connectaws

package
v0.47.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Feb 21, 2024 License: Apache-2.0 Imports: 29 Imported by: 0

Documentation

Index

Constants

View Source
const (
	URLConfigTypeStatic  = "Static"
	URLConfigTypeDynamic = "Dynamic"
)

Endpoint URL configuration types.

View Source
const DefaultSection = "DEFAULT"

DefaultSection for INI files.

View Source
const GlobalRegion = "aws-global"

GlobalRegion is the region name used for AWS services that do not have a notion of region.

Variables

This section is empty.

Functions

func CredentialsIDSecret

func CredentialsIDSecret(data []byte, profile string) (aws.Credentials, error)

CredentialsIDSecret retrieves AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY from the data which contains aws credentials under given profile Example: [default] aws_access_key_id = <YOUR_ACCESS_KEY_ID> aws_secret_access_key = <YOUR_SECRET_ACCESS_KEY>

func GetAssumeRoleARN

func GetAssumeRoleARN(pcs *v1beta1.ProviderConfigSpec) (*string, error)

GetAssumeRoleARN gets the AssumeRoleArn from a ProviderConfigSpec

func GetAssumeRoleWithWebIdentityARN

func GetAssumeRoleWithWebIdentityARN(pcs *v1beta1.ProviderConfigSpec) (*string, error)

GetAssumeRoleWithWebIdentityARN gets the RoleArn from a ProviderConfigSpec

func GetConfig

func GetConfig(ctx context.Context, c client.Client, mg resource.Managed, region string) (*aws.Config, error)

GetConfig constructs an *aws.Config that can be used to authenticate to AWS API by the AWS clients.

func GetConfigV1

func GetConfigV1(ctx context.Context, c client.Client, mg resource.Managed, region string) (*session.Session, error)

GetConfigV1 constructs an *awsv1.Config that can be used to authenticate to AWS API by the AWSv1 clients.

func GetDefaultConfigV1

func GetDefaultConfigV1() (*awsv1.Config, error)

GetDefaultConfigV1 returns a shallow copy of a default SDK config. We use this to get a shared credentials cache.

func GetDefaultConfigV2

func GetDefaultConfigV2(ctx context.Context) (aws.Config, error)

GetDefaultConfigV2 returns a shallow copy of a default SDK config. We use this to get a shared credentials cache.

func GetSessionV1

func GetSessionV1(cfg *awsv1.Config) (*session.Session, error)

GetSessionV1 constructs an AWS V1 client session, with common configuration like the user agent handler

func SetAssumeRoleOptions

func SetAssumeRoleOptions(pc *v1beta1.ProviderConfig) func(*stscreds.AssumeRoleOptions)

SetAssumeRoleOptions sets options when Assuming an IAM Role

func SetResolver

func SetResolver(pc *v1beta1.ProviderConfig, cfg *aws.Config) *aws.Config

SetResolver parses annotations from the managed resource and returns a configuration accordingly.

func SetResolverV1

func SetResolverV1(pc *v1beta1.ProviderConfig, cfg *awsv1.Config) *awsv1.Config

SetResolverV1 parses annotations from the managed resource and returns a V1 configuration accordingly.

func SetWebIdentityRoleOptions

func SetWebIdentityRoleOptions(pc *v1beta1.ProviderConfig) func(*stscreds.WebIdentityRoleOptions)

SetWebIdentityRoleOptions sets options when exchanging a WebIdentity Token for a Role

func UsePodServiceAccount

func UsePodServiceAccount(ctx context.Context, _ []byte, _, region string) (*aws.Config, error)

UsePodServiceAccount assumes an IAM role configured via a ServiceAccount. https://docs.aws.amazon.com/eks/latest/userguide/iam-roles-for-service-accounts.html

func UsePodServiceAccountAssumeRole

func UsePodServiceAccountAssumeRole(ctx context.Context, _ []byte, _, region string, pc *v1beta1.ProviderConfig) (*aws.Config, error)

UsePodServiceAccountAssumeRole assumes an IAM role configured via a ServiceAccount assume Cross account IAM roles https://aws.amazon.com/blogs/containers/cross-account-iam-roles-for-kubernetes-service-accounts/

func UsePodServiceAccountAssumeRoleWithWebIdentity

func UsePodServiceAccountAssumeRoleWithWebIdentity(ctx context.Context, _ []byte, _, region string, pc *v1beta1.ProviderConfig) (*aws.Config, error)

UsePodServiceAccountAssumeRoleWithWebIdentity assumes an IAM role configured via a ServiceAccount assume Cross account IAM roles https://aws.amazon.com/blogs/containers/cross-account-iam-roles-for-kubernetes-service-accounts/

func UsePodServiceAccountV1

func UsePodServiceAccountV1(ctx context.Context, _ []byte, pc *v1beta1.ProviderConfig, _, region string) (*awsv1.Config, error)

UsePodServiceAccountV1 assumes an IAM role configured via a ServiceAccount. https://docs.aws.amazon.com/eks/latest/userguide/iam-roles-for-service-accounts.html

func UsePodServiceAccountV1AssumeRole

func UsePodServiceAccountV1AssumeRole(ctx context.Context, _ []byte, pc *v1beta1.ProviderConfig, _, region string) (*awsv1.Config, error)

UsePodServiceAccountV1AssumeRole assumes an IAM role configured via a ServiceAccount and assume Cross account IAM role https://aws.amazon.com/blogs/containers/cross-account-iam-roles-for-kubernetes-service-accounts/

func UsePodServiceAccountV1AssumeRoleWithWebIdentity

func UsePodServiceAccountV1AssumeRoleWithWebIdentity(ctx context.Context, _ []byte, pc *v1beta1.ProviderConfig, _, region string) (*awsv1.Config, error)

UsePodServiceAccountV1AssumeRoleWithWebIdentity assumes an IAM role configured via a ServiceAccount and assume Cross account IAM role https://aws.amazon.com/blogs/containers/cross-account-iam-roles-for-kubernetes-service-accounts/

func UseProviderConfig

func UseProviderConfig(ctx context.Context, c client.Client, mg resource.Managed, region string) (*aws.Config, error)

UseProviderConfig to produce a config that can be used to authenticate to AWS.

func UseProviderSecret

func UseProviderSecret(ctx context.Context, data []byte, profile, region string) (*aws.Config, error)

UseProviderSecret - AWS configuration which can be used to issue requests against AWS API

func UseProviderSecretAssumeRole

func UseProviderSecretAssumeRole(ctx context.Context, data []byte, profile, region string, pc *v1beta1.ProviderConfig) (*aws.Config, error)

UseProviderSecretAssumeRole - AWS configuration which can be used to issue requests against AWS API assume Cross account IAM roles

func UseProviderSecretV1

func UseProviderSecretV1(_ context.Context, data []byte, pc *v1beta1.ProviderConfig, profile, region string) (*awsv1.Config, error)

UseProviderSecretV1 retrieves AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY from the data which contains aws credentials under given profile and produces a *awsv1.Config Example: [default] aws_access_key_id = <YOUR_ACCESS_KEY_ID> aws_secret_access_key = <YOUR_SECRET_ACCESS_KEY>

func UseProviderSecretV1AssumeRole

func UseProviderSecretV1AssumeRole(ctx context.Context, data []byte, pc *v1beta1.ProviderConfig, profile, region string) (*awsv1.Config, error)

UseProviderSecretV1AssumeRole - AWS v1 configuration which can be used to issue requests against AWS API assume Cross account IAM roles

Types

type AuthMethod

type AuthMethod func(context.Context, []byte, string, string) (*aws.Config, error)

AuthMethod is a method of authenticating to the AWS API

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL