ec2roleprovider

package

v0.0.0-...-955c50f Latest Latest Go to latest Published: Apr 19, 2024 License: Apache-2.0 Imports: 18 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/aws/amazon-ssm-agent

Documentation ¶

Index ¶

Constants
type EC2InnerProviders
type EC2RoleProvider
- func NewEC2RoleProvider(log log.T, config *appconfig.SsmagentConfig, innerProviders *EC2InnerProviders, ...) *EC2RoleProvider
type IEC2RoleProvider
type IInnerProvider

Constants ¶

View Source

const (
	CredentialSourceNone = "None"
	CredentialSourceSSM  = "SSM"
	CredentialSourceEC2  = "EC2"
	IdentityTypeEC2      = "EC2"
)

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type EC2InnerProviders ¶

type EC2InnerProviders struct {
	IPRProvider               IInnerProvider
	SsmEc2Provider            IInnerProvider
	SharedCredentialsProvider IInnerProvider
}

type EC2RoleProvider ¶

type EC2RoleProvider struct {
	credentials.Expiry
	InnerProviders *EC2InnerProviders
	Log            log.T
	Config         *appconfig.SsmagentConfig
	InstanceInfo   *ssmec2roleprovider.InstanceInfo

	SsmEndpoint string

	RuntimeConfigClient runtimeconfig.IIdentityRuntimeConfigClient
	// contains filtered or unexported fields
}

EC2RoleProvider provides credentials for the agent when on an EC2 instance

func NewEC2RoleProvider ¶

func NewEC2RoleProvider(log log.T, config *appconfig.SsmagentConfig, innerProviders *EC2InnerProviders, instanceInfo *ssmec2roleprovider.InstanceInfo, ssmEndpoint string, runtimeConfigClient runtimeconfig.IIdentityRuntimeConfigClient) *EC2RoleProvider

NewEC2RoleProvider initializes a new EC2RoleProvider using runtime config values

func (*EC2RoleProvider) CredentialSource ¶

func (p *EC2RoleProvider) CredentialSource() string

CredentialSource returns the name of the current provider being used

func (*EC2RoleProvider) ExpiresAt ¶

func (p *EC2RoleProvider) ExpiresAt() time.Time

ExpiresAt returns the expiry of shared credentials using shared credentials and returns instance profile role provider expiry otherwise

func (*EC2RoleProvider) GetInnerProvider ¶

func (p *EC2RoleProvider) GetInnerProvider() IInnerProvider

GetInnerProvider gets the remote role provider that is currently being used for credentials

func (*EC2RoleProvider) IsExpired ¶

func (p *EC2RoleProvider) IsExpired() bool

IsExpired wraps the IsExpired method of the current provider

func (*EC2RoleProvider) RemoteExpiresAt ¶

func (p *EC2RoleProvider) RemoteExpiresAt() time.Time

RemoteExpiresAt returns the expiry of the remote inner provider currently in use This function is intended for use by the core module's credential refresher routine

func (*EC2RoleProvider) RemoteRetrieve ¶

func (p *EC2RoleProvider) RemoteRetrieve(ctx context.Context) (credentials.Value, error)

RemoteRetrieve uses network calls to retrieve credentials for EC2 instances This function is intended for use by the core module's credential refresher routine When an error is returned, credential source is updated to CredentialSourceNone

func (*EC2RoleProvider) Retrieve ¶

func (p *EC2RoleProvider) Retrieve() (credentials.Value, error)

Retrieve returns instance profile role credentials if it has sufficient systems manager permissions and returns ssm provided credentials otherwise. If neither can be retrieved then empty credentials are returned This function is intended for use by agent workers that require credentials

func (*EC2RoleProvider) RetrieveWithContext ¶

func (p *EC2RoleProvider) RetrieveWithContext(ctx context.Context) (credentials.Value, error)

RetrieveWithContext returns shared credentials if specified in runtime config and returns instance profile role credentials otherwise. If neither can be retrieved then empty credentials are returned This function is intended for use by agent workers that require credentials

func (*EC2RoleProvider) ShareFile ¶

func (p *EC2RoleProvider) ShareFile() string

ShareFile is the credentials file where the agent should write shared credentials Only default host management role credentials are shared across workers

func (*EC2RoleProvider) ShareProfile ¶

func (p *EC2RoleProvider) ShareProfile() string

ShareProfile is the profile where the agent should write shared credentials

func (*EC2RoleProvider) SharesCredentials ¶

func (p *EC2RoleProvider) SharesCredentials() bool

SharesCredentials returns true if credentials may be saved to disk

type IEC2RoleProvider ¶

type IEC2RoleProvider interface {
	credentials.Expirer
	credentialproviders.IRemoteProvider
	GetInnerProvider() IInnerProvider
	Retrieve() (credentials.Value, error)
	ShareFile() string
	ShareProfile() string
	SharesCredentials() bool
	RetrieveWithContext(ctx context.Context) (credentials.Value, error)
	RemoteRetrieve(ctx context.Context) (credentials.Value, error)
}

type IInnerProvider ¶

type IInnerProvider interface {
	credentials.Provider
	credentials.Expirer
	Retrieve() (credentials.Value, error)
	RetrieveWithContext(ctx context.Context) (credentials.Value, error)
	SetExpiration(expiration time.Time, window time.Duration)
}

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
mocks
stubs

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL