credentials

package
v0.0.0-...-58cc386 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 11, 2017 License: MIT Imports: 6 Imported by: 2

Documentation

Overview

Package credentials provides credential retrieval and management.

Almost all of the code in this directory has been adapted from the AWS SDK for Go. https://github.com/aws/aws-sdk-go.

A key simplification is that Mechanical Turk does not support temporary credentials (session tokens), and so credentials do not need to support expiry.

Index

Constants

View Source 
const EnvProviderName = "EnvProvider"

EnvProviderName provides a name of Env provider

View Source 
const SharedCredsProviderName = "SharedCredentialsProvider"

SharedCredsProviderName provides a name of SharedCreds provider

View Source 
const StaticProviderName = "StaticProvider"

StaticProviderName provides a name of Static provider

Variables

View Source 
var Default = NewChainCredentials(&EnvProvider{}, &SharedCredentialsProvider{})

Default credentials for use when credentials are not explicitly specified.

View Source 
var Logger *log.Logger

Logger can be set to help diagnose problems acquiring credentials

Functions

This section is empty.

Types

type ChainProvider 

type ChainProvider struct {
	Providers []Provider
}

A ChainProvider will search for a provider which returns credentials and cache that provider until Retrieve is called again.

The ChainProvider provides a way of chaining multiple providers together which will pick the first available using priority order of the Providers in the list.

If none of the Providers retrieve valid credentials Value, ChainProvider's Retrieve() will return an error.

If a Provider is found which returns valid credentials Value ChainProvider will cache that Provider until Retrieve is called again.

func (*ChainProvider) Retrieve 

func (c *ChainProvider) Retrieve() (Value, error)

Retrieve returns the credentials value or error if no provider returned without error.

type Credentials 

type Credentials struct {
	// contains filtered or unexported fields
}

A Credentials provides synchronous safe retrieval of AWS credentials Value.

This model for credentials is based on the AWS SDK for Go. Note, however, that AWS Mechanical Turk does not support temporary credentials, so this implementation is significantly simpler.

func NewChainCredentials 

func NewChainCredentials(providers ...Provider) *Credentials

NewChainCredentials returns a pointer to a new Credentials object wrapping a chain of providers.

func NewCredentials 

func NewCredentials(provider Provider) *Credentials

NewCredentials returns a pointer to a new Credentials with the provider set.

func NewEnvCredentials 

func NewEnvCredentials() *Credentials

NewEnvCredentials returns a pointer to a new Credentials object wrapping the environment variable provider.

func NewSharedCredentials 

func NewSharedCredentials(filename, profile string) *Credentials

NewSharedCredentials returns a pointer to a new Credentials object wrapping the Profile file provider.

func NewStaticCredentials 

func NewStaticCredentials(id, secret string) *Credentials

NewStaticCredentials returns a pointer to a new Credentials object wrapping a static credentials value provider.

func (*Credentials) Get 

func (c *Credentials) Get() (Value, error)

Get returns the credentials value, or error if the credentials Value failed to be retrieved.

type EnvProvider 

type EnvProvider struct{}

A EnvProvider retrieves credentials from the environment variables of the running process. Environment credentials never expire.

Environment variables used:

* Access Key ID: AWS_ACCESS_KEY_ID or AWS_ACCESS_KEY * Secret Access Key: AWS_SECRET_ACCESS_KEY or AWS_SECRET_KEY

func (*EnvProvider) Retrieve 

func (e *EnvProvider) Retrieve() (Value, error)

Retrieve retrieves the keys from the environment.

type Provider 

type Provider interface {
	// Retrieve returns the credentials value, or an error if the
	// credentials cannot be obtained.
	Retrieve() (Value, error)
}

A Provider is the interface for any component which will provide credentials.

type SharedCredentialsProvider 

type SharedCredentialsProvider struct {
	// Path to the shared credentials file.
	//
	// If empty will look for "AWS_SHARED_CREDENTIALS_FILE" env variable. If the
	// env value is empty will default to current user's home directory.
	// Linux/OSX: "$HOME/.aws/credentials"
	// Windows:   "%USERPROFILE%\.aws\credentials"
	Filename string

	// AWS Profile to extract credentials from the shared credentials file. If empty
	// will default to environment variable "AWS_PROFILE" or "default" if
	// environment variable is also not set.
	Profile string
	// contains filtered or unexported fields
}

A SharedCredentialsProvider retrieves credentials from the current user's home directory.

Profile ini file example: $HOME/.aws/credentials

func (*SharedCredentialsProvider) Retrieve 

func (p *SharedCredentialsProvider) Retrieve() (Value, error)

Retrieve reads and extracts the shared credentials from the current users home directory.

type StaticProvider 

type StaticProvider struct {
	Value
}

A StaticProvider is a set of credentials which are set programmatically, and will never expire.

func (*StaticProvider) Retrieve 

func (s *StaticProvider) Retrieve() (Value, error)

Retrieve returns the credentials or error if the credentials are invalid.

type Value 

type Value struct {
	// AWS Access Key ID
	AccessKeyID string

	// AWS Secret Access Key
	SecretAccessKey string

	// Name of the provider that provided these credentials.
	ProviderName string
}

Value contains the individual AWS credentials fields. Note that AWS Mechanical Turk does not support temporary credentials, which means that there is no session token.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.