Affected by 
Documentation
¶
Index ¶
Constants ¶
const DefaultRegion = "us-east-1"
"us-east-1 is used because it's where AWS first provides support for new features, is a widely used region, and is the most common one for some services like STS.
Variables ¶
This section is empty.
Functions ¶
func AppendLogicalError ¶ added in v0.11.2
AppendLogicalError checks if the given error is a known AWS error we modify, and if so then returns a go-multierror, appending the original and the logical error. If the error is not an AWS error, or not an error we wish to modify, then return the original error.
func CheckAWSError ¶ added in v0.11.2
CheckAWSError will examine an error and convert to a logical error if appropriate. If no appropriate error is found, return nil
func GetOrDefaultRegion ¶ added in v1.2.0
It's impossible to mimic "normal" AWS behavior here because it's not consistent or well-defined. For example, boto3, the Python SDK (which the aws cli uses), loads `~/.aws/config` by default and only reads the `AWS_DEFAULT_REGION` environment variable (and not `AWS_REGION`, while the golang SDK does _mostly_ the opposite -- it reads the region **only** from `AWS_REGION` and not at all `~/.aws/config`, **unless** the `AWS_SDK_LOAD_CONFIG` environment variable is set. So, we must define our own approach to walking AWS config and deciding what to use.
Our chosen approach is:
"More specific takes precedence over less specific."
1. User-provided configuration is the most explicit. 2. Environment variables are potentially shared across many invocations and so they have less precedence. 3. Configuration in `~/.aws/config` is shared across all invocations of a given user and so this has even less precedence. 4. Configuration retrieved from the EC2 instance metadata service is shared by all invocations on a given machine, and so it has the lowest precedence.
This approach should be used in future updates to this logic.
Types ¶
type CredentialsConfig ¶
type CredentialsConfig struct {
// The access key if static credentials are being used
AccessKey string
// The secret key if static credentials are being used
SecretKey string
// The session token if it is being used
SessionToken string
// If specified, the region will be provided to the config of the
// EC2RoleProvider's client. This may be useful if you want to e.g. reuse
// the client elsewhere.
Region string
// The filename for the shared credentials provider, if being used
Filename string
// The profile for the shared credentials provider, if being used
Profile string
// The http.Client to use, or nil for the client to use its default
HTTPClient *http.Client
}
func (*CredentialsConfig) GenerateCredentialChain ¶
func (c *CredentialsConfig) GenerateCredentialChain() (*credentials.Credentials, error)
Source Files