auth

package
v0.0.0-...-7455827 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 27, 2024 License: Apache-2.0 Imports: 14 Imported by: 0

Documentation

Overview

* Package responsible for returning an AWS SDK session with credentials * given an AWS region, K8s namespace, and K8s service account. * * This package requries that the K8s service account be associated with an IAM * role via IAM Roles for Service Accounts (IRSA).

Index

Constants

View Source 
const (
	ProviderName = "secrets-store-csi-driver-provider-aws"
)

Variables

This section is empty.

Functions

This section is empty.

Types

type Auth 

type Auth struct {
	// contains filtered or unexported fields
}

Auth is the main entry point to retrive an AWS session. The caller initializes a new Auth object with NewAuth passing the region, namespace, and K8s service account (and request context). The caller can then obtain AWS sessions by calling GetAWSSession.

func NewAuth 

func NewAuth(
	ctx context.Context,
	region, nameSpace, svcAcc string,
	k8sClient k8sv1.CoreV1Interface,
) (auth *Auth, e error)

Factory method to create a new Auth object for an incomming mount request.

func (Auth) GetAWSSession 

func (p Auth) GetAWSSession() (awsSession *session.Session, e error)

Get the AWS session credentials associated with a given pod's service account.

The returned session is capable of automatically refreshing creds as needed by using a private TokenFetcher helper.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.