Documentation
¶
Index ¶
- Constants
- Variables
- func DefaultSharedConfigFilename() string
- func DefaultSharedCredentialsFilename() string
- func GetAssumeRoleCredentialProviderOptions(configs Configs) (f func(*stscreds.AssumeRoleProviderOptions), found bool, err error)
- func GetCredentialsProvider(configs Configs) (p aws.CredentialsProvider, found bool, err error)
- func GetCustomCABundle(configs Configs) ([]byte, bool, error)
- func GetDefaultRegion(configs Configs) (value string, found bool, err error)
- func GetEC2RoleCredentialProviderOptions(configs Configs) (f func(*ec2rolecreds.ProviderOptions), found bool, err error)
- func GetEnableEndpointDiscovery(configs Configs) (value, found bool, err error)
- func GetEndpointCredentialProviderOptions(configs Configs) (f func(*endpointcreds.ProviderOptions), found bool, err error)
- func GetMFATokenFunc(configs Configs) (func() (string, error), bool, error)
- func GetProcessCredentialProviderOptions(configs Configs) (f func(*processcreds.ProviderOptions), found bool, err error)
- func GetRegion(configs Configs) (string, bool, error)
- func GetSharedConfigFiles(configs Configs) ([]string, bool, error)
- func GetSharedConfigProfile(configs Configs) (string, bool, error)
- func GetWebIdentityCredentialProviderOptions(configs Configs) (f func(*stscreds.WebIdentityRoleProviderOptions), found bool, err error)
- func LoadDefaultAWSConfig(configs ...Config) (aws.Config, error)
- func ResolveCredentialChain(cfg *aws.Config, configs Configs) (err error)
- func ResolveCredentialProvider(cfg *aws.Config, configs Configs) (bool, error)
- func ResolveCredentials(cfg *aws.Config, configs Configs) error
- func ResolveCustomCABundle(cfg *aws.Config, configs Configs) error
- func ResolveDefaultAWSConfig(cfg *aws.Config, configs Configs) error
- func ResolveDefaultRegion(cfg *aws.Config, configs Configs) error
- func ResolveEC2Region(cfg *aws.Config, _ Configs) error
- func ResolveEnableEndpointDiscovery(cfg *aws.Config, configs Configs) error
- func ResolveEndpointResolverFunc(cfg *aws.Config, configs Configs) error
- func ResolveHandlersFunc(cfg *aws.Config, configs Configs) error
- func ResolveRegion(cfg *aws.Config, configs Configs) error
- type AWSConfigResolver
- type AssumeRoleConfig
- type AssumeRoleCredentialProviderOptions
- type AssumeRoleTokenProviderNotSetError
- type Config
- type ConfigLoader
- type Configs
- type CredentialRequiresARNError
- type CredentialsProviderProvider
- type CustomCABundleProvider
- type DefaultRegionProvider
- type EC2RoleCredentialProviderOptions
- type EnableEndpointDiscoveryProvider
- type EndpointCredentialProviderOptions
- type EndpointResolverFunc
- type EndpointResolverFuncProvider
- type EnvConfig
- func (c EnvConfig) GetCustomCABundle() ([]byte, error)
- func (c EnvConfig) GetEnableEndpointDiscovery() (value, ok bool, err error)
- func (c EnvConfig) GetRegion() (string, error)
- func (c EnvConfig) GetS3UseARNRegion() (value, ok bool, err error)
- func (c EnvConfig) GetSharedConfigFiles() ([]string, error)
- func (c EnvConfig) GetSharedConfigProfile() (string, error)
- type HandlersFunc
- type HandlersFuncProvider
- type MFATokenFuncProvider
- type ProcessCredentialProviderOptions
- type RegionProvider
- type SharedConfig
- type SharedConfigAssumeRoleError
- type SharedConfigFileNotExistError
- type SharedConfigFilesProvider
- type SharedConfigLoadError
- type SharedConfigNotExistErrors
- type SharedConfigProfileNotExistError
- type SharedConfigProfileProvider
- type WebIdentityCredentialProviderOptions
- type WithAssumeRoleCredentialProviderOptions
- type WithAssumeRoleDuration
- type WithCredentialsProvider
- type WithCustomCABundle
- type WithDefaultRegion
- type WithEC2MetadataRegion
- type WithEC2RoleCredentialProviderOptions
- type WithEnableEndpointDiscovery
- type WithEndpointCredentialProviderOptions
- type WithEndpointResolverFunc
- type WithHandlersFunc
- type WithMFATokenFunc
- type WithProcessCredentialProviderOptions
- type WithRegion
- type WithSharedConfigFiles
- type WithSharedConfigProfile
- type WithWebIdentityCredentialProviderOptions
Examples ¶
Constants ¶
const ( ErrCodeSharedConfig = "SharedConfigErr" // loading configuration from the config files if another profile name // is not provided. DefaultSharedConfigProfile = `default` )
const CredentialsSourceName = "EnvConfigCredentials"
CredentialsSourceName provides a name of the provider when config is loaded from environment.
