilPointer = credscache.ErrNilPointer
)
Functions ¶
func AssumeRoleCacheKey ¶
func AssumeRoleCacheKey(provider *stscreds.AssumeRoleProvider) (string, error)
Example ¶
package main import ( "fmt" "log" credscache "github.com/Aton-Kish/aws-credscache-go/sdkv2" "github.com/aws/aws-sdk-go-v2/credentials/stscreds" "github.com/aws/aws-sdk-go-v2/service/sts" ) func main() { key, err := credscache.AssumeRoleCacheKey(stscreds.NewAssumeRoleProvider(&sts.Client{}, "role_arn")) if err != nil { log.Fatal(err) } fmt.Println(key) }
Output: de1969e7a880d858c9bef3ba110acf78869d4527
Example (WithRoleSessionNameAndMFASerial) ¶
package main import ( "fmt" "log" credscache "github.com/Aton-Kish/aws-credscache-go/sdkv2" "github.com/aws/aws-sdk-go-v2/aws" "github.com/aws/aws-sdk-go-v2/credentials/stscreds" "github.com/aws/aws-sdk-go-v2/service/sts" ) func main() { key, err := credscache.AssumeRoleCacheKey(stscreds.NewAssumeRoleProvider(&sts.Client{}, "role_arn", func(o *stscreds.AssumeRoleOptions) { o.RoleSessionName = "role_session_name" o.SerialNumber = aws.String("mfa_serial") })) if err != nil { log.Fatal(err) } fmt.Println(key) }
Output: cda918cacd9e1d1c71d510d187e90c5817e04b97
func InjectFileCacheProvider ¶
func InjectFileCacheProvider(cfg *aws.Config, optFns ...func(o *FileCacheOptions)) (bool, error)
Example ¶
package main import ( "context" "log" credscache "github.com/Aton-Kish/aws-credscache-go/sdkv2" "github.com/aws/aws-sdk-go-v2/config" "github.com/aws/aws-sdk-go-v2/credentials/stscreds" ) func main() { cfg, err := config.LoadDefaultConfig(context.Background(), config.WithAssumeRoleCredentialOptions(func(options *stscreds.AssumeRoleOptions) { options.TokenProvider = stscreds.StdinTokenProvider })) if err != nil { log.Fatal(err) } injected, err := credscache.InjectFileCacheProvider(&cfg) if err != nil { log.Fatal(err) } if !injected { log.Print("unable to inject file cache provider") } }
Output:
Example (SpecifiedFileCacheDir) ¶
package main import ( "context" "log" "os" "path/filepath" credscache "github.com/Aton-Kish/aws-credscache-go/sdkv2" "github.com/aws/aws-sdk-go-v2/config" "github.com/aws/aws-sdk-go-v2/credentials/stscreds" ) func main() { cfg, err := config.LoadDefaultConfig(context.Background(), config.WithAssumeRoleCredentialOptions(func(options *stscreds.AssumeRoleOptions) { options.TokenProvider = stscreds.StdinTokenProvider })) if err != nil { log.Fatal(err) } injected, err := credscache.InjectFileCacheProvider(&cfg, func(o *credscache.FileCacheOptions) { home, _ := os.UserHomeDir() o.FileCacheDir = filepath.Join(home, ".aws/cli/cache") }) if err != nil { log.Fatal(err) } if !injected { log.Print("unable to inject file cache provider") } }
Output:
func LoadCredentials ¶
func LoadCredentials(path string) (*aws.Credentials, error)
Example ¶
package main import ( "fmt" "log" credscache "github.com/Aton-Kish/aws-credscache-go/sdkv2" ) func main() { path := "/home/gopher/.aws/cli/cache/de1969e7a880d858c9bef3ba110acf78869d4527.json" creds, err := credscache.LoadCredentials(path) if err != nil { log.Fatal(err) } fmt.Println(creds) // &aws.Credentials{ // AccessKeyID: "AccessKeyID", // SecretAccessKey: "SecretAccessKey", // SessionToken: "SessionToken", // Source: "", // CanExpire: true, // Expires: time.Date(2006, 1, 2, 15, 4, 5, 0, time.UTC), // } }
Output:
func StoreCredentials ¶
func StoreCredentials(path string, creds *aws.Credentials) error
Example ¶
package main import ( "log" "time" credscache "github.com/Aton-Kish/aws-credscache-go/sdkv2" "github.com/aws/aws-sdk-go-v2/aws" ) func main() { path := "/home/gopher/.aws/cli/cache/de1969e7a880d858c9bef3ba110acf78869d4527.json" creds := &aws.Credentials{ AccessKeyID: "AccessKeyID", SecretAccessKey: "SecretAccessKey", SessionToken: "SessionToken", Source: "TestProvider", CanExpire: true, Expires: time.Date(2006, 1, 2, 15, 4, 5, 0, time.UTC), } if err := credscache.StoreCredentials(path, creds); err != nil { log.Fatal(err) } }
Output:
Types ¶
type AssumeRoleProviderUnsafeAccessor ¶
type AssumeRoleProviderUnsafeAccessor struct {
// contains filtered or unexported fields
}
func NewAssumeRoleProviderUnsafeAccessor ¶
func NewAssumeRoleProviderUnsafeAccessor(ptr *stscreds.AssumeRoleProvider) (*AssumeRoleProviderUnsafeAccessor, error)
func (*AssumeRoleProviderUnsafeAccessor) Options ¶
func (a *AssumeRoleProviderUnsafeAccessor) Options() stscreds.AssumeRoleOptions
type CredentialsCacheUnsafeAccessor ¶
type CredentialsCacheUnsafeAccessor struct {
// contains filtered or unexported fields
}
func NewCredentialsCacheUnsafeAccessor ¶
func NewCredentialsCacheUnsafeAccessor(ptr *aws.CredentialsCache) (*CredentialsCacheUnsafeAccessor, error)
func (*CredentialsCacheUnsafeAccessor) Provider ¶
func (a *CredentialsCacheUnsafeAccessor) Provider() aws.CredentialsProvider
func (*CredentialsCacheUnsafeAccessor) SetProvider ¶
func (a *CredentialsCacheUnsafeAccessor) SetProvider(provider aws.CredentialsProvider)
type FileCacheOptions ¶
type FileCacheProvider ¶
type FileCacheProvider struct {
// contains filtered or unexported fields
}
func NewFileCacheProvider ¶
func NewFileCacheProvider(provider aws.CredentialsProvider, cacheKey string, optFns ...func(o *FileCacheOptions)) *FileCacheProvider
func (*FileCacheProvider) Retrieve ¶
func (p *FileCacheProvider) Retrieve(ctx context.Context) (aws.Credentials, error)
type FileCacheProviderError ¶
type FileCacheProviderError = credscache.FileCacheProviderError
type InjectionError ¶
type InjectionError = credscache.InjectionError
Click to show internal directories.
Click to hide internal directories.