Documentation ¶
Index ¶
Constants ¶
const ( ProxyProviderName = "ProxyCredentialsProvider" StaticProviderName = "StaticCredentialsProvider" )
Source names of credentials providers.
Variables ¶
var ErrUnable = errors.New("creds: unable to satisfy minimum expiration time")
ErrUnable is returned by Provider if the credentials do not satisfy the requested validity duration after successful renewal.
Functions ¶
func FromSTS ¶
func FromSTS(src *sts.Credentials) aws.Credentials
FromSTS converts STS credentials to client credentials.
func Set ¶
func Set(c *aws.Client, cp aws.CredentialsProvider)
Set is a convenience function to set client credentials. SDK v2 is a bit confused about which field to use for this purpose.
func ValidFor ¶
func ValidFor(cr *aws.Credentials, d time.Duration) bool
ValidFor returns true if credentials cr will remain valid for duration d.
func ValidUntil ¶
func ValidUntil(cr *aws.Credentials, t time.Time) bool
ValidUntil returns true if credentials cr will remain valid until time t.
Types ¶
type Client ¶
Client extends STS API client.
type Ident ¶
Ident contains the results of sts:GetCallerIdentity API call.
func (*Ident) Set ¶
func (id *Ident) Set(out *sts.GetCallerIdentityOutput)
Set updates identity information from call output.
type Provider ¶
type Provider struct {
// contains filtered or unexported fields
}
Provider is a replacement for aws.SafeCredentialsProvider. It allows clients to ensure credential validity for a period of time in the future. It also caches errors to avoid unnecessary network traffic. Provider values must not be copied.
func RenewableProvider ¶
RenewableProvider returns an aws.CredentialsProvider that automatically renews its credentials as they expire.
func StaticProvider ¶
func StaticProvider(cr aws.Credentials, err error) *Provider
StaticProvider returns an aws.CredentialsProvider that provides static credentials or an error.
func WrapProvider ¶
func WrapProvider(cp aws.CredentialsProvider) *Provider
WrapProvider converts an existing aws.CredentialsProvider to a Provider instance. If cp is a SafeCredentialsProvider, it must not be used by other goroutines during this call, and its RetrieveFn will no longer be protected by a single mutex if the old and new providers are used concurrently.
func (*Provider) Creds ¶
func (p *Provider) Creds() (aws.Credentials, error)
Creds returns currently cached credentials and error without renewal.
func (*Provider) Ensure ¶
Ensure ensures that credentials will remain valid for the specified duration, renewing them if necessary. A negative duration forces unconditional renewal. ErrUnable is returned if the validity period cannot be satisfied.
type Proxy ¶
Proxy provides IAM role credentials via sts:AssumeRole API.
func (*Proxy) AssumeRole ¶
AssumeRole returns a new Provider for the specified role. Default session duration is used if d is zero.
type RenewFunc ¶
type RenewFunc func() (aws.Credentials, error)
RenewFunc renews client credentials. CanExpire and Expires fields control error caching if an error is returned. If CanExpire is false, Provider automatically caches the error for a limited amount of time.