console

package module

v1.0.0 Latest Latest Go to latest Published: May 18, 2021 License: Apache-2.0 Imports: 11 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/ozaaar/aws-go-console

Links

Open Source Insights

README ¶

aws-go-console

A helper package provides short-lived (scoped based) token/url for AWS console. It is based on the documentation provided by AWS.

Package console have following use cases:

Give federated access to a user via AWS Management Console without an IAM User.
Allow users who sign in to your organization's network securely access the AWS Management Console.

example

In following example we get sign-in url with read-only access to Elastic Container Registry (ECR) via AWS console:

// create AWS session using one of credentials provider e.g env variables
sess, _ := session.NewSession()

// create console and get a token with ECR read-only scope
con := console.New(sess)
token, _ := con.SignInTokenWithArn("example", "arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryReadOnly")

// create a url with ECR as destination which can be opened in browser directly
url, _ := token.SignInURL("https://console.aws.amazon.com/ecr")

with running example as follows:

Documentation ¶

Overview ¶

Package console provides short-lived (scoped based) token/url for AWS console

Index ¶

Variables
type Console
- func New(sess *session.Session) *Console
- func (c *Console) SignInTokenWithArn(name, arn string) (*Token, error)
type HTTPClient
type Token
- func (t *Token) IsValid() bool
- func (t *Token) SignInURL(dst string) (*url.URL, error)

Constants ¶

This section is empty.

Variables ¶

View Source

var ErrInvalidToken = errors.New("invalid token")

ErrInvalidToken indicates the token value is empty or is expired

Functions ¶

This section is empty.

Types ¶

type Console ¶

type Console struct {
	STS    stsiface.STSAPI
	Client HTTPClient
}

Console provides the API operation methods for getting sign-in Token

func New ¶

func New(sess *session.Session) *Console

New creates a new instance of the Console Client with a session.

Example:

mySession := session.Must(session.NewSession())

// Create a Console Client from just a session.
con := console.New(mySession)

func (*Console) SignInTokenWithArn ¶

func (c *Console) SignInTokenWithArn(name, arn string) (*Token, error)

SignInTokenWithArn gets token from AWS API via GetFederationToken name is the name for AWS console user arn is the managed permission ARN for AWS console user

type HTTPClient ¶

type HTTPClient interface {
	Do(req *http.Request) (*http.Response, error)
}

HTTPClient minimal interface for an HTTP client

type Token ¶

type Token struct {
	Value     string    `json:"SigninToken"`
	ExpiresAt time.Time `json:"-"`
}

Token contains the sign-in token for AWS console access

func (*Token) IsValid ¶

func (t *Token) IsValid() bool

IsValid validates a given token

func (*Token) SignInURL ¶

func (t *Token) SignInURL(dst string) (*url.URL, error)

SignInURL returns the URL with a valid token, can be opened directly in the browser dst is the AWS console location to be opened e.g https://console.aws.amazon.com/sns

Source Files ¶

View all Source files

console.go

Directories ¶

Path	Synopsis
example

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL