awshelper

package

v0.77.21 Latest Latest Go to latest Published: Apr 21, 2025 License: MIT Imports: 18 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/gruntwork-io/terragrunt

Links

Documentation ¶

Overview ¶

Package awshelper provides helper functions for working with AWS services.

Index ¶

func AssumeIamRole(iamRoleOpts options.IAMRoleOptions) (*sts.Credentials, error)
func CreateAwsSession(config *AwsSessionConfig, opts *options.TerragruntOptions) (*session.Session, error)
func CreateAwsSessionFromConfig(config *AwsSessionConfig, opts *options.TerragruntOptions) (*session.Session, error)
func CreateS3Client(config *AwsSessionConfig, opts *options.TerragruntOptions) (*s3.S3, error)
func GetAWSAccountAlias(sess *session.Session) (string, error)
func GetAWSAccountID(sess *session.Session) (string, error)
func GetAWSCallerIdentity(sess *session.Session) (sts.GetCallerIdentityOutput, error)
func GetAWSIdentityArn(sess *session.Session) (string, error)
func GetAWSPartition(sess *session.Session) (string, error)
func GetAWSUserID(sess *session.Session) (string, error)
func MarshalPolicy(policy Policy) ([]byte, error)
func ValidateAwsSession(sess *session.Session) error
func ValidatePublicAccessBlock(output *s3.GetPublicAccessBlockOutput) (bool, error)
type AwsSessionConfig
type Policy
- func UnmarshalPolicy(policy string) (Policy, error)
type Statement

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func AssumeIamRole ¶

func AssumeIamRole(iamRoleOpts options.IAMRoleOptions) (*sts.Credentials, error)

AssumeIamRole makes API calls to AWS to assume the IAM role specified and return the temporary AWS credentials to use that role.

func CreateAwsSession ¶

func CreateAwsSession(config *AwsSessionConfig, opts *options.TerragruntOptions) (*session.Session, error)

CreateAwsSession returns an AWS session object. The session is configured by either:

The provided AwsSessionConfig struct, which specifies region (required), profile name (optional), and IAM role to assume (optional).
The provided TerragruntOptions struct, which specifies any IAM role to assume (optional).

Note that if the AwsSessionConfig object is null, this will return default session credentials using the default credentials chain of the AWS SDK.

func CreateAwsSessionFromConfig ¶

func CreateAwsSessionFromConfig(config *AwsSessionConfig, opts *options.TerragruntOptions) (*session.Session, error)

CreateAwsSessionFromConfig returns an AWS session object for the given config region (required), profile name (optional), and IAM role to assume (optional), ensuring that the credentials are available.

func CreateS3Client ¶ added in v0.77.0

func CreateS3Client(config *AwsSessionConfig, opts *options.TerragruntOptions) (*s3.S3, error)

func GetAWSAccountAlias ¶ added in v0.69.7

func GetAWSAccountAlias(sess *session.Session) (string, error)

GetAWSAccountAlias gets the AWS account Alias of the current session configuration, if there is no alias an empty string is return.

func GetAWSAccountID ¶

func GetAWSAccountID(sess *session.Session) (string, error)

GetAWSAccountID gets the AWS account ID of the current session configuration.

func GetAWSCallerIdentity ¶

func GetAWSCallerIdentity(sess *session.Session) (sts.GetCallerIdentityOutput, error)

GetAWSCallerIdentity returns the AWS caller identity associated with the current set of credentials

func GetAWSIdentityArn ¶

func GetAWSIdentityArn(sess *session.Session) (string, error)

GetAWSIdentityArn gets the ARN of the AWS identity associated with the current set of credentials.

func GetAWSPartition ¶

func GetAWSPartition(sess *session.Session) (string, error)

GetAWSPartition gets the AWS Partition of the current session configuration

func GetAWSUserID ¶

func GetAWSUserID(sess *session.Session) (string, error)

GetAWSUserID gets the AWS user ID of the current session configuration.

func MarshalPolicy ¶

func MarshalPolicy(policy Policy) ([]byte, error)

func ValidateAwsSession ¶

func ValidateAwsSession(sess *session.Session) error

ValidateAwsSession - Validate if current AWS session is valid

func ValidatePublicAccessBlock ¶ added in v0.77.0

func ValidatePublicAccessBlock(output *s3.GetPublicAccessBlockOutput) (bool, error)

Types ¶

type AwsSessionConfig ¶

type AwsSessionConfig struct {
	Tags                    map[string]string
	Region                  string
	CustomS3Endpoint        string
	CustomDynamoDBEndpoint  string
	Profile                 string
	RoleArn                 string
	CredsFilename           string
	ExternalID              string
	SessionName             string
	S3ForcePathStyle        bool
	DisableComputeChecksums bool
}

AwsSessionConfig is a representation of the configuration options for an AWS Session

type Policy ¶

type Policy struct {
	Version   string      `json:"Version"`
	Statement []Statement `json:"Statement"`
}

Policy - representation of the policy for AWS

func UnmarshalPolicy ¶

func UnmarshalPolicy(policy string) (Policy, error)

type Statement ¶

type Statement struct {
	Principal    any             `json:"Principal,omitempty"`
	NotPrincipal any             `json:"NotPrincipal,omitempty"`
	Action       any             `json:"Action"`
	Resource     any             `json:"Resource"`
	Condition    *map[string]any `json:"Condition,omitempty"`
	Sid          string          `json:"Sid"`
	Effect       string          `json:"Effect"`
}

Statement - AWS policy statement Action and Resource - can be string OR array of strings https://docs.aws.amazon.com/IAM//latest/UserGuide/reference_policies_elements_action.html https://docs.aws.amazon.com/IAM//latest/UserGuide/reference_policies_elements_resource.html

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL