aws

package

v0.0.0-...-416c7cc Latest Latest Go to latest Published: Mar 1, 2024 License: MPL-2.0 Imports: 14 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

Documentation ¶

Overview ¶

* This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, You can obtain one at https://mozilla.org/MPL/2.0/.

Index ¶

Constants
func WriteToFile(c *Credentials, filename string, section string) error
func WriteToShell(c *Credentials, windows bool, w io.Writer)
type Credentials
- func AssumeSAMLRole(PrincipalArn, RoleArn, SAMLAssertion, awsRegion string, duration int32) (*Credentials, error)
type Profile
- func GetValidCredentials(filename string) ([]Profile, error)

Constants ¶

View Source

const (
	// A friendly message to show to the user when a requested duration exceeds the configured
	// maximum.
	DurationExceededMessage = "The requested duration exceeded the allowed maximum. Falling " +
		"back to 1 hour.\nTo update the maximum session duration you can use the following " +
		"command:\n\naws iam update-role --role-name <role_name> --max-session-duration " +
		"<duration>\n\nFor more information please refer to the AWS documentation:\n" +
		"https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_manage_modify.html"
	// The error message STS returns when attempting to assume a role with a duration longer than
	// the configured maximum for that role.
	ErrInvalidSessionDuration = "The requested DurationSeconds exceeds the MaxSessionDuration " +
		"set for this role."
	// A custom error which indicates that the requested duration exceeded the configured maximum.
	// TODO Replace this with a custom error type.
	ErrDurationExceeded = "DurationExceeded"
)

Variables ¶

This section is empty.

Functions ¶

func WriteToFile ¶

func WriteToFile(c *Credentials, filename string, section string) error

WriteToFile writes credentials to an AWS CLI credentials file (https://docs.aws.amazon.com/cli/latest/userguide/cli-config-files.html). In addition, this function removes expired temporary credentials from the credentials file.

func WriteToShell ¶

func WriteToShell(c *Credentials, windows bool, w io.Writer)

WriteToShell writes (prints) credentials to stdout. If windows is true, Windows syntax will be used.

Types ¶

type Credentials ¶

type Credentials struct {
	AccessKeyID     string
	SecretAccessKey string
	SessionToken    string
	Expiration      time.Time
}

Credentials represents a set of temporary credentials received from AWS STS (http://docs.aws.amazon.com/STS/latest/APIReference/Welcome.html).

func AssumeSAMLRole ¶

func AssumeSAMLRole(PrincipalArn, RoleArn, SAMLAssertion, awsRegion string, duration int32) (*Credentials, error)

AssumeSAMLRole assumes an AWS IAM role using a SAML assertion. In cases where the requested session duration is higher than the maximum allowed on AWS, STS returns a specific error message to indicate that. In this case we return a custom error to the caller to allow special handling such as retrying with a lower duration.

type Profile ¶

type Profile struct {
	Name         string
	LifetimeLeft time.Duration
	ExpireAtUnix int64
}

Profile represents an AWS profile

func GetValidCredentials ¶

func GetValidCredentials(filename string) ([]Profile, error)

GetValidCredentials returns profiles which have a aws_expiration key but are not yet expired.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL