aws

package

v1.205.0 Latest Latest Go to latest Published: Jan 26, 2026 License: Apache-2.0 Imports: 26 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/cloudposse/atmos

Links

Documentation ¶

Index ¶

Constants
Variables
func AuthenticateStandaloneAWSUser(ctx context.Context, identityName string, identities map[string]types.Identity) (types.ICredentials, error)
func GetSupportedTaskPolicies() []string
func IsStandaloneAWSUserChain(chain []string, identities map[string]schema.Identity) bool
func IsSupportedTaskPolicy(arn string) bool
func NewAssumeRoleIdentity(name string, config *schema.Identity) (types.Identity, error)
func NewAssumeRootIdentity(name string, config *schema.Identity) (types.Identity, error)
func NewPermissionSetIdentity(name string, config *schema.Identity) (types.Identity, error)
func NewSTSClientWithCredentials(ctx context.Context, awsBase *types.AWSCredentials, region string, ...) (*sts.Client, string, error)
func NewUserIdentity(name string, config *schema.Identity) (types.Identity, error)

Constants ¶

View Source

const (
	FieldAccessKeyID     = "access_key_id"
	FieldSecretAccessKey = "secret_access_key"
	FieldMfaArn          = "mfa_arn"
	FieldSessionDuration = "session_duration"
)

AWS credential field names.

Variables ¶

View Source

var GenericPromptCredentialsFunc types.CredentialPromptFunc

GenericPromptCredentialsFunc is the generic credential prompting function. It uses CredentialPromptSpec to determine what fields to collect.

View Source

var PromptCredentialsFunc func(identityName string, mfaArn string) (*types.AWSCredentials, error)

PromptCredentialsFunc is the AWS-specific credential prompting function. It wraps the generic function for backward compatibility. When set, it's called when credentials are missing or invalid.

Functions ¶

func AuthenticateStandaloneAWSUser ¶

func AuthenticateStandaloneAWSUser(ctx context.Context, identityName string, identities map[string]types.Identity) (types.ICredentials, error)

AuthenticateStandaloneAWSUser handles authentication for standalone AWS user identities.

func GetSupportedTaskPolicies ¶ added in v1.203.0

func GetSupportedTaskPolicies() []string

GetSupportedTaskPolicies returns the list of supported AWS-managed root task policies.

func IsStandaloneAWSUserChain ¶

func IsStandaloneAWSUserChain(chain []string, identities map[string]schema.Identity) bool

IsStandaloneAWSUserChain checks if the authentication chain represents a standalone AWS user identity.

func IsSupportedTaskPolicy ¶ added in v1.203.0

func IsSupportedTaskPolicy(arn string) bool

IsSupportedTaskPolicy checks if a task policy ARN is in the list of known supported policies.

func NewAssumeRoleIdentity ¶

func NewAssumeRoleIdentity(name string, config *schema.Identity) (types.Identity, error)

NewAssumeRoleIdentity creates a new AWS assume role identity.

func NewAssumeRootIdentity ¶ added in v1.203.0

func NewAssumeRootIdentity(name string, config *schema.Identity) (types.Identity, error)

NewAssumeRootIdentity creates a new AWS assume root identity.

func NewPermissionSetIdentity ¶

func NewPermissionSetIdentity(name string, config *schema.Identity) (types.Identity, error)

NewPermissionSetIdentity creates a new AWS permission set identity.

func NewSTSClientWithCredentials ¶ added in v1.203.0

func NewSTSClientWithCredentials(
	ctx context.Context,
	awsBase *types.AWSCredentials,
	region string,
	identityConfig *schema.Identity,
) (*sts.Client, string, error)

NewSTSClientWithCredentials creates an STS client using the provided credentials and region. This is a shared helper used by assume-role and assume-root identities.

func NewUserIdentity ¶

func NewUserIdentity(name string, config *schema.Identity) (types.Identity, error)

NewUserIdentity creates a new AWS user identity.

Types ¶

This section is empty.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL