// NewCredentialsWithClient returns a pointer to a new Credentials object wrapping // the EC2RoleProvider. Takes a EC2Metadata client to use when connecting to EC2 // metadata service. func NewCredentialsWithClient(client *ec2metadata.EC2Metadata, options ...func(*EC2RoleProvider)) *credentials.Credentials { p := &EC2RoleProvider{ Client: client, } for _, option := range options { option(p) } return credentials.NewCredentials(p) }
// NewCredentials returns a pointer to a new Credentials object wrapping // the EC2RoleProvider. Takes a ConfigProvider to create a EC2Metadata client. // The ConfigProvider is satisfied by the session.Session type. func NewCredentials(c client.ConfigProvider, options ...func(*EC2RoleProvider)) *credentials.Credentials { p := &EC2RoleProvider{ Client: ec2metadata.New(c), } for _, option := range options { option(p) } return credentials.NewCredentials(p) }
// NewCredentialsWithClient returns a pointer to a new Credentials object wrapping the // AssumeRoleProvider. The credentials will expire every 15 minutes and the // role will be named after a nanosecond timestamp of this operation. // // Takes an AssumeRoler which can be satisfiede by the STS client. func NewCredentialsWithClient(svc AssumeRoler, roleARN string, options ...func(*AssumeRoleProvider)) *credentials.Credentials { p := &AssumeRoleProvider{ Client: svc, RoleARN: roleARN, Duration: DefaultDuration, } for _, option := range options { option(p) } return credentials.NewCredentials(p) }
// NewCredentials returns a pointer to a new Credentials object wrapping the // AssumeRoleProvider. The credentials will expire every 15 minutes and the // role will be named after a nanosecond timestamp of this operation. // // Takes a Config provider to create the STS client. The ConfigProvider is // satisfied by the session.Session type. func NewCredentials(c client.ConfigProvider, roleARN string, options ...func(*AssumeRoleProvider)) *credentials.Credentials { p := &AssumeRoleProvider{ Client: sts.New(c), RoleARN: roleARN, Duration: DefaultDuration, } for _, option := range options { option(p) } return credentials.NewCredentials(p) }
// CredChain returns the default credential chain. // // Generally you shouldn't need to use this method directly, but // is available if you need to reset the credentials of an // existing service client or session's Config. func CredChain(cfg *aws.Config, handlers request.Handlers) *credentials.Credentials { endpoint, signingRegion := endpoints.EndpointForRegion(ec2metadata.ServiceName, *cfg.Region, true) return credentials.NewCredentials(&credentials.ChainProvider{ VerboseErrors: aws.BoolValue(cfg.CredentialsChainVerboseErrors), Providers: []credentials.Provider{ &credentials.EnvProvider{}, &credentials.SharedCredentialsProvider{Filename: "", Profile: ""}, &ec2rolecreds.EC2RoleProvider{ Client: ec2metadata.NewClient(*cfg, handlers, endpoint, signingRegion), ExpiryWindow: 5 * time.Minute, }, }}) }