awscfg

package
v0.7.0-1a Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 11, 2026 License: MIT Imports: 18 Imported by: 0

Documentation

Overview

Package awscfg holds the AWS connection settings shared by every component that reaches AWS. The Configuration struct is the operator-facing `aws:` object: the s3 state backend nests it beside its own fields, and other AWS-backed components compose the same struct so the option names and credential behavior stay identical everywhere. Load turns a Configuration into an aws.Config through the SDK's default credential chain.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func Load 

func Load(ctx context.Context, c *Configuration) (aws.Config, error)

Load builds an aws.Config from c through the SDK's default credential chain. A nil c uses the chain with no overrides. When an object-store endpoint override is set, request and response checksums relax to when-required, since stores outside AWS commonly reject the data-integrity headers.

Types

type AssumeRole 

type AssumeRole struct {
	RoleArn           cfg.String
	RoleSessionName   *cfg.String
	ExternalId        *cfg.String
	DurationSeconds   *cfg.Integer
	Policy            *cfg.String
	PolicyArns        *cfg.List[cfg.String]
	SourceIdentity    *cfg.String
	Tags              *cfg.Map[cfg.String]
	TransitiveTagKeys *cfg.List[cfg.String]
}

AssumeRole assumes an IAM role using the chain's credentials as the source identity.

type AssumeRoleWithWebIdentity 

type AssumeRoleWithWebIdentity struct {
	RoleArn              cfg.String
	WebIdentityTokenFile cfg.String
	RoleSessionName      *cfg.String
	DurationSeconds      *cfg.Integer
	Policy               *cfg.String
	PolicyArns           *cfg.List[cfg.String]
}

AssumeRoleWithWebIdentity assumes an IAM role with an OIDC token read from a file. The token is always file-sourced; a literal token in static configuration would be expired by definition.

type Configuration 

type Configuration struct {
	Region                    *cfg.String
	Profile                   *cfg.String
	EndpointURL               *cfg.String
	Endpoints                 *Endpoints
	MaxAttempts               *cfg.Integer
	RetryMode                 *cfg.String
	SharedConfigFiles         *cfg.List[cfg.String]
	SharedCredentialsFiles    *cfg.List[cfg.String]
	CustomCABundle            *cfg.String
	HTTPProxy                 *cfg.String
	HTTPSProxy                *cfg.String
	NoProxy                   *cfg.String
	AssumeRole                *AssumeRole
	AssumeRoleWithWebIdentity *AssumeRoleWithWebIdentity
}

Configuration selects how a component reaches AWS. Every field is optional; an empty or nil Configuration means the SDK's default chain alone: env credentials, shared config and credentials files, SSO, web identity, container credentials, then IMDS. Static credential fields are deliberately absent; credentials enter through the chain, a profile, or role assumption.

func (*Configuration) S3Endpoint 

func (c *Configuration) S3Endpoint() string

S3Endpoint returns the endpoint override an S3 client should use: endpoints.s3 when set, else endpoint-url, else empty.

func (*Configuration) STSEndpoint 

func (c *Configuration) STSEndpoint() string

STSEndpoint returns the endpoint override an STS client should use: endpoints.sts when set, else endpoint-url, else empty.

type Endpoints 

type Endpoints struct {
	S3  *cfg.String
	STS *cfg.String
}

Endpoints overrides the endpoint of one service at a time, for S3-compatible object stores and private STS endpoints. A service without an entry falls back to endpoint-url, then to the SDK's own resolution, including the AWS_ENDPOINT_URL_* env vars.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.