Variables ¶
var DefaultAWSConfigResolvers = []AWSConfigResolver{ ResolveDefaultAWSConfig, ResolveHandlersFunc, ResolveEndpointResolverFunc, ResolveCustomCABundle, ResolveEnableEndpointDiscovery, ResolveRegion, ResolveEC2Region, ResolveDefaultRegion, ResolveCredentials, }
DefaultAWSConfigResolvers are a slice of functions that will resolve external configuration values into AWS configuration values.
This will setup the AWS configuration's Region,
var DefaultConfigLoaders = []ConfigLoader{ LoadEnvConfig, LoadSharedConfigIgnoreNotExist, }
DefaultConfigLoaders are a slice of functions that will read external configuration sources for configuration values. These values are read by the AWSConfigResolvers using interfaces to extract specific information from the external configuration.
DefaultSharedConfigFiles is a slice of the default shared config files that the will be used in order to load the SharedConfig.
Functions ¶
func DefaultSharedConfigFilename ¶
func DefaultSharedConfigFilename() string
DefaultSharedConfigFilename returns the SDK's default file path for the shared config file.
Builds the shared config file path based on the OS's platform.
- Linux/Unix: $HOME/.aws/config
- Windows: %USERPROFILE%\.aws\config
func DefaultSharedCredentialsFilename ¶
func DefaultSharedCredentialsFilename() string
DefaultSharedCredentialsFilename returns the SDK's default file path for the shared credentials file.
Builds the shared config file path based on the OS's platform.
- Linux/Unix: $HOME/.aws/credentials
- Windows: %USERPROFILE%\.aws\credentials
func GetAssumeRoleCredentialProviderOptions ¶ added in v0.20.0
func GetAssumeRoleCredentialProviderOptions(configs Configs) (f func(*stscreds.AssumeRoleProviderOptions), found bool, err error)
GetAssumeRoleCredentialProviderOptions searches the slice of configs and returns the first function found
func GetCredentialsProvider ¶ added in v0.20.0
func GetCredentialsProvider(configs Configs) (p aws.CredentialsProvider, found bool, err error)
GetCredentialsProvider searches the Configs for a CredentialsProviderProvider and returns the value if found. Returns an error if a provider fails before a value is found.
func GetCustomCABundle ¶
GetCustomCABundle searchds the Configs for a CustomCABundleProvider and returns the value if found. Returns an error if a provider fails before a value is found.
func GetDefaultRegion ¶ added in v0.21.0
GetDefaultRegion searches the slice of configs and returns the first fallback region found
func GetEC2RoleCredentialProviderOptions ¶ added in v0.20.0
func GetEC2RoleCredentialProviderOptions(configs Configs) (f func(*ec2rolecreds.ProviderOptions), found bool, err error)
GetEC2RoleCredentialProviderOptions searches the slice of configs and returns the first function found
func GetEnableEndpointDiscovery ¶ added in v0.20.0
GetEnableEndpointDiscovery searches the provided configs and returns the value for EndpointDiscoveryEnabled.
func GetEndpointCredentialProviderOptions ¶ added in v0.20.0
func GetEndpointCredentialProviderOptions(configs Configs) (f func(*endpointcreds.ProviderOptions), found bool, err error)
GetEndpointCredentialProviderOptions searches the slice of configs and returns the first function found
func GetMFATokenFunc ¶
GetMFATokenFunc searches the Configs for a MFATokenFuncProvider and returns the value if found. Returns an error if a provider fails before a value is found.
func GetProcessCredentialProviderOptions ¶ added in v0.20.0
func GetProcessCredentialProviderOptions(configs Configs) (f func(*processcreds.ProviderOptions), found bool, err error)
GetProcessCredentialProviderOptions searches the slice of configs and returns the first function found
func GetRegion ¶
GetRegion searchds the Configs for a RegionProvider and returns the value if found. Returns an error if a provider fails before a value is found.
func GetSharedConfigFiles ¶
GetSharedConfigFiles searchds the Configs for a SharedConfigFilesProvider and returns the value if found. Returns an error if a provider fails before a value is found.
func GetSharedConfigProfile ¶
GetSharedConfigProfile searches the Configs for a SharedConfigProfileProvider and returns the value if found. Returns an error if a provider fails before a value is found.
func GetWebIdentityCredentialProviderOptions ¶ added in v0.20.0
func GetWebIdentityCredentialProviderOptions(configs Configs) (f func(*stscreds.WebIdentityRoleProviderOptions), found bool, err error)
GetWebIdentityCredentialProviderOptions searches the slice of configs and returns the first function found
func LoadDefaultAWSConfig ¶
LoadDefaultAWSConfig reads the SDK's default external configurations, and populates an AWS Config with the values from the external configurations.
An optional variadic set of additional Config values can be provided as input that will be prepended to the Configs slice. Use this to add custom configuration. The custom configurations must satisfy the respective providers for their data or the custom data will be ignored by the resolvers and config loaders.
cfg, err := external.LoadDefaultAWSConfig(
WithSharedConfigProfile("test-profile"),
)
if err != nil {
panic(fmt.Sprintf("failed loading config, %v", err))
}
The default configuration sources are: * Environment Variables * Shared Configuration and Shared Credentials files.
func ResolveCredentialChain ¶ added in v0.20.0
ResolveCredentialChain resolves a credential provider chain using EnvConfig and SharedConfig if present in the slice cof provided configs.
func ResolveCredentialProvider ¶ added in v0.20.0
ResolveCredentialProvider extracts the first instance of Credentials from the config slices.
Config providers used: * CredentialsProviderProvider
func ResolveCredentials ¶ added in v0.20.0
ResolveCredentials extracts a credential provider from slice of config sources.
If an explict credential provider is not found the resolver will fallback to resolving credentials by extracting a credential provider from EnvConfig and SharedConfig.
func ResolveCustomCABundle ¶
ResolveCustomCABundle extracts the first instance of a custom CA bundle filename from the external configurations. It will update the HTTP Client's builder to be configured with the custom CA bundle.
Config provider used: * CustomCABundleProvider
func ResolveDefaultAWSConfig ¶
ResolveDefaultAWSConfig will write default configuration values into the cfg value. It will write the default values, overwriting any previous value.
This should be used as the first resolver in the slice of resolvers when resolving external configuration.
func ResolveDefaultRegion ¶ added in v0.21.0
ResolveDefaultRegion extracts the first instance of a default region and sets `aws.Config.Region` to the default region if region had not been resolved from other sources.
func ResolveEC2Region ¶ added in v0.21.0
ResolveEC2Region attempts to resolve the region using the EC2 instance metadata service. If region is already set on the config no lookup occurs. If an error is returned the service is assumed unavailable.
func ResolveEnableEndpointDiscovery ¶ added in v0.20.0
ResolveEnableEndpointDiscovery will configure the AWS config for Endpoint Discovery based on the first value discovered from the provided slice of configs.
func ResolveEndpointResolverFunc ¶ added in v0.20.0
ResolveEndpointResolverFunc extracts the first instance of a EndpointResolverFunc from the config slice and sets the functions result on the aws.Config.EndpointResolver
func ResolveHandlersFunc ¶ added in v0.20.0
ResolveHandlersFunc will configure the AWS config Handler chain using the resolved handlers function if provided.
Types ¶
type AWSConfigResolver ¶
An AWSConfigResolver will extract configuration data from the Configs slice using the provider interfaces to extract specific functionality. The extracted configuration values will be written to the AWS Config value.
The resolver should return an error if it it fails to extract the data, the data is malformed, or incomplete.
type AssumeRoleConfig ¶
type AssumeRoleConfig struct{}
AssumeRoleConfig provides the values defining the configuration for an IAM assume role.
type AssumeRoleCredentialProviderOptions ¶ added in v0.20.0
type AssumeRoleCredentialProviderOptions interface {
GetAssumeRoleCredentialProviderOptions() (func(*stscreds.AssumeRoleProviderOptions), bool, error)
}
AssumeRoleCredentialProviderOptions is an interface for retrieving a function for setting the stscreds.AssumeRoleProviderOptions.
type AssumeRoleTokenProviderNotSetError ¶ added in v0.20.0
type AssumeRoleTokenProviderNotSetError struct{}
AssumeRoleTokenProviderNotSetError is an error returned when creating a session when the MFAToken option is not set when shared config is configured load assume a role with an MFA token.
func (AssumeRoleTokenProviderNotSetError) Code ¶ added in v0.20.0
func (e AssumeRoleTokenProviderNotSetError) Code() string
Code is the short id of the error.
func (AssumeRoleTokenProviderNotSetError) Error ¶ added in v0.20.0
func (e AssumeRoleTokenProviderNotSetError) Error() string
Error satisfies the error interface.
func (AssumeRoleTokenProviderNotSetError) Message ¶ added in v0.20.0
func (e AssumeRoleTokenProviderNotSetError) Message() string
Message is the description of the error
func (AssumeRoleTokenProviderNotSetError) OrigErr ¶ added in v0.20.0
func (e AssumeRoleTokenProviderNotSetError) OrigErr() error
OrigErr is the underlying error that caused the failure.
type Config ¶
type Config interface{}
A Config represents a generic configuration value or set of values. This type will be used by the AWSConfigResolvers to extract
General the Config type will use type assertion against the Provider interfaces to extract specific data from the Config.
func LoadEnvConfig ¶
LoadEnvConfig reads configuration values from the OS's environment variables. Returning the a Config typed EnvConfig to satisfy the ConfigLoader func type.
func LoadSharedConfig ¶
LoadSharedConfig uses the Configs passed in to load the SharedConfig from file The file names and profile name are sourced from the Configs.
If profile name is not provided DefaultSharedConfigProfile (default) will be used.
If shared config filenames are not provided DefaultSharedConfigFiles will be used.
Config providers used: * SharedConfigProfileProvider * SharedConfigFilesProvider
func LoadSharedConfigIgnoreNotExist ¶
LoadSharedConfigIgnoreNotExist is an alias for LoadSharedConfig with the addition of ignoring when none of the files exist or when the profile is not found in any of the files.
type ConfigLoader ¶
A ConfigLoader is used to load external configuration data and returns it as a generic Config type.
The loader should return an error if it fails to load the external configuration or the configuration data is malformed, or required components missing.
type Configs ¶
type Configs []Config
Configs is a slice of Config values. These values will be used by the AWSConfigResolvers to extract external configuration values to populate the AWS Config type.
Use AppendFromLoaders to add additional external Config values that are loaded from external sources.
Use ResolveAWSConfig after external Config values have been added or loaded to extract the loaded configuration values into the AWS Config.
func (Configs) AppendFromLoaders ¶
func (cs Configs) AppendFromLoaders(loaders []ConfigLoader) (Configs, error)
AppendFromLoaders iterates over the slice of loaders passed in calling each loader function in order. The external config value returned by the loader will be added to the returned Configs slice.
If a loader returns an error this method will stop iterating and return that error.
func (Configs) ResolveAWSConfig ¶
func (cs Configs) ResolveAWSConfig(resolvers []AWSConfigResolver) (aws.Config, error)
ResolveAWSConfig returns a AWS configuration populated with values by calling the resolvers slice passed in. Each resolver is called in order. Any resolver may overwrite the AWs Configuration value of a previous resolver.
If an resolver returns an error this method will return that error, and stop iterating over the resolvers.
func (Configs) ResolveConfig ¶ added in v0.19.0
ResolveConfig calls the provide function passing slice of configuration sources. This implements the aws.ConfigResolver interface.
type CredentialRequiresARNError ¶ added in v0.20.0
type CredentialRequiresARNError struct {
// type of credentials that were configured.
Type string
// Profile name the credentials were in.
Profile string
}
CredentialRequiresARNError provides the error for shared config credentials that are incorrectly configured in the shared config or credentials file.
func (CredentialRequiresARNError) Code ¶ added in v0.20.0
func (e CredentialRequiresARNError) Code() string
Code is the short id of the error.
func (CredentialRequiresARNError) Error ¶ added in v0.20.0
func (e CredentialRequiresARNError) Error() string
Error satisfies the error interface.
func (CredentialRequiresARNError) Message ¶ added in v0.20.0
func (e CredentialRequiresARNError) Message() string
Message is the description of the error
func (CredentialRequiresARNError) OrigErr ¶ added in v0.20.0
func (e CredentialRequiresARNError) OrigErr() error
OrigErr is the underlying error that caused the failure.
type CredentialsProviderProvider ¶ added in v0.20.0
type CredentialsProviderProvider interface {
GetCredentialsProvider() (aws.CredentialsProvider, bool, error)
}
CredentialsProviderProvider provides access to the credentials external configuration value.
type CustomCABundleProvider ¶
CustomCABundleProvider provides access to the custom CA bundle PEM bytes.
type DefaultRegionProvider ¶ added in v0.21.0
DefaultRegionProvider is an interface for retrieving a default region if a region was not resolved from other sources
type EC2RoleCredentialProviderOptions ¶ added in v0.20.0
type EC2RoleCredentialProviderOptions interface {
GetEC2RoleCredentialProviderOptions() (func(*ec2rolecreds.ProviderOptions), bool, error)
}
EC2RoleCredentialProviderOptions is an interface for retrieving a function for setting the ec2rolecreds.Provider options.
type EnableEndpointDiscoveryProvider ¶ added in v0.20.0
type EnableEndpointDiscoveryProvider interface {
GetEnableEndpointDiscovery() (value, found bool, err error)
}
EnableEndpointDiscoveryProvider provides access to the
type EndpointCredentialProviderOptions ¶ added in v0.20.0
type EndpointCredentialProviderOptions interface {
GetEndpointCredentialProviderOptions() (func(*endpointcreds.ProviderOptions), bool, error)
}
EndpointCredentialProviderOptions is an interface for retrieving a function for setting the endpointcreds.ProviderOptions.
type EndpointResolverFunc ¶ added in v0.20.0
type EndpointResolverFunc func(aws.EndpointResolver) aws.EndpointResolver
EndpointResolverFunc is a function that is given the default EndpointResolver and returns an aws.EndpointResolver that will be used
func GetEndpointResolverFunc ¶ added in v0.20.0
func GetEndpointResolverFunc(configs Configs) (f EndpointResolverFunc, found bool, err error)
GetEndpointResolverFunc searches the provided config sources for a EndpointResolverFunc that can be used to configure the aws.Config.EndpointResolver value.
type EndpointResolverFuncProvider ¶ added in v0.20.0
type EndpointResolverFuncProvider interface {
GetEndpointResolverFunc() (EndpointResolverFunc, bool, error)
}
EndpointResolverFuncProvider is an interface for retrieving an aws.EndpointResolver from a configuration source
type EnvConfig ¶
type EnvConfig struct {
// Environment configuration values. If set both Access Key ID and Secret Access
// Key must be provided. Session Token and optionally also be provided, but is
// not required.
//
// # Access Key ID
// AWS_ACCESS_KEY_ID=AKID
// AWS_ACCESS_KEY=AKID # only read if AWS_ACCESS_KEY_ID is not set.
//
// # Secret Access Key
// AWS_SECRET_ACCESS_KEY=SECRET
// AWS_SECRET_KEY=SECRET # only read if AWS_SECRET_ACCESS_KEY is not set.
//
// # Session Token
// AWS_SESSION_TOKEN=TOKEN
Credentials aws.Credentials
// ContainerCredentialsEndpoint value is the HTTP enabled endpoint to retrieve credentials
// using the endpointcreds.Provider
ContainerCredentialsEndpoint string
// ContainerCredentialsRelativePath is the relative URI path that will be used when attempting to retrieve
// credentials from the container endpoint.
ContainerCredentialsRelativePath string
// ContainerAuthorizationToken is the authorization token that will be included in the HTTP Authorization
// header when attempting to retrieve credentials from the container credentials endpoint.
ContainerAuthorizationToken string
// Region value will instruct the SDK where to make service API requests to. If is
// not provided in the environment the region must be provided before a service
// client request is made.
//
// AWS_REGION=us-west-2
// AWS_DEFAULT_REGION=us-west-2
Region string
// shared configuration files. If not provided "default" will be used as the
// profile name.
//
// AWS_PROFILE=my_profile
// AWS_DEFAULT_PROFILE=my_profile
SharedConfigProfile string
// file for the shared credentials. If not set the file will be loaded from
// $HOME/.aws/credentials on Linux/Unix based systems, and
// %USERPROFILE%\.aws\credentials on Windows.
//
// AWS_SHARED_CREDENTIALS_FILE=$HOME/my_shared_credentials
SharedCredentialsFile string
// file for the shared config. If not set the file will be loaded from
// $HOME/.aws/config on Linux/Unix based systems, and
// %USERPROFILE%\.aws\config on Windows.
//
// AWS_CONFIG_FILE=$HOME/my_shared_config
SharedConfigFile string
// Sets the path to a custom Credentials Authroity (CA) Bundle PEM file
// that the SDK will use instead of the system's root CA bundle.
// Only use this if you want to configure the SDK to use a custom set
// of CAs.
//
// Enabling this option will attempt to merge the Transport
// into the SDK's HTTP client. If the client's Transport is
// not a http.Transport an error will be returned. If the
// Transport's TLS config is set this option will cause the
// SDK to overwrite the Transport's TLS config's RootCAs value.
//
// Setting a custom HTTPClient in the aws.Config options will override this setting.
// To use this option and custom HTTP client, the HTTP client needs to be provided
// when creating the config. Not the service client.
//
// AWS_CA_BUNDLE=$HOME/my_custom_ca_bundle
CustomCABundle string
// Enables endpoint discovery via environment variables.
//
// AWS_ENABLE_ENDPOINT_DISCOVERY=true
EnableEndpointDiscovery *bool
// Specifies the WebIdentity token the SDK should use to assume a role
// with.
//
// AWS_WEB_IDENTITY_TOKEN_FILE=file_path
WebIdentityTokenFilePath string
// Specifies the IAM role arn to use when assuming an role.
//
// AWS_ROLE_ARN=role_arn
RoleARN string
// Specifies the IAM role session name to use when assuming a role.
//
// AWS_ROLE_SESSION_NAME=session_name
RoleSessionName string
// Specifies if the S3 service should allow ARNs to direct the region
// the client's requests are sent to.
//
// AWS_S3_USE_ARN_REGION=true
S3UseARNRegion *bool
}
EnvConfig is a collection of environment values the SDK will read setup config from. All environment values are optional. But some values such as credentials require multiple values to be complete or the values will be ignored.
func NewEnvConfig ¶
NewEnvConfig retrieves the SDK's environment configuration. See `EnvConfig` for the values that will be retrieved.
func (EnvConfig) GetCustomCABundle ¶
GetCustomCABundle returns the custom CA bundle's PEM bytes if the file was
func (EnvConfig) GetEnableEndpointDiscovery ¶ added in v0.20.0
GetEnableEndpointDiscovery returns whether to enable service endpoint discovery
func (EnvConfig) GetRegion ¶
GetRegion returns the AWS Region if set in the environment. Returns an empty string if not set.
func (EnvConfig) GetS3UseARNRegion ¶ added in v0.19.0
GetS3UseARNRegion returns whether to allow ARNs to direct the region the S3 client's requests are sent to.
func (EnvConfig) GetSharedConfigFiles ¶
GetSharedConfigFiles returns a slice of filenames set in the environment.
Will return the filenames in the order of: * Shared Credentials * Shared Config
func (EnvConfig) GetSharedConfigProfile ¶
GetSharedConfigProfile returns the shared config profile if set in the environment. Returns an empty string if not set.
type HandlersFunc ¶ added in v0.20.0
HandlersFunc is a function pointer that takes a list of handlers and returns the modified set of handlers to use
func GetHandlersFunc ¶ added in v0.20.0
func GetHandlersFunc(configs Configs) (f HandlersFunc, found bool, err error)
GetHandlersFunc searches the provided configs and returns the first HandlersFunc returned by a configuration provider.
type HandlersFuncProvider ¶ added in v0.20.0
type HandlersFuncProvider interface {
GetHandlersFunc() (HandlersFunc, bool, error)
}
HandlersFuncProvider provides access to the configuration handlers
type MFATokenFuncProvider ¶
MFATokenFuncProvider provides access to the MFA token function needed for Assume Role with MFA.
type ProcessCredentialProviderOptions ¶ added in v0.20.0
type ProcessCredentialProviderOptions interface {
GetProcessCredentialProviderOptions() (func(*processcreds.ProviderOptions), bool, error)
}
ProcessCredentialProviderOptions is an interface for retrieving a function for setting the processcreds.ProviderOptions.
type RegionProvider ¶
RegionProvider provides access to the region external configuration value.
type SharedConfig ¶
type SharedConfig struct {
// and aws_secret_access_key must be provided together in the same file
// to be considered valid. The values will be ignored if not a complete group.
// aws_session_token is an optional field that can be provided if both of the
// other two fields are also provided.
//
// aws_access_key_id
// aws_secret_access_key
// aws_session_token
Credentials aws.Credentials
// and signing requests.
//
// region
Region string
// endpoint_discovery_enabled to true
//
// endpoint_discovery_enabled = true
EnableEndpointDiscovery *bool
// the client's requests are sent to.
//
// s3_use_arn_region=true
S3UseARNRegion *bool
}
SharedConfig represents the configuration fields of the SDK config files.
func NewSharedConfig ¶
func NewSharedConfig(profile string, filenames []string) (SharedConfig, error)
NewSharedConfig retrieves the configuration from the list of files using the profile provided. The order the files are listed will determine precedence. Values in subsequent files will overwrite values defined in earlier files.
For example, given two files A and B. Both define credentials. If the order of the files are A then B, B's credential values will be used instead of A's.
func (SharedConfig) GetCredentialsProvider ¶ added in v0.20.0
func (c SharedConfig) GetCredentialsProvider() (aws.Credentials, error)
GetCredentialsProvider returns the credentials for a profile if they were set.
func (*SharedConfig) GetEnableEndpointDiscovery ¶ added in v0.20.0
func (c *SharedConfig) GetEnableEndpointDiscovery() (value, ok bool, err error)
GetEnableEndpointDiscovery returns whether to enable service endpoint discovery
func (SharedConfig) GetRegion ¶
func (c SharedConfig) GetRegion() (string, error)
GetRegion returns the region for the profile if a region is set.
func (*SharedConfig) GetS3UseARNRegion ¶ added in v0.19.0
func (c *SharedConfig) GetS3UseARNRegion() (value, ok bool, err error)
GetS3UseARNRegion retions if the S3 service should allow ARNs to direct the region the client's requests are sent to.
type SharedConfigAssumeRoleError ¶
type SharedConfigAssumeRoleError struct {
}
SharedConfigAssumeRoleError is an error for the shared config when the profile contains assume role information, but that information is invalid or not complete.
func (SharedConfigAssumeRoleError) Error ¶
func (e SharedConfigAssumeRoleError) Error() string
type SharedConfigFileNotExistError ¶
type SharedConfigFileNotExistError struct {
}
SharedConfigFileNotExistError is an error for the shared config when the filename does not exist.
func (SharedConfigFileNotExistError) Cause ¶
func (e SharedConfigFileNotExistError) Cause() error
Cause is the underlying error that caused the failure.
func (SharedConfigFileNotExistError) Error ¶
func (e SharedConfigFileNotExistError) Error() string
type SharedConfigFilesProvider ¶
type SharedConfigFilesProvider interface {
}
SharedConfigFilesProvider provides access to the shared config filesnames external configuration value.
type SharedConfigLoadError ¶
type SharedConfigLoadError struct {
}
SharedConfigLoadError is an error for the shared config file failed to load.
func (SharedConfigLoadError) Cause ¶
func (e SharedConfigLoadError) Cause() error
Cause is the underlying error that caused the failure.
func (SharedConfigLoadError) Error ¶
func (e SharedConfigLoadError) Error() string
type SharedConfigNotExistErrors ¶
type SharedConfigNotExistErrors []error
SharedConfigNotExistErrors provides an error type for failure to load shared config because resources do not exist.
func (SharedConfigNotExistErrors) Error ¶
func (es SharedConfigNotExistErrors) Error() string
type SharedConfigProfileNotExistError ¶
type SharedConfigProfileNotExistError struct {
}
SharedConfigProfileNotExistError is an error for the shared config when the profile was not find in the config file.
func (SharedConfigProfileNotExistError) Cause ¶
func (e SharedConfigProfileNotExistError) Cause() error
Cause is the underlying error that caused the failure.
func (SharedConfigProfileNotExistError) Error ¶
func (e SharedConfigProfileNotExistError) Error() string
type SharedConfigProfileProvider ¶
type SharedConfigProfileProvider interface {
}
SharedConfigProfileProvider provides access to the shared config profile name external configuration value.
type WebIdentityCredentialProviderOptions ¶ added in v0.20.0
type WebIdentityCredentialProviderOptions interface {
GetWebIdentityCredentialProviderOptions() (func(*stscreds.WebIdentityRoleProviderOptions), bool, error)
}
WebIdentityCredentialProviderOptions is an interface for retrieving a function for setting the stscreds.WebIdentityCredentialProviderOptions.
type WithAssumeRoleCredentialProviderOptions ¶ added in v0.20.0
type WithAssumeRoleCredentialProviderOptions func(*stscreds.AssumeRoleProviderOptions)
WithAssumeRoleCredentialProviderOptions wraps a function and satisfies the EC2RoleCredentialProviderOptions interface
func (WithAssumeRoleCredentialProviderOptions) GetAssumeRoleCredentialProviderOptions ¶ added in v0.20.0
func (w WithAssumeRoleCredentialProviderOptions) GetAssumeRoleCredentialProviderOptions() (func(*stscreds.AssumeRoleProviderOptions), bool, error)
GetAssumeRoleCredentialProviderOptions returns the wrapped function
type WithAssumeRoleDuration ¶ added in v0.20.0
WithAssumeRoleDuration provides a wrapping type of a time.Duration to satisfy
func (WithAssumeRoleDuration) GetAssumeRoleDuration ¶ added in v0.20.0
func (w WithAssumeRoleDuration) GetAssumeRoleDuration() (time.Duration, bool, error)
GetAssumeRoleDuration returns the wrapped time.Duration value to use when setting the assume role credentials duration.
type WithCredentialsProvider ¶ added in v0.20.0
type WithCredentialsProvider struct {
aws.CredentialsProvider
}
WithCredentialsProvider provides wrapping of a credentials Value to satisfy the CredentialsProviderProvider interface.
Example ¶
package main
import (
"context"
"fmt"
"os"
"github.com/aws/aws-sdk-go-v2/aws"
"github.com/aws/aws-sdk-go-v2/aws/external"
)
func main() {
cfg, err := external.LoadDefaultAWSConfig(
// Hard coded credentials.
external.WithCredentialsProvider{
CredentialsProvider: aws.StaticCredentialsProvider{
Value: aws.Credentials{
AccessKeyID: "AKID", SecretAccessKey: "SECRET", SessionToken: "SESSION",
Source: "example hard coded credentials",
},
},
},
)
if err != nil {
fmt.Fprintf(os.Stderr, "failed to load config, %v", err)
os.Exit(1)
}
// Credentials retrieve will be called automatically internally to the SDK
// service clients created with the cfg value.
creds, err := cfg.Credentials.Retrieve(context.Background())
if err != nil {
fmt.Fprintf(os.Stderr, "failed to get credentials, %v", err)
os.Exit(1)
}
fmt.Println("Credentials Source:", creds.Source)
}
Output: Credentials Source: example hard coded credentials
func (WithCredentialsProvider) GetCredentialsProvider ¶ added in v0.20.0
func (v WithCredentialsProvider) GetCredentialsProvider() (aws.CredentialsProvider, bool, error)
GetCredentialsProvider returns the credentials value.
type WithCustomCABundle ¶
type WithCustomCABundle []byte
WithCustomCABundle provides wrapping of a region string to satisfy the CustomCABundleProvider interface.
func (WithCustomCABundle) GetCustomCABundle ¶
func (v WithCustomCABundle) GetCustomCABundle() ([]byte, error)
GetCustomCABundle returns the CA bundle PEM bytes.
type WithDefaultRegion ¶ added in v0.21.0
type WithDefaultRegion string
WithDefaultRegion wraps a string and satisfies the DefaultRegionProvider interface
func (WithDefaultRegion) GetDefaultRegion ¶ added in v0.21.0
func (w WithDefaultRegion) GetDefaultRegion() (string, bool, error)
GetDefaultRegion returns wrapped fallback region
type WithEC2MetadataRegion ¶
type WithEC2MetadataRegion struct {
// contains filtered or unexported fields
}
WithEC2MetadataRegion provides a RegionProvider that retrieves the region from the EC2 Metadata service.
TODO add this provider to the default config loading?
func NewWithEC2MetadataRegion ¶ added in v0.19.0
func NewWithEC2MetadataRegion(ctx context.Context, client *ec2metadata.Client) WithEC2MetadataRegion
NewWithEC2MetadataRegion function takes in a context and an ec2metadataClient, returns a WithEC2MetadataRegion region provider
Usage: ec2metaClient := ec2metadata.New(defaults.Config())
cfg, err := external.LoadDefaultAWSConfig(
external.NewWithEC2MetadataRegion(ctx, ec2metaClient),
)
func (WithEC2MetadataRegion) GetRegion ¶
func (p WithEC2MetadataRegion) GetRegion() (string, error)
GetRegion attempts to retrieve the region from EC2 Metadata service.
type WithEC2RoleCredentialProviderOptions ¶ added in v0.20.0
type WithEC2RoleCredentialProviderOptions func(*ec2rolecreds.ProviderOptions)
WithEC2RoleCredentialProviderOptions wraps a function and satisfies the EC2RoleCredentialProviderOptions interface
func (WithEC2RoleCredentialProviderOptions) GetEC2RoleCredentialProviderOptions ¶ added in v0.20.0
func (w WithEC2RoleCredentialProviderOptions) GetEC2RoleCredentialProviderOptions() (func(*ec2rolecreds.ProviderOptions), bool, error)
GetEC2RoleCredentialProviderOptions returns the wrapped function
type WithEnableEndpointDiscovery ¶ added in v0.20.0
type WithEnableEndpointDiscovery bool
WithEnableEndpointDiscovery provides a wrapping type of a bool to satisfy the EnableEndpointDiscoveryProvider interface.
func (WithEnableEndpointDiscovery) GetEnableEndpointDiscovery ¶ added in v0.20.0
func (w WithEnableEndpointDiscovery) GetEnableEndpointDiscovery() (value, found bool, err error)
GetEnableEndpointDiscovery returns whether to enable service endpoint discovery
type WithEndpointCredentialProviderOptions ¶ added in v0.20.0
type WithEndpointCredentialProviderOptions func(*endpointcreds.ProviderOptions)
WithEndpointCredentialProviderOptions wraps a function and satisfies the EC2RoleCredentialProviderOptions interface
func (WithEndpointCredentialProviderOptions) GetEndpointCredentialProviderOptions ¶ added in v0.20.0
func (w WithEndpointCredentialProviderOptions) GetEndpointCredentialProviderOptions() (func(*endpointcreds.ProviderOptions), bool, error)
GetEndpointCredentialProviderOptions returns the wrapped function
type WithEndpointResolverFunc ¶ added in v0.20.0
type WithEndpointResolverFunc EndpointResolverFunc
WithEndpointResolverFunc wraps a aws.EndpointResolver value to satisfy the EndpointResolverFuncProvider interface
func (WithEndpointResolverFunc) GetEndpointResolverFunc ¶ added in v0.20.0
func (w WithEndpointResolverFunc) GetEndpointResolverFunc() (EndpointResolverFunc, bool, error)
GetEndpointResolverFunc returns the wrapped EndpointResolverFunc
type WithHandlersFunc ¶ added in v0.20.0
type WithHandlersFunc HandlersFunc
WithHandlersFunc implements the HandlersFuncProvider and delegates to the wrapped function
func (WithHandlersFunc) GetHandlersFunc ¶ added in v0.20.0
func (w WithHandlersFunc) GetHandlersFunc() (HandlersFunc, bool, error)
GetHandlersFunc returns the wrapped haundlers function
type WithMFATokenFunc ¶
WithMFATokenFunc provides wrapping of a string to satisfy the MFATokenFuncProvider interface.
Example ¶
package main
import (
"context"
"fmt"
"os"
"github.com/aws/aws-sdk-go-v2/aws/external"
"github.com/aws/aws-sdk-go-v2/aws/stscreds"
)
func main() {
cfg, err := external.LoadDefaultAWSConfig(
// Set the provider function for the MFA token.
external.WithMFATokenFunc(stscreds.StdinTokenProvider),
// Optionally, specify the shared configuration profile to load.
external.WithSharedConfigProfile("exampleProfile"),
)
if err != nil {
fmt.Fprintf(os.Stderr, "failed to load config, %v", err)
os.Exit(1)
}
// If assume role credentials with MFA enabled are specified in the shared
// configuration the MFA token provider function will be called to retrieve
// the MFA token for the assume role API call.
fmt.Println(cfg.Credentials.Retrieve(context.Background()))
}
Output:
func (WithMFATokenFunc) GetMFATokenFunc ¶
func (p WithMFATokenFunc) GetMFATokenFunc() (func() (string, error), error)
GetMFATokenFunc returns the MFA Token function.
type WithProcessCredentialProviderOptions ¶ added in v0.20.0
type WithProcessCredentialProviderOptions func(*processcreds.ProviderOptions)
WithProcessCredentialProviderOptions wraps a function and satisfies the EC2RoleCredentialProviderOptions interface
func (WithProcessCredentialProviderOptions) GetProcessCredentialProviderOptions ¶ added in v0.20.0
func (w WithProcessCredentialProviderOptions) GetProcessCredentialProviderOptions() (func(*processcreds.ProviderOptions), bool, error)
GetProcessCredentialProviderOptions returns the wrapped function
type WithRegion ¶
type WithRegion string
WithRegion provides wrapping of a region string to satisfy the RegionProvider interface.
func (WithRegion) GetRegion ¶
func (v WithRegion) GetRegion() (string, error)
GetRegion returns the region string.
type WithSharedConfigFiles ¶
type WithSharedConfigFiles []string
WithSharedConfigFiles wraps a slice of strings to satisfy the SharedConfigFilesProvider interface so a slice of custom shared config files ared used when loading the SharedConfig.
func (WithSharedConfigFiles) GetSharedConfigFiles ¶
func (c WithSharedConfigFiles) GetSharedConfigFiles() ([]string, error)
GetSharedConfigFiles returns the slice of shared config files.
type WithSharedConfigProfile ¶
type WithSharedConfigProfile string
WithSharedConfigProfile wraps a strings to satisfy the SharedConfigProfileProvider interface so a slice of custom shared config files ared used when loading the SharedConfig.
func (WithSharedConfigProfile) GetSharedConfigProfile ¶
func (c WithSharedConfigProfile) GetSharedConfigProfile() (string, error)
GetSharedConfigProfile returns the shared config profile.
type WithWebIdentityCredentialProviderOptions ¶ added in v0.20.0
type WithWebIdentityCredentialProviderOptions func(*stscreds.WebIdentityRoleProviderOptions)
WithWebIdentityCredentialProviderOptions wraps a function and satisfies the EC2RoleCredentialProviderOptions interface
func (WithWebIdentityCredentialProviderOptions) GetWebIdentityCredentialProviderOptions ¶ added in v0.20.0
func (w WithWebIdentityCredentialProviderOptions) GetWebIdentityCredentialProviderOptions() (func(*stscreds.WebIdentityRoleProviderOptions), bool, error)
GetWebIdentityCredentialProviderOptions returns the wrapped function
Source Files