Documentation
¶
Index ¶
- Constants
- Variables
- func AuthenticateStandaloneAWSAmbient(ctx context.Context, identityName string, identities map[string]types.Identity) (types.ICredentials, error)
- func AuthenticateStandaloneAWSUser(ctx context.Context, identityName string, identities map[string]types.Identity) (types.ICredentials, error)
- func GetSupportedTaskPolicies() []string
- func IsStandaloneAWSAmbientChain(chain []string, identities map[string]schema.Identity) bool
- func IsStandaloneAWSUserChain(chain []string, identities map[string]schema.Identity) bool
- func IsSupportedTaskPolicy(arn string) bool
- func NewAWSAmbientIdentity(name string, config *schema.Identity) (types.Identity, error)
- func NewAssumeRoleIdentity(name string, config *schema.Identity) (types.Identity, error)
- func NewAssumeRootIdentity(name string, config *schema.Identity) (types.Identity, error)
- func NewPermissionSetIdentity(name string, config *schema.Identity) (types.Identity, error)
- func NewSTSClientWithCredentials(ctx context.Context, awsBase *types.AWSCredentials, region string, ...) (*sts.Client, string, error)
- func NewUserIdentity(name string, config *schema.Identity) (types.Identity, error)
Constants ¶
const ( FieldAccessKeyID = "access_key_id" FieldSecretAccessKey = "secret_access_key" FieldMfaArn = "mfa_arn" FieldSessionDuration = "session_duration" )
AWS credential field names.
Variables ¶
var GenericPromptCredentialsFunc types.CredentialPromptFunc
GenericPromptCredentialsFunc is the generic credential prompting function. It uses CredentialPromptSpec to determine what fields to collect.
var PromptCredentialsFunc func(identityName string, mfaArn string) (*types.AWSCredentials, error)
PromptCredentialsFunc is the AWS-specific credential prompting function. It wraps the generic function for backward compatibility. When set, it's called when credentials are missing or invalid.
Functions ¶
func AuthenticateStandaloneAWSAmbient ¶ added in v1.213.0
func AuthenticateStandaloneAWSAmbient(ctx context.Context, identityName string, identities map[string]types.Identity) (types.ICredentials, error)
AuthenticateStandaloneAWSAmbient handles authentication for standalone AWS ambient identities.
func AuthenticateStandaloneAWSUser ¶
func AuthenticateStandaloneAWSUser(ctx context.Context, identityName string, identities map[string]types.Identity) (types.ICredentials, error)
AuthenticateStandaloneAWSUser handles authentication for standalone AWS user identities.
func GetSupportedTaskPolicies ¶ added in v1.203.0
func GetSupportedTaskPolicies() []string
GetSupportedTaskPolicies returns the list of supported AWS-managed root task policies.
func IsStandaloneAWSAmbientChain ¶ added in v1.213.0
IsStandaloneAWSAmbientChain checks if the authentication chain represents a standalone AWS ambient identity.
func IsStandaloneAWSUserChain ¶
IsStandaloneAWSUserChain checks if the authentication chain represents a standalone AWS user identity.
func IsSupportedTaskPolicy ¶ added in v1.203.0
IsSupportedTaskPolicy checks if a task policy ARN is in the list of known supported policies.
func NewAWSAmbientIdentity ¶ added in v1.213.0
NewAWSAmbientIdentity creates a new AWS ambient identity.
func NewAssumeRoleIdentity ¶
NewAssumeRoleIdentity creates a new AWS assume role identity.
func NewAssumeRootIdentity ¶ added in v1.203.0
NewAssumeRootIdentity creates a new AWS assume root identity.
func NewPermissionSetIdentity ¶
NewPermissionSetIdentity creates a new AWS permission set identity.
func NewSTSClientWithCredentials ¶ added in v1.203.0
func NewSTSClientWithCredentials( ctx context.Context, awsBase *types.AWSCredentials, region string, identityConfig *schema.Identity, ) (*sts.Client, string, error)
NewSTSClientWithCredentials creates an STS client using the provided credentials and region. This is a shared helper used by assume-role and assume-root identities.
Types ¶
This section is empty.
Source Files