Documentation ¶
Index ¶
Constants ¶
const ProviderName = "EC2RoleProvider"
ProviderName provides a name of EC2Role provider
Variables ¶
This section is empty.
Functions ¶
func NewCredentials ¶
func NewCredentials(c client.ConfigProvider, options ...func(*EC2RoleProvider)) *credentials.Credentials
NewCredentials returns a pointer to a new Credentials object wrapping the EC2RoleProvider. Takes a ConfigProvider to create a EC2Metadata client. The ConfigProvider is satisfied by the session.Session type.
func NewCredentialsWithClient ¶
func NewCredentialsWithClient(client *ec2metadata.EC2Metadata, options ...func(*EC2RoleProvider)) *credentials.Credentials
NewCredentialsWithClient returns a pointer to a new Credentials object wrapping the EC2RoleProvider. Takes a EC2Metadata client to use when connecting to EC2 metadata service.
Types ¶
type EC2RoleProvider ¶
type EC2RoleProvider struct { credentials.Expiry // Required EC2Metadata client to use when connecting to EC2 metadata service. Client *ec2metadata.EC2Metadata // ExpiryWindow will allow the credentials to trigger refreshing prior to // the credentials actually expiring. This is beneficial so race conditions // with expiring credentials do not cause request to fail unexpectedly // due to ExpiredTokenException exceptions. // // So a ExpiryWindow of 10s would cause calls to IsExpired() to return true // 10 seconds before the credentials are actually expired. // // If ExpiryWindow is 0 or less it will be ignored. ExpiryWindow time.Duration }
A EC2RoleProvider retrieves credentials from the EC2 service, and keeps track if those credentials are expired.
Example how to configure the EC2RoleProvider with custom http Client, Endpoint or ExpiryWindow
p := &ec2rolecreds.EC2RoleProvider{ // Pass in a custom timeout to be used when requesting // IAM EC2 Role credentials. Client: ec2metadata.New(sess, aws.Config{ HTTPClient: &http.Client{Timeout: 10 * time.Second}, }), // Do not use early expiry of credentials. If a non zero value is // specified the credentials will be expired early ExpiryWindow: 0, }
func (*EC2RoleProvider) Retrieve ¶
func (m *EC2RoleProvider) Retrieve() (credentials.Value, error)
Retrieve retrieves credentials from the EC2 service. Error will be returned if the request fails, or unable to extract the desired credentials.