Documentation ¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func Transform ¶
func Transform(credentials *sts.Credentials, transformers []Transformer) (*sts.Credentials, error)
Transform is a reduce-style operation. The given sts.Credentials are passed to the first Transformer, the result of which is passed to the second, and so on.
Types ¶
type AssumeRoleTransform ¶
func (AssumeRoleTransform) Transform ¶
func (s AssumeRoleTransform) Transform(creds *sts.Credentials) (*sts.Credentials, error)
Transform takes the input sts.Credentials and the internal config.Role and performs an AssumeRole. The sts.Credentials for the assumed role are returned.
type FederationTokenTransform ¶
func (FederationTokenTransform) Transform ¶
func (s FederationTokenTransform) Transform(creds *sts.Credentials) (*sts.Credentials, error)
Transform takes the input sts.Credentials and the internal config.Federate and performs a GetFederationToken. The sts.Credentials for the federated session are returned.
type Identity ¶
type Identity struct { ARN string AccessKeyID string AccountID string Expiration time.Time SecretAccessKey string SessionToken string }
type SessionTokenTransform ¶
func (SessionTokenTransform) Transform ¶
func (s SessionTokenTransform) Transform(creds *sts.Credentials) (*sts.Credentials, error)
Transform takes the input sts.Credentials and the internal config.Session and performs a GetSessionToken. The sts.Credentials for the session are returned.
type Transformer ¶
type Transformer interface {
Transform(*sts.Credentials) (*sts.Credentials, error)
}
Transformer represents types that are able to trade a given sts.Credentials value for a new (derived) sts.Credentials value.
func Chain ¶
func Chain(cfg *config.Config, profile string) (*sts.Credentials, []Transformer, error)
Chain finds a sequence of transforms that can be used to obtain credentials for the given profile, starting with some initial AWS credentials.
For example, if the given profile names a section with literal AWS credentials, the chain would look like: credentials → done
A more complicated chain could look like: credentials → assume role → assume role → done