sigv4authextension

package module
v0.118.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 21, 2025 License: Apache-2.0 Imports: 20 Imported by: 11

README

Authenticator - Sigv4

Status
Stability beta
Distributions contrib
Issues Open issues Closed issues
Code Owners @Aneurysm9, @erichsueh3

This extension provides Sigv4 authentication for making requests to AWS services. For more information on the Sigv4 process, please look here.

Configuration

The configuration fields are as follows:

  • assume_role: Optional. Specifies the configuration needed to assume a role
    • arn: The Amazon Resource Name (ARN) of a role to assume
    • session_name: Optional. The name of a role session
    • sts_region: The AWS region where STS is used to assumed the configured role
      • Note that if a role is intended to be assumed, and sts_region is not provided, then sts_region will default to the value for region if region is provided
  • region: Optional. The AWS region for the service you are exporting to for AWS Sigv4. This is differentiated from sts_region to handle cross region authentication
    • Note that an attempt will be made to obtain a valid region from the endpoint of the service you are exporting to
    • List of AWS regions
  • service: Optional. The AWS service for AWS Sigv4
    • Note for supported services an attempt will be made to obtain a valid service from the endpoint of the service you are exporting to. Supported services include - workspaces, es, logs and traces.
extensions:
  sigv4auth:
    assume_role:
      arn: "arn:aws:iam::123456789012:role/aws-service-role/access"
      sts_region: "us-east-1"

receivers:
  hostmetrics:
    scrapers:
      memory:

exporters:
  prometheusremotewrite:
    endpoint: "https://aps-workspaces.us-west-2.amazonaws.com/workspaces/ws-XXX/api/v1/remote_write"
    auth:
      authenticator: sigv4auth

service:
  extensions: [sigv4auth]
  pipelines:
    metrics:
      receivers: [hostmetrics]
      processors: []
      exporters: [prometheusremotewrite]

Notes

  • The collector must have valid AWS credentials as used by the AWS SDK for Go

Documentation

Overview

Package sigv4authextension implements the `auth.Client` interface. This extension provides the Sigv4 process of adding authentication information to AWS API requests sent by HTTP. As such, the extension can be used for HTTP based exporters that export to AWS services.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func NewFactory 

func NewFactory() extension.Factory

NewFactory creates a factory for the Sigv4 Authenticator extension.

Types

type AssumeRole 

type AssumeRole struct {
	ARN         string `mapstructure:"arn,omitempty"`
	SessionName string `mapstructure:"session_name,omitempty"`
	STSRegion   string `mapstructure:"sts_region,omitempty"`
}

AssumeRole holds the configuration needed to assume a role

type Config 

type Config struct {
	Region     string     `mapstructure:"region,omitempty"`
	Service    string     `mapstructure:"service,omitempty"`
	AssumeRole AssumeRole `mapstructure:"assume_role"`
	// contains filtered or unexported fields
}

Config stores the configuration for the Sigv4 Authenticator

func (*Config) Validate 

func (cfg *Config) Validate() error

Validate checks that the configuration is valid. We aim to catch most errors here to ensure that we fail early and to avoid revalidating static data.

Source Files

View all Source files

Directories

Path Synopsis
internal
metadata

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.