ec2rolecreds

package

v0.9.14 Latest Latest Go to latest Published: Oct 8, 2015 License: Apache-2.0 Imports: 9 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/bboughton/aws-sdk-go

Documentation ¶

Index ¶

func NewCredentials(client *ec2metadata.Client, window time.Duration) *credentials.Credentials
type EC2RoleProvider
- func (m *EC2RoleProvider) Retrieve() (credentials.Value, error)

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func NewCredentials ¶

func NewCredentials(client *ec2metadata.Client, window time.Duration) *credentials.Credentials

NewCredentials returns a pointer to a new Credentials object wrapping the EC2RoleProvider.

Takes a custom http.Client which can be configured for custom handling of things such as timeout.

Endpoint is the URL that the EC2RoleProvider will connect to when retrieving role and credentials.

Window is the expiry window that will be subtracted from the expiry returned by the role credential request. This is done so that the credentials will expire sooner than their actual lifespan.

Types ¶

type EC2RoleProvider ¶

type EC2RoleProvider struct {
	credentials.Expiry

	// EC2Metadata client to use when connecting to EC2 metadata service
	Client *ec2metadata.Client

	// ExpiryWindow will allow the credentials to trigger refreshing prior to
	// the credentials actually expiring. This is beneficial so race conditions
	// with expiring credentials do not cause request to fail unexpectedly
	// due to ExpiredTokenException exceptions.
	//
	// So a ExpiryWindow of 10s would cause calls to IsExpired() to return true
	// 10 seconds before the credentials are actually expired.
	//
	// If ExpiryWindow is 0 or less it will be ignored.
	ExpiryWindow time.Duration
}

A EC2RoleProvider retrieves credentials from the EC2 service, and keeps track if those credentials are expired.

Example how to configure the EC2RoleProvider with custom http Client, Endpoint or ExpiryWindow

p := &ec2rolecreds.EC2RoleProvider{
    // Pass in a custom timeout to be used when requesting
    // IAM EC2 Role credentials.
    Client: &http.Client{
        Timeout: 10 * time.Second,
    },
    // Use default EC2 Role metadata endpoint, Alternate endpoints can be
    // specified setting Endpoint to something else.
    Endpoint: "",
    // Do not use early expiry of credentials. If a non zero value is
    // specified the credentials will be expired early
    ExpiryWindow: 0,
}

func (*EC2RoleProvider) Retrieve ¶

func (m *EC2RoleProvider) Retrieve() (credentials.Value, error)

Retrieve retrieves credentials from the EC2 service. Error will be returned if the request fails, or unable to extract the desired credentials.

Source Files ¶

View all Source files

ec2_role_provider.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL