auth

package
v0.5.8 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Aug 23, 2022 License: Apache-2.0 Imports: 23 Imported by: 0

Documentation

Overview

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at 

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at 

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

Index

Constants

View Source 
const (
	SecretsManagerEndpointEnv = "AWS_SECRETSMANAGER_ENDPOINT"
	STSEndpointEnv            = "AWS_STS_ENDPOINT"
	SSMEndpointEnv            = "AWS_SSM_ENDPOINT"
)

Variables

View Source 
var (
	EnableCache bool
)

Functions

func DefaultJWTProvider 

func DefaultJWTProvider(name, namespace, roleArn string, aud []string, region string) (credentials.Provider, error)

DefaultJWTProvider returns a credentials.Provider that calls the AssumeRoleWithWebidentity controller-runtime/client does not support TokenRequest or other subresource APIs so we need to construct our own client and use it to fetch tokens.

func DefaultSTSProvider 

func DefaultSTSProvider(sess *session.Session) stsiface.STSAPI

func New 

func New(ctx context.Context, store esv1beta1.GenericStore, kube client.Client, namespace string, assumeRoler STSProvider, jwtProvider jwtProviderFactory) (*session.Session, error)

New creates a new aws session based on the provided store it uses the following authentication mechanisms in order: * service-account token authentication via AssumeRoleWithWebIdentity * static credentials from a Kind=Secret, optionally with doing a AssumeRole. * sdk default provider chain, see: https://docs.aws.amazon.com/sdk-for-java/v1/developer-guide/credentials.html#credentials-default

func ResolveEndpoint 

func ResolveEndpoint() endpoints.ResolverFunc

ResolveEndpoint returns a ResolverFunc with customizable endpoints.

func ResolveEndpointWithServiceMap 

func ResolveEndpointWithServiceMap(customEndpoints map[string]string) endpoints.ResolverFunc

Types

type Config 

type Config struct {
	AssumeRole string
	Region     string
	APIRetries int
}

Config contains configuration to create a new AWS provider.

type STSProvider 

type STSProvider func(*session.Session) stsiface.STSAPI

type SessionCache 

type SessionCache struct {
	Name            string
	Namespace       string
	Kind            string
	ResourceVersion string
}

Source Files

View all Source files

Directories

Path Synopsis
Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License.
 Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.