ec2rolecreds

package
v1.11.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Dec 6, 2022 License: Apache-2.0 Imports: 10 Imported by: 0

Documentation

Index

Constants

View Source
const ProviderName = "EC2RoleProvider"

ProviderName provides a name of EC2Role provider

Variables

This section is empty.

Functions

func NewCredentials

func NewCredentials(c client.ConfigProvider, options ...func(*EC2RoleProvider)) *credentials.Credentials

NewCredentials returns a pointer to a new Credentials object wrapping the EC2RoleProvider. Takes a ConfigProvider to create a EC2Metadata client. The ConfigProvider is satisfied by the session.Session type.

func NewCredentialsWithClient

func NewCredentialsWithClient(client *ec2metadata.EC2Metadata, options ...func(*EC2RoleProvider)) *credentials.Credentials

NewCredentialsWithClient returns a pointer to a new Credentials object wrapping the EC2RoleProvider. Takes a EC2Metadata client to use when connecting to EC2 metadata service.

Types

type EC2RoleProvider

type EC2RoleProvider struct {
	credentials.Expiry

	// Required EC2Metadata client to use when connecting to EC2 metadata service.
	Client *ec2metadata.EC2Metadata

	// ExpiryWindow will allow the credentials to trigger refreshing prior to
	// the credentials actually expiring. This is beneficial so race conditions
	// with expiring credentials do not cause request to fail unexpectedly
	// due to ExpiredTokenException exceptions.
	//
	// So a ExpiryWindow of 10s would cause calls to IsExpired() to return true
	// 10 seconds before the credentials are actually expired.
	//
	// If ExpiryWindow is 0 or less it will be ignored.
	ExpiryWindow time.Duration
}

A EC2RoleProvider retrieves credentials from the EC2 service, and keeps track if those credentials are expired.

Example how to configure the EC2RoleProvider with custom http Client, Endpoint or ExpiryWindow

p := &ec2rolecreds.EC2RoleProvider{
    // Pass in a custom timeout to be used when requesting
    // IAM EC2 Role credentials.
    Client: ec2metadata.New(sess, aws.Config{
        HTTPClient: &http.Client{Timeout: 10 * time.Second},
    }),

    // Do not use early expiry of credentials. If a non zero value is
    // specified the credentials will be expired early
    ExpiryWindow: 0,
}

func (*EC2RoleProvider) Retrieve

func (m *EC2RoleProvider) Retrieve() (credentials.Value, error)

Retrieve retrieves credentials from the EC2 service. Error will be returned if the request fails, or unable to extract the desired credentials.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL