Documentation ¶
Overview ¶
Package aws contains helpers for working with AWS in CLIs
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func AuthorizeCredentials ¶ added in v1.77.0
func AuthorizeCredentials(ctx context.Context, copts *CredentialOptions, acopts *AuthorizeCredentialsOptions) error
AuthorizeCredentials generates AWS credentials and either writes them to the AWS credentials file, or outputs credential provider JSON to STDOUT.
func EnsureValidCredentials ¶
func EnsureValidCredentials(ctx context.Context, copts *CredentialOptions) error
EnsureValidCredentials ensures that the current AWS credentials are valid and if they can expire it is attempted to rotate them when they are expired via the CLI tool specified in the box configuration.
Types ¶
type AuthorizeCredentialsOptions ¶ added in v1.77.0
type AuthorizeCredentialsOptions struct { // If DryRun is true, do not run the command, just print out what // the command would be. DryRun bool // If Force is true, always overwrite the existing AWS credentials. Force bool // If MFA is not empty and the Output type is credential provider, // set the MFA type when the selected authorization tool supports it. MFA string // If Output is not empty, print the specified format to STDOUT // instead of writing to the AWS credentials file. Output CredentialsOutput // Debug is whether to enable debug logging. Debug bool // DebugAPICalls is whether to specifically enable debug logging // for API calls. This is not dependent on the Debug flag. DebugAPICalls bool }
AuthorizeCredentialsOptions are optional arguments for the AuthorizeCredentials function.
type CredentialOptions ¶
type CredentialOptions struct { // Log is a logger to be used for informational logging. // if not supplied no output aside from prompting will be displayed Log logrus.FieldLogger // Role to assume for the user Role string // Profile to use Profile string // FileName is the name of the file to use for storing // AWS credentials. Defaults to `~/.aws/credentials`. FileName string }
CredentialOptions configures what credentials are provided
func DefaultCredentialOptions ¶
func DefaultCredentialOptions() *CredentialOptions
DefaultCredentialOptions uses the default role and profile for accessing AWS.
func DefaultCredentialOptionsWithLog ¶ added in v1.88.1
func DefaultCredentialOptionsWithLog(log logrus.FieldLogger) *CredentialOptions
DefaultCredentialOptionsWithLog uses the default role and profile for accessing AWS.
type CredentialsOutput ¶ added in v1.77.0
type CredentialsOutput string
const ( // OutputCredentialProviderV1 is the value used to specify that the // CLI used needs to output credential provider compliant JSON, in // the forked version of okta-aws-cli v1. // nolint: gosec // Why: These aren't credentials. OutputCredentialProviderV1 CredentialsOutput = "credential-provider" // OutputCredentialProvider is the value used to specify that the // CLI used needs to output credential provider compliant JSON, in // okta-aws-cli v2 and later. // nolint: gosec // Why: These aren't credentials. OutputCredentialProvider CredentialsOutput = "process-credentials" )
Possible CredentialsOutput values.