aws

package

v0.0.0-...-fb5a1ab Latest Latest Go to latest Published: Nov 20, 2025 License: Apache-2.0 Imports: 18 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/openshift/cluster-logging-operator

Links

Open Source Insights

Documentation ¶

Index ¶

Variables
func AssumeRoleHasExternalId(assumeRole *obs.AwsAssumeRole) (bool, string)
func GenerateCredString(reader client.Reader, clfName string, outputs []obs.OutputSpec, ...) (string, error)
func OutputIsAssumeRole(o obs.OutputSpec) (bool, *obs.AwsAssumeRole)
func OutputIsAwsRoleAuth(o obs.OutputSpec) (bool, *obs.AwsAuthentication)
func ParseAssumeRoleArn(assumeRoleSpec *obs.AwsAssumeRole, secrets observability.Secrets) string
func ParseRoleArn(authSpec *obs.AwsAuthentication, secrets observability.Secrets) string
func ReconcileCredsFile(k8sClient client.Client, reader client.Reader, namespace, name, clfName string, ...) (*corev1.ConfigMap, error)
func RequiresProfilesConfigMap(outputs []obs.OutputSpec) bool
type ProfileCredentials
- func GenerateAwsProfileCreds(reader client.Reader, clfName string, outputs []obs.OutputSpec, ...) (profileCredentials []ProfileCredentials)

Constants ¶

This section is empty.

Variables ¶

View Source

var (
	ProfileTemplate = template.Must(template.New("aws creds").Parse(profileCreds))
)

Functions ¶

func AssumeRoleHasExternalId ¶

func AssumeRoleHasExternalId(assumeRole *obs.AwsAssumeRole) (bool, string)

AssumeRoleHasExternalId identifies if externalID exists and returns the string

func GenerateCredString ¶

func GenerateCredString(reader client.Reader, clfName string, outputs []obs.OutputSpec, secrets observability.Secrets) (string, error)

GenerateCredString generates IAM profile credentials as a formatted string

func OutputIsAssumeRole ¶

func OutputIsAssumeRole(o obs.OutputSpec) (bool, *obs.AwsAssumeRole)

OutputIsAssumeRole identifies if 'Authentication.AssumeRole` exists and returns ref if so

func OutputIsAwsRoleAuth ¶

func OutputIsAwsRoleAuth(o obs.OutputSpec) (bool, *obs.AwsAuthentication)

OutputIsAwsRoleAuth identifies if `Authentication.IamRole` exists and returns ref if so

func ParseAssumeRoleArn ¶

func ParseAssumeRoleArn(assumeRoleSpec *obs.AwsAssumeRole, secrets observability.Secrets) string

ParseAssumeRoleArn search for valid AWS assumeRole arn, return empty for no match

func ParseRoleArn ¶

func ParseRoleArn(authSpec *obs.AwsAuthentication, secrets observability.Secrets) string

ParseRoleArn search for valid AWS arn, return emtpy for no match

func ReconcileCredsFile ¶

func ReconcileCredsFile(k8sClient client.Client, reader client.Reader, namespace, name, clfName string, outputs []obs.OutputSpec, secrets observability.Secrets, configMaps map[string]*corev1.ConfigMap, owner metav1.OwnerReference) (*corev1.ConfigMap, error)

ReconcileCredsFile reconciles a configmap with credential profiles for aws outputs

func RequiresProfilesConfigMap ¶

func RequiresProfilesConfigMap(outputs []obs.OutputSpec) bool

RequiresProfilesConfigMap determine if a credentials configMap should be created for AWS

Types ¶

type ProfileCredentials ¶

type ProfileCredentials struct {
	Name                 string
	RoleARN              string
	WebIdentityTokenFile string
	AssumeRole           string
	ExternalID           string
	SessionName          string
}

ProfileCredentials contains fields for populating an AWS credentials file with profile info

func GenerateAwsProfileCreds ¶

func GenerateAwsProfileCreds(reader client.Reader, clfName string, outputs []obs.OutputSpec, secrets observability.Secrets) (profileCredentials []ProfileCredentials)

Source Files ¶

View all Source files

credentials.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL