Documentation ¶
Overview ¶
Package credentials is an alibaba cloud official credentials provider implementation
Index ¶
- Constants
- type BearerTokenCredential
- func (b *BearerTokenCredential) GetAccessKeyId() (*string, error)
- func (b *BearerTokenCredential) GetAccessKeySecret() (*string, error)
- func (b *BearerTokenCredential) GetBearerToken() *string
- func (s *BearerTokenCredential) GetCredential() (*CredentialModel, error)
- func (b *BearerTokenCredential) GetSecurityToken() (*string, error)
- func (b *BearerTokenCredential) GetType() *string
- type Config
- func (s Config) GoString() string
- func (s *Config) SetAccessKeyId(v string) *Config
- func (s *Config) SetAccessKeySecret(v string) *Config
- func (s *Config) SetBearerToken(v string) *Config
- func (s *Config) SetConnectTimeout(v int) *Config
- func (s *Config) SetDisableIMDSv1(v bool) *Config
- func (s *Config) SetEnableIMDSv2(v bool) *Config
- func (s *Config) SetExternalId(v string) *Config
- func (s *Config) SetHost(v string) *Config
- func (s *Config) SetMetadataTokenDuration(v int) *Config
- func (s *Config) SetOIDCProviderArn(v string) *Config
- func (s *Config) SetOIDCTokenFilePath(v string) *Config
- func (s *Config) SetPolicy(v string) *Config
- func (s *Config) SetPrivateKeyFile(v string) *Config
- func (s *Config) SetProxy(v string) *Config
- func (s *Config) SetPublicKeyId(v string) *Config
- func (s *Config) SetRoleArn(v string) *Config
- func (s *Config) SetRoleName(v string) *Config
- func (s *Config) SetRoleSessionExpiration(v int) *Config
- func (s *Config) SetRoleSessionName(v string) *Config
- func (s *Config) SetSTSEndpoint(v string) *Config
- func (s *Config) SetSecurityToken(v string) *Config
- func (s *Config) SetSessionExpiration(v int) *Config
- func (s *Config) SetTimeout(v int) *Config
- func (s *Config) SetType(v string) *Config
- func (s *Config) SetURLCredential(v string) *Config
- func (s Config) String() string
- type Credential
- type CredentialModel
- func (s CredentialModel) GoString() string
- func (s *CredentialModel) SetAccessKeyId(v string) *CredentialModel
- func (s *CredentialModel) SetAccessKeySecret(v string) *CredentialModel
- func (s *CredentialModel) SetBearerToken(v string) *CredentialModel
- func (s *CredentialModel) SetSecurityToken(v string) *CredentialModel
- func (s *CredentialModel) SetType(v string) *CredentialModel
- func (s CredentialModel) String() string
- type ECSRAMRoleCredentialsProvider
- func (e *ECSRAMRoleCredentialsProvider) GetAccessKeyId() (accessKeyId *string, err error)
- func (e *ECSRAMRoleCredentialsProvider) GetAccessKeySecret() (accessKeySecret *string, err error)
- func (e *ECSRAMRoleCredentialsProvider) GetBearerToken() *string
- func (e *ECSRAMRoleCredentialsProvider) GetCredential() (credentials *CredentialModel, err error)
- func (e *ECSRAMRoleCredentialsProvider) GetSecurityToken() (securityToken *string, err error)
- func (e *ECSRAMRoleCredentialsProvider) GetType() *string
- type Provider
- type RAMRoleArnCredentialsProvider
- func (r *RAMRoleArnCredentialsProvider) GetAccessKeyId() (accessKeyId *string, err error)
- func (r *RAMRoleArnCredentialsProvider) GetAccessKeySecret() (accessKeySecret *string, err error)
- func (r *RAMRoleArnCredentialsProvider) GetBearerToken() *string
- func (e *RAMRoleArnCredentialsProvider) GetCredential() (*CredentialModel, error)
- func (r *RAMRoleArnCredentialsProvider) GetSecurityToken() (securityToken *string, err error)
- func (r *RAMRoleArnCredentialsProvider) GetType() *string
- type RsaKeyPairCredentialsProviderdeprecated
- func (r *RsaKeyPairCredentialsProvider) GetAccessKeyId() (accessKeyId *string, err error)
- func (r *RsaKeyPairCredentialsProvider) GetAccessKeySecret() (accessKeySecret *string, err error)
- func (r *RsaKeyPairCredentialsProvider) GetBearerToken() *string
- func (e *RsaKeyPairCredentialsProvider) GetCredential() (*CredentialModel, error)
- func (r *RsaKeyPairCredentialsProvider) GetSecurityToken() (*string, error)
- func (r *RsaKeyPairCredentialsProvider) GetType() *string
- type URLCredentialsProvider
- func (e *URLCredentialsProvider) GetAccessKeyId() (accessKeyId *string, err error)
- func (e *URLCredentialsProvider) GetAccessKeySecret() (accessKeySecret *string, err error)
- func (e *URLCredentialsProvider) GetBearerToken() *string
- func (e *URLCredentialsProvider) GetCredential() (*CredentialModel, error)
- func (e *URLCredentialsProvider) GetSecurityToken() (securityToken *string, err error)
- func (e *URLCredentialsProvider) GetType() *string
- type URLResponse
Constants ¶
const ( // EnvVarAccessKeyId is a name of ALIBABA_CLOUD_ACCESS_KEY_Id EnvVarAccessKeyId = "ALIBABA_CLOUD_ACCESS_KEY_Id" EnvVarAccessKeyIdNew = "ALIBABA_CLOUD_ACCESS_KEY_ID" // EnvVarAccessKeySecret is a name of ALIBABA_CLOUD_ACCESS_KEY_SECRET EnvVarAccessKeySecret = "ALIBABA_CLOUD_ACCESS_KEY_SECRET" )
const ( ENVCredentialFile = "ALIBABA_CLOUD_CREDENTIALS_FILE" ENVEcsMetadata = "ALIBABA_CLOUD_ECS_METADATA" ENVEcsMetadataIMDSv2Enable = "ALIBABA_CLOUD_ECS_IMDSV2_ENABLE" PATHCredentialFile = "~/.alibabacloud/credentials" ENVRoleArn = "ALIBABA_CLOUD_ROLE_ARN" ENVOIDCProviderArn = "ALIBABA_CLOUD_OIDC_PROVIDER_ARN" ENVOIDCTokenFile = "ALIBABA_CLOUD_OIDC_TOKEN_FILE" ENVRoleSessionName = "ALIBABA_CLOUD_ROLE_SESSION_NAME" )
Environmental virables that may be used by the provider
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type BearerTokenCredential ¶
type BearerTokenCredential struct {
BearerToken string
}
BearerTokenCredential is a kind of credential
func (*BearerTokenCredential) GetAccessKeyId ¶ added in v0.0.2
func (b *BearerTokenCredential) GetAccessKeyId() (*string, error)
GetAccessKeyId is useless for BearerTokenCredential
func (*BearerTokenCredential) GetAccessKeySecret ¶ added in v0.0.2
func (b *BearerTokenCredential) GetAccessKeySecret() (*string, error)
GetAccessSecret is useless for BearerTokenCredential
func (*BearerTokenCredential) GetBearerToken ¶
func (b *BearerTokenCredential) GetBearerToken() *string
GetBearerToken reutrns BearerTokenCredential's BearerToken
func (*BearerTokenCredential) GetCredential ¶ added in v1.3.1
func (s *BearerTokenCredential) GetCredential() (*CredentialModel, error)
func (*BearerTokenCredential) GetSecurityToken ¶
func (b *BearerTokenCredential) GetSecurityToken() (*string, error)
GetSecurityToken is useless for BearerTokenCredential
func (*BearerTokenCredential) GetType ¶
func (b *BearerTokenCredential) GetType() *string
GetType reutrns BearerTokenCredential's type
type Config ¶ added in v0.0.3
type Config struct { // Credential type, including access_key, sts, bearer, ecs_ram_role, ram_role_arn, rsa_key_pair, oidc_role_arn, credentials_uri Type *string `json:"type"` AccessKeyId *string `json:"access_key_id"` AccessKeySecret *string `json:"access_key_secret"` SecurityToken *string `json:"security_token"` BearerToken *string `json:"bearer_token"` // Used when the type is ram_role_arn or oidc_role_arn OIDCProviderArn *string `json:"oidc_provider_arn"` OIDCTokenFilePath *string `json:"oidc_token"` RoleArn *string `json:"role_arn"` RoleSessionName *string `json:"role_session_name"` RoleSessionExpiration *int `json:"role_session_expiration"` Policy *string `json:"policy"` ExternalId *string `json:"external_id"` STSEndpoint *string `json:"sts_endpoint"` // Used when the type is ecs_ram_role RoleName *string `json:"role_name"` // Deprecated EnableIMDSv2 *bool `json:"enable_imds_v2"` DisableIMDSv1 *bool `json:"disable_imds_v1"` // Deprecated MetadataTokenDuration *int `json:"metadata_token_duration"` // Used when the type is credentials_uri Url *string `json:"url"` // Deprecated // Used when the type is rsa_key_pair SessionExpiration *int `json:"session_expiration"` PublicKeyId *string `json:"public_key_id"` PrivateKeyFile *string `json:"private_key_file"` Host *string `json:"host"` // Read timeout, in milliseconds. // The default value for ecs_ram_role is 1000ms, the default value for ram_role_arn is 5000ms, and the default value for oidc_role_arn is 5000ms. Timeout *int `json:"timeout"` // Connection timeout, in milliseconds. // The default value for ecs_ram_role is 1000ms, the default value for ram_role_arn is 10000ms, and the default value for oidc_role_arn is 10000ms. ConnectTimeout *int `json:"connect_timeout"` Proxy *string `json:"proxy"` InAdvanceScale *float64 `json:"inAdvanceScale"` }
Config is important when call NewCredential
func (*Config) SetAccessKeyId ¶ added in v1.1.2
func (*Config) SetAccessKeySecret ¶ added in v1.1.2
func (*Config) SetBearerToken ¶ added in v1.1.2
func (*Config) SetConnectTimeout ¶ added in v1.1.2
func (*Config) SetDisableIMDSv1 ¶ added in v1.3.10
func (*Config) SetEnableIMDSv2 ¶ added in v1.3.4
func (*Config) SetExternalId ¶ added in v1.3.11
func (*Config) SetMetadataTokenDuration ¶ added in v1.3.4
func (*Config) SetOIDCProviderArn ¶ added in v1.2.0
func (*Config) SetOIDCTokenFilePath ¶ added in v1.2.0
func (*Config) SetPrivateKeyFile ¶ added in v1.1.2
func (*Config) SetPublicKeyId ¶ added in v1.1.2
func (*Config) SetRoleArn ¶ added in v1.1.2
func (*Config) SetRoleName ¶ added in v1.1.2
func (*Config) SetRoleSessionExpiration ¶ added in v1.1.2
func (*Config) SetRoleSessionName ¶ added in v1.1.2
func (*Config) SetSTSEndpoint ¶ added in v1.2.7
func (*Config) SetSecurityToken ¶ added in v1.1.2
func (*Config) SetSessionExpiration ¶ added in v1.1.2
func (*Config) SetTimeout ¶ added in v1.1.2
func (*Config) SetURLCredential ¶ added in v1.2.0
type Credential ¶
type Credential interface { // Deprecated: GetAccessKeyId is deprecated, use GetCredential instead of. GetAccessKeyId() (*string, error) // Deprecated: GetAccessKeySecret is deprecated, use GetCredential instead of. GetAccessKeySecret() (*string, error) // Deprecated: GetSecurityToken is deprecated, use GetCredential instead of. GetSecurityToken() (*string, error) GetBearerToken() *string GetType() *string GetCredential() (*CredentialModel, error) }
Credential is an interface for getting actual credential
func FromCredentialsProvider ¶ added in v1.4.0
func FromCredentialsProvider(typeName string, cp providers.CredentialsProvider) Credential
func NewCredential ¶
func NewCredential(config *Config) (credential Credential, err error)
NewCredential return a credential according to the type in config. if config is nil, the function will use default provider chain to get credentials. please see README.md for detail.
type CredentialModel ¶ added in v1.3.1
type CredentialModel struct { // accesskey id AccessKeyId *string `json:"accessKeyId,omitempty" xml:"accessKeyId,omitempty"` // accesskey secret AccessKeySecret *string `json:"accessKeySecret,omitempty" xml:"accessKeySecret,omitempty"` // security token SecurityToken *string `json:"securityToken,omitempty" xml:"securityToken,omitempty"` // bearer token BearerToken *string `json:"bearerToken,omitempty" xml:"bearerToken,omitempty"` // type Type *string `json:"type,omitempty" xml:"type,omitempty"` }
CredentialModel is a model
func (CredentialModel) GoString ¶ added in v1.3.1
func (s CredentialModel) GoString() string
func (*CredentialModel) SetAccessKeyId ¶ added in v1.3.1
func (s *CredentialModel) SetAccessKeyId(v string) *CredentialModel
func (*CredentialModel) SetAccessKeySecret ¶ added in v1.3.1
func (s *CredentialModel) SetAccessKeySecret(v string) *CredentialModel
func (*CredentialModel) SetBearerToken ¶ added in v1.3.1
func (s *CredentialModel) SetBearerToken(v string) *CredentialModel
func (*CredentialModel) SetSecurityToken ¶ added in v1.3.1
func (s *CredentialModel) SetSecurityToken(v string) *CredentialModel
func (*CredentialModel) SetType ¶ added in v1.3.1
func (s *CredentialModel) SetType(v string) *CredentialModel
func (CredentialModel) String ¶ added in v1.3.1
func (s CredentialModel) String() string
type ECSRAMRoleCredentialsProvider ¶ added in v1.3.7
type ECSRAMRoleCredentialsProvider struct { RoleName string EnableIMDSv2 bool MetadataTokenDuration int // contains filtered or unexported fields }
ECSRAMRoleCredentialsProvider is a kind of credentials provider
func (*ECSRAMRoleCredentialsProvider) GetAccessKeyId ¶ added in v1.3.7
func (e *ECSRAMRoleCredentialsProvider) GetAccessKeyId() (accessKeyId *string, err error)
GetAccessKeyId reutrns EcsRAMRoleCredential's AccessKeyId if AccessKeyId is not exist or out of date, the function will update it.
func (*ECSRAMRoleCredentialsProvider) GetAccessKeySecret ¶ added in v1.3.7
func (e *ECSRAMRoleCredentialsProvider) GetAccessKeySecret() (accessKeySecret *string, err error)
GetAccessSecret reutrns EcsRAMRoleCredential's AccessKeySecret if AccessKeySecret is not exist or out of date, the function will update it.
func (*ECSRAMRoleCredentialsProvider) GetBearerToken ¶ added in v1.3.7
func (e *ECSRAMRoleCredentialsProvider) GetBearerToken() *string
GetBearerToken is useless for EcsRAMRoleCredential
func (*ECSRAMRoleCredentialsProvider) GetCredential ¶ added in v1.3.7
func (e *ECSRAMRoleCredentialsProvider) GetCredential() (credentials *CredentialModel, err error)
func (*ECSRAMRoleCredentialsProvider) GetSecurityToken ¶ added in v1.3.7
func (e *ECSRAMRoleCredentialsProvider) GetSecurityToken() (securityToken *string, err error)
GetSecurityToken reutrns EcsRAMRoleCredential's SecurityToken if SecurityToken is not exist or out of date, the function will update it.
func (*ECSRAMRoleCredentialsProvider) GetType ¶ added in v1.3.7
func (e *ECSRAMRoleCredentialsProvider) GetType() *string
GetType reutrns EcsRAMRoleCredential's type
type Provider ¶
type Provider interface {
// contains filtered or unexported methods
}
Provider will be implemented When you want to customize the provider.
type RAMRoleArnCredentialsProvider ¶ added in v1.3.7
type RAMRoleArnCredentialsProvider struct { AccessKeyId string AccessKeySecret string SecurityToken string RoleArn string RoleSessionName string RoleSessionExpiration int Policy string ExternalId string // contains filtered or unexported fields }
RAMRoleArnCredentialsProvider is a kind of credentials
func (*RAMRoleArnCredentialsProvider) GetAccessKeyId ¶ added in v1.3.7
func (r *RAMRoleArnCredentialsProvider) GetAccessKeyId() (accessKeyId *string, err error)
GetAccessKeyId reutrns RAMRoleArnCredentialsProvider's AccessKeyId if AccessKeyId is not exist or out of date, the function will update it.
func (*RAMRoleArnCredentialsProvider) GetAccessKeySecret ¶ added in v1.3.7
func (r *RAMRoleArnCredentialsProvider) GetAccessKeySecret() (accessKeySecret *string, err error)
GetAccessSecret reutrns RAMRoleArnCredentialsProvider's AccessKeySecret if AccessKeySecret is not exist or out of date, the function will update it.
func (*RAMRoleArnCredentialsProvider) GetBearerToken ¶ added in v1.3.7
func (r *RAMRoleArnCredentialsProvider) GetBearerToken() *string
GetBearerToken is useless RAMRoleArnCredentialsProvider
func (*RAMRoleArnCredentialsProvider) GetCredential ¶ added in v1.3.7
func (e *RAMRoleArnCredentialsProvider) GetCredential() (*CredentialModel, error)
func (*RAMRoleArnCredentialsProvider) GetSecurityToken ¶ added in v1.3.7
func (r *RAMRoleArnCredentialsProvider) GetSecurityToken() (securityToken *string, err error)
GetSecurityToken reutrns RAMRoleArnCredentialsProvider's SecurityToken if SecurityToken is not exist or out of date, the function will update it.
func (*RAMRoleArnCredentialsProvider) GetType ¶ added in v1.3.7
func (r *RAMRoleArnCredentialsProvider) GetType() *string
GetType reutrns RAMRoleArnCredentialsProvider's type
type RsaKeyPairCredentialsProvider
deprecated
added in
v1.3.7
type RsaKeyPairCredentialsProvider struct { PrivateKey string PublicKeyId string SessionExpiration int // contains filtered or unexported fields }
Deprecated: no more recommend to use it RsaKeyPairCredentialsProvider is a kind of credentials provider
func (*RsaKeyPairCredentialsProvider) GetAccessKeyId ¶ added in v1.3.7
func (r *RsaKeyPairCredentialsProvider) GetAccessKeyId() (accessKeyId *string, err error)
GetAccessKeyId reutrns RsaKeyPairCredential's AccessKeyId if AccessKeyId is not exist or out of date, the function will update it.
func (*RsaKeyPairCredentialsProvider) GetAccessKeySecret ¶ added in v1.3.7
func (r *RsaKeyPairCredentialsProvider) GetAccessKeySecret() (accessKeySecret *string, err error)
GetAccessSecret reutrns RsaKeyPairCredential's AccessKeySecret if AccessKeySecret is not exist or out of date, the function will update it.
func (*RsaKeyPairCredentialsProvider) GetBearerToken ¶ added in v1.3.7
func (r *RsaKeyPairCredentialsProvider) GetBearerToken() *string
GetBearerToken is useless for RsaKeyPairCredential
func (*RsaKeyPairCredentialsProvider) GetCredential ¶ added in v1.3.7
func (e *RsaKeyPairCredentialsProvider) GetCredential() (*CredentialModel, error)
func (*RsaKeyPairCredentialsProvider) GetSecurityToken ¶ added in v1.3.7
func (r *RsaKeyPairCredentialsProvider) GetSecurityToken() (*string, error)
GetSecurityToken is useless RsaKeyPairCredential
func (*RsaKeyPairCredentialsProvider) GetType ¶ added in v1.3.7
func (r *RsaKeyPairCredentialsProvider) GetType() *string
GetType reutrns RsaKeyPairCredential's type
type URLCredentialsProvider ¶ added in v1.3.7
type URLCredentialsProvider struct { URL string // contains filtered or unexported fields }
URLCredential is a kind of credential
func (*URLCredentialsProvider) GetAccessKeyId ¶ added in v1.3.7
func (e *URLCredentialsProvider) GetAccessKeyId() (accessKeyId *string, err error)
GetAccessKeyId reutrns URLCredential's AccessKeyId if AccessKeyId is not exist or out of date, the function will update it.
func (*URLCredentialsProvider) GetAccessKeySecret ¶ added in v1.3.7
func (e *URLCredentialsProvider) GetAccessKeySecret() (accessKeySecret *string, err error)
GetAccessSecret reutrns URLCredential's AccessKeySecret if AccessKeySecret is not exist or out of date, the function will update it.
func (*URLCredentialsProvider) GetBearerToken ¶ added in v1.3.7
func (e *URLCredentialsProvider) GetBearerToken() *string
GetBearerToken is useless for URLCredential
func (*URLCredentialsProvider) GetCredential ¶ added in v1.3.7
func (e *URLCredentialsProvider) GetCredential() (*CredentialModel, error)
func (*URLCredentialsProvider) GetSecurityToken ¶ added in v1.3.7
func (e *URLCredentialsProvider) GetSecurityToken() (securityToken *string, err error)
GetSecurityToken reutrns URLCredential's SecurityToken if SecurityToken is not exist or out of date, the function will update it.
func (*URLCredentialsProvider) GetType ¶ added in v1.3.7
func (e *URLCredentialsProvider) GetType() *string
GetType reutrns URLCredential's type
type URLResponse ¶ added in v1.2.0
Source Files ¶
- bearer_token_credential.go
- credential.go
- credential_model.go
- credential_updater.go
- doc.go
- ecs_ram_role_credentials_provider.go
- env_provider.go
- instance_provider.go
- oidc_credential_provider.go
- profile_provider.go
- provider.go
- provider_chain.go
- ram_role_arn_credentials_provider.go
- rsa_key_pair_credentials_provider.go
- session_credential.go
- uri_credential.go
Directories ¶
Path | Synopsis |
---|---|
internal
|
|
Package request is used for internal.
|
Package request is used for internal. |
Package request is used for internal.
|
Package request is used for internal. |
Package request is used for internal.
|
Package request is used for internal. |