Documentation
¶
Index ¶
- Constants
- func NewCredentialsProvider(ctx context.Context, opts ...auth.Option) aws.CredentialsProvider
- func ParseRegistry(registry string) (accountId, awsEcrRegion string, ok bool)
- func ValidateSTSEndpoint(endpoint string) error
- type Implementation
- type Provider
- func (Provider) GetArtifactCacheKey(artifactRepository string) string
- func (Provider) GetAudience(ctx context.Context) (string, error)
- func (Provider) GetIdentity(serviceAccount corev1.ServiceAccount) (string, error)
- func (Provider) GetName() string
- func (p Provider) NewArtifactRegistryToken(ctx context.Context, artifactRepository string, accessToken auth.Token, ...) (auth.Token, error)
- func (p Provider) NewDefaultToken(ctx context.Context, opts ...auth.Option) (auth.Token, error)
- func (p Provider) NewTokenForServiceAccount(ctx context.Context, oidcToken string, serviceAccount corev1.ServiceAccount, ...) (auth.Token, error)
- type Token
Constants ¶
const ProviderName = "aws"
ProviderName is the name of the AWS authentication provider.
Variables ¶
This section is empty.
Functions ¶
func NewCredentialsProvider ¶
NewCredentialsProvider creates a new credentials provider for the given options.
func ParseRegistry ¶
ParseRegistry returns the AWS account ID and region and `true` if the image registry/repository is hosted in AWS's Elastic Container Registry, otherwise empty strings and `false`.
func ValidateSTSEndpoint ¶
ValidateSTSEndpoint checks if the provided STS endpoint is valid.
Global and regional endpoints:
https://docs.aws.amazon.com/general/latest/gr/sts.html
VPC endpoint examples:
https://vpce-002b7cc8966426bc6-njisq19r.sts.us-east-1.vpce.amazonaws.com https://vpce-002b7cc8966426bc6-njisq19r-us-east-1a.sts.us-east-1.vpce.amazonaws.com
Types ¶
type Implementation ¶
type Implementation interface {
LoadDefaultConfig(ctx context.Context, optFns ...func(*config.LoadOptions) error) (aws.Config, error)
AssumeRoleWithWebIdentity(ctx context.Context, params *sts.AssumeRoleWithWebIdentityInput, options sts.Options) (*sts.AssumeRoleWithWebIdentityOutput, error)
GetAuthorizationToken(ctx context.Context, cfg aws.Config) (*ecr.GetAuthorizationTokenOutput, error)
}
Implementation provides the required methods of the AWS libraries.
type Provider ¶
type Provider struct{ Implementation }
Provider implements the auth.Provider interface for AWS authentication.
func (Provider) GetArtifactCacheKey ¶
GetArtifactCacheKey implements auth.Provider.
func (Provider) GetAudience ¶
GetAudience implements auth.Provider.
func (Provider) GetIdentity ¶
func (Provider) GetIdentity(serviceAccount corev1.ServiceAccount) (string, error)
GetIdentity implements auth.Provider.
func (Provider) NewArtifactRegistryToken ¶
func (p Provider) NewArtifactRegistryToken(ctx context.Context, artifactRepository string, accessToken auth.Token, opts ...auth.Option) (auth.Token, error)
NewArtifactRegistryToken implements auth.Provider.
func (Provider) NewDefaultToken ¶
NewDefaultToken implements auth.Provider.
type Token ¶
type Token struct{ types.Credentials }
Token is the AWS token.
func (*Token) CredentialsProvider ¶
func (t *Token) CredentialsProvider() aws.CredentialsProvider
CredentialsProvider gets a credentials provider for the token to use with AWS libraries.
func (*Token) GetDuration ¶
GetDuration implements auth.Token.
Source Files