Documentation
¶
Overview ¶
Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
Index ¶
- Constants
- func DefaultJWTProvider(name, namespace, roleArn string, aud []string, region string) (credentials.Provider, error)
- func DefaultSTSProvider(sess *session.Session) stsiface.STSAPI
- func New(ctx context.Context, store esv1beta1.GenericStore, kube client.Client, ...) (*session.Session, error)
- func NewGeneratorSession(ctx context.Context, auth esv1beta1.AWSAuth, role, region string, ...) (*session.Session, error)
- func ResolveEndpoint() endpoints.ResolverFunc
- func ResolveEndpointWithServiceMap(customEndpoints map[string]string) endpoints.ResolverFunc
- type Config
- type STSProvider
Constants ¶
const ( SecretsManagerEndpointEnv = "AWS_SECRETSMANAGER_ENDPOINT" STSEndpointEnv = "AWS_STS_ENDPOINT" SSMEndpointEnv = "AWS_SSM_ENDPOINT" )
Variables ¶
This section is empty.
Functions ¶
func DefaultJWTProvider ¶
func DefaultJWTProvider(name, namespace, roleArn string, aud []string, region string) (credentials.Provider, error)
DefaultJWTProvider returns a credentials.Provider that calls the AssumeRoleWithWebidentity controller-runtime/client does not support TokenRequest or other subresource APIs so we need to construct our own client and use it to fetch tokens.
func New ¶
func New(ctx context.Context, store esv1beta1.GenericStore, kube client.Client, namespace string, assumeRoler STSProvider, jwtProvider jwtProviderFactory) (*session.Session, error)
New creates a new aws session based on the provided store it uses the following authentication mechanisms in order: * service-account token authentication via AssumeRoleWithWebIdentity * static credentials from a Kind=Secret, optionally with doing a AssumeRole. * sdk default provider chain, see: https://docs.aws.amazon.com/sdk-for-java/v1/developer-guide/credentials.html#credentials-default
func NewGeneratorSession ¶ added in v0.7.0
func NewGeneratorSession(ctx context.Context, auth esv1beta1.AWSAuth, role, region string, kube client.Client, namespace string, assumeRoler STSProvider, jwtProvider jwtProviderFactory) (*session.Session, error)
NewSession creates a new aws session based on the provided store it uses the following authentication mechanisms in order: * service-account token authentication via AssumeRoleWithWebIdentity * static credentials from a Kind=Secret, optionally with doing a AssumeRole. * sdk default provider chain, see: https://docs.aws.amazon.com/sdk-for-java/v1/developer-guide/credentials.html#credentials-default
func ResolveEndpoint ¶
func ResolveEndpoint() endpoints.ResolverFunc
ResolveEndpoint returns a ResolverFunc with customizable endpoints.
func ResolveEndpointWithServiceMap ¶
func ResolveEndpointWithServiceMap(customEndpoints map[string]string) endpoints.ResolverFunc
Source Files
Directories