Documentation
¶
Index ¶
Constants ¶
View Source
const (
// ProviderName is the role provider name that is returned with credentials
ProviderName = "EC2IdentityRoleProvider"
)
Variables ¶
This section is empty.
Functions ¶
func EmptyCredentials ¶
func EmptyCredentials() credentials.Value
EmptyCredentials returns empty instance identity role credentials
Types ¶
type Ec2RoleCreds ¶
type Ec2RoleCreds struct {
// Success State
Expiration time.Time
AccessKeyID string
SecretAccessKey string
Token string
// Error state
Code string
Message string
}
Ec2RoleCreds defines the structure for EC2 credentials returned from IMDS Copied from github.com/aws/credentials/ec2rolecreds/ec2_role_provider.go A ec2RoleCredRespBody provides the shape for unmarshalling credential request responses.
type IEC2MdsSdkClient ¶
IEC2MdsSdkClient defines the functions that the role provider depends on from the aws sdk
type IIRRoleProvider ¶
type IIRRoleProvider struct {
credentials.Expiry
// ExpiryWindow will allow the credentials to trigger refreshing prior to
// the credentials actually expiring. This is beneficial so race conditions
// with expiring credentials do not cause request to fail unexpectedly
// due to ExpiredTokenException exceptions.
//
// So a ExpiryWindow of 10s would cause calls to IsExpired() to return true
// 10 seconds before the credentials are actually expired.
//
// If ExpiryWindow is 0 or less it will be ignored.
ExpiryWindow time.Duration
Config *appconfig.SsmagentConfig
Log log.T
IMDSClient IEC2MdsSdkClient
}
IIRRoleProvider gets identity role credentials from instance metadata service
func (*IIRRoleProvider) Retrieve ¶
func (p *IIRRoleProvider) Retrieve() (credentials.Value, error)
Retrieve returns nil if it successfully retrieved the instance identity role credentials. Error is returned if the value were not obtainable, or empty.
Source Files
Directories
Click to show internal directories.
Click to hide internal directories.