awsiid

package

v1.10.0 Latest Latest Go to latest Published: Jun 24, 2024 License: Apache-2.0 Imports: 47 Imported by: 1

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/spiffe/spire

Links

Open Source Insights

Documentation ¶

Index ¶

func BuiltIn() catalog.BuiltIn
type Client
type IIDAttestorConfig
type IIDAttestorPlugin
- func New() *IIDAttestorPlugin
type PublicKeyType
type SessionConfig
- func (cfg *SessionConfig) Validate(defaultAccessKeyID, defaultSecretAccessKey string) error

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func BuiltIn ¶

func BuiltIn() catalog.BuiltIn

BuiltIn creates a new built-in plugin

Types ¶

type Client ¶

type Client interface {
	ec2.DescribeInstancesAPIClient
	iam.GetInstanceProfileAPIClient
	organizations.ListAccountsAPIClient
}

type IIDAttestorConfig ¶

type IIDAttestorConfig struct {
	SessionConfig                   `hcl:",squash"`
	SkipBlockDevice                 bool                 `hcl:"skip_block_device"`
	DisableInstanceProfileSelectors bool                 `hcl:"disable_instance_profile_selectors"`
	LocalValidAcctIDs               []string             `hcl:"account_ids_for_local_validation"`
	AgentPathTemplate               string               `hcl:"agent_path_template"`
	AssumeRole                      string               `hcl:"assume_role"`
	Partition                       string               `hcl:"partition"`
	ValidateOrgAccountID            *orgValidationConfig `hcl:"verify_organization"`
	// contains filtered or unexported fields
}

IIDAttestorConfig holds hcl configuration for IID attestor plugin

type IIDAttestorPlugin ¶

type IIDAttestorPlugin struct {
	nodeattestorbase.Base
	nodeattestorv1.UnsafeNodeAttestorServer
	configv1.UnsafeConfigServer
	// contains filtered or unexported fields
}

IIDAttestorPlugin implements node attestation for agents running in aws.

func New ¶

func New() *IIDAttestorPlugin

New creates a new IIDAttestorPlugin.

func (*IIDAttestorPlugin) Attest ¶

func (p *IIDAttestorPlugin) Attest(stream nodeattestorv1.NodeAttestor_AttestServer) error

Attest implements the server side logic for the aws iid node attestation plugin.

func (*IIDAttestorPlugin) Configure ¶

func (p *IIDAttestorPlugin) Configure(_ context.Context, req *configv1.ConfigureRequest) (*configv1.ConfigureResponse, error)

Configure configures the IIDAttestorPlugin.

func (*IIDAttestorPlugin) SetLogger ¶

func (p *IIDAttestorPlugin) SetLogger(log hclog.Logger)

SetLogger sets this plugin's logger

type PublicKeyType ¶ added in v1.7.0

type PublicKeyType int

PublicKeyType is the type of public key used to verify the AWS signature.

const (
	KeyTypeUnset PublicKeyType = iota
	RSA1024
	RSA2048
)

type SessionConfig ¶

type SessionConfig struct {
	AccessKeyID     string `hcl:"access_key_id"`
	SecretAccessKey string `hcl:"secret_access_key"`
	AssumeRole      string `hcl:"assume_role"`
	Partition       string `hcl:"partition"`
}

SessionConfig is a common config for AWS session config.

func (*SessionConfig) Validate ¶

func (cfg *SessionConfig) Validate(defaultAccessKeyID, defaultSecretAccessKey string) error

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
awsrsa1024
awsrsa2048

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL