auth

package
v0.9.15-2 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Apr 11, 2024 License: Apache-2.0 Imports: 27 Imported by: 0

Documentation

Index

Constants

View Source
const (
	SecretsManagerEndpointEnv = "AWS_SECRETSMANAGER_ENDPOINT"
	STSEndpointEnv            = "AWS_STS_ENDPOINT"
	SSMEndpointEnv            = "AWS_SSM_ENDPOINT"
)

Variables

This section is empty.

Functions

func DefaultJWTProvider

func DefaultJWTProvider(name, namespace, roleArn string, aud []string, region string) (credentials.Provider, error)

DefaultJWTProvider returns a credentials.Provider that calls the AssumeRoleWithWebidentity controller-runtime/client does not support TokenRequest or other subresource APIs so we need to construct our own client and use it to fetch tokens.

func DefaultSTSProvider

func DefaultSTSProvider(sess *session.Session) stsiface.STSAPI

func New

func New(ctx context.Context, store esv1beta1.GenericStore, kube client.Client, namespace string, assumeRoler STSProvider, jwtProvider jwtProviderFactory) (*session.Session, error)

New creates a new aws session based on the provided store it uses the following authentication mechanisms in order: * service-account token authentication via AssumeRoleWithWebIdentity * static credentials from a Kind=Secret, optionally with doing a AssumeRole. * sdk default provider chain, see: https://docs.aws.amazon.com/sdk-for-java/v1/developer-guide/credentials.html#credentials-default

func NewGeneratorSession added in v0.7.0

func NewGeneratorSession(ctx context.Context, auth esv1beta1.AWSAuth, role, region string, kube client.Client, namespace string, assumeRoler STSProvider, jwtProvider jwtProviderFactory) (*session.Session, error)

NewSession creates a new aws session based on the provided store it uses the following authentication mechanisms in order: * service-account token authentication via AssumeRoleWithWebIdentity * static credentials from a Kind=Secret, optionally with doing a AssumeRole. * sdk default provider chain, see: https://docs.aws.amazon.com/sdk-for-java/v1/developer-guide/credentials.html#credentials-default

func ResolveEndpoint

func ResolveEndpoint() endpoints.ResolverFunc

ResolveEndpoint returns a ResolverFunc with customizable endpoints.

func ResolveEndpointWithServiceMap

func ResolveEndpointWithServiceMap(customEndpoints map[string]string) endpoints.ResolverFunc

Types

type Config

type Config struct {
	AssumeRole string
	Region     string
	APIRetries int
}

Config contains configuration to create a new AWS provider.

type STSProvider

type STSProvider func(*session.Session) stsiface.STSAPI

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL