func TestEC2RoleProviderExpiryWindowIsExpired(t *testing.T) { server := initTestServer("2014-12-16T01:51:37Z", false) defer server.Close() p := &ec2rolecreds.EC2RoleProvider{ Client: ec2metadata.New(session.New(), &aws.Config{Endpoint: aws.String(server.URL + "/latest")}), ExpiryWindow: time.Hour * 1, } p.CurrentTime = func() time.Time { return time.Date(2014, 12, 15, 0, 51, 37, 0, time.UTC) } assert.True(t, p.IsExpired(), "Expect creds to be expired before retrieve.") _, err := p.Retrieve() assert.Nil(t, err, "Expect no error, %v", err) assert.False(t, p.IsExpired(), "Expect creds to not be expired after retrieve.") p.CurrentTime = func() time.Time { return time.Date(2014, 12, 16, 0, 55, 37, 0, time.UTC) } assert.True(t, p.IsExpired(), "Expect creds to be expired.") }
func TestNewDefaultSession(t *testing.T) { s := session.New(&aws.Config{Region: aws.String("region")}) assert.Equal(t, "region", *s.Config.Region) assert.Equal(t, http.DefaultClient, s.Config.HTTPClient) assert.NotNil(t, s.Config.Logger) assert.Equal(t, aws.LogOff, *s.Config.LogLevel) }
func TestEC2RoleProvider(t *testing.T) { server := initTestServer("2014-12-16T01:51:37Z", false) defer server.Close() p := &ec2rolecreds.EC2RoleProvider{ Client: ec2metadata.New(session.New(), &aws.Config{Endpoint: aws.String(server.URL + "/latest")}), } creds, err := p.Retrieve() assert.Nil(t, err, "Expect no error, %v", err) assert.Equal(t, "accessKey", creds.AccessKeyID, "Expect access key ID to match") assert.Equal(t, "secret", creds.SecretAccessKey, "Expect secret access key to match") assert.Equal(t, "token", creds.SessionToken, "Expect session token to match") }
func ExampleSTS_DecodeAuthorizationMessage() { svc := sts.New(session.New()) params := &sts.DecodeAuthorizationMessageInput{ EncodedMessage: aws.String("encodedMessageType"), // Required } resp, err := svc.DecodeAuthorizationMessage(params) if err != nil { // Print the error, cast err to awserr.Error to get the Code and // Message from an error. fmt.Println(err.Error()) return } // Pretty-print the response data. fmt.Println(resp) }
func BenchmarkEC3RoleProvider(b *testing.B) { server := initTestServer("2014-12-16T01:51:37Z", false) defer server.Close() p := &ec2rolecreds.EC2RoleProvider{ Client: ec2metadata.New(session.New(), &aws.Config{Endpoint: aws.String(server.URL + "/latest")}), } _, err := p.Retrieve() if err != nil { b.Fatal(err) } b.ResetTimer() for i := 0; i < b.N; i++ { if _, err := p.Retrieve(); err != nil { b.Fatal(err) } } }
func ExampleSTS_GetSessionToken() { svc := sts.New(session.New()) params := &sts.GetSessionTokenInput{ DurationSeconds: aws.Int64(1), SerialNumber: aws.String("serialNumberType"), TokenCode: aws.String("tokenCodeType"), } resp, err := svc.GetSessionToken(params) if err != nil { // Print the error, cast err to awserr.Error to get the Code and // Message from an error. fmt.Println(err.Error()) return } // Pretty-print the response data. fmt.Println(resp) }
func ExampleSTS_GetFederationToken() { svc := sts.New(session.New()) params := &sts.GetFederationTokenInput{ Name: aws.String("userNameType"), // Required DurationSeconds: aws.Int64(1), Policy: aws.String("sessionPolicyDocumentType"), } resp, err := svc.GetFederationToken(params) if err != nil { // Print the error, cast err to awserr.Error to get the Code and // Message from an error. fmt.Println(err.Error()) return } // Pretty-print the response data. fmt.Println(resp) }
func TestEC2RoleProviderFailAssume(t *testing.T) { server := initTestServer("2014-12-16T01:51:37Z", true) defer server.Close() p := &ec2rolecreds.EC2RoleProvider{ Client: ec2metadata.New(session.New(), &aws.Config{Endpoint: aws.String(server.URL + "/latest")}), } creds, err := p.Retrieve() assert.Error(t, err, "Expect error") e := err.(awserr.Error) assert.Equal(t, "ErrorCode", e.Code()) assert.Equal(t, "ErrorMsg", e.Message()) assert.Nil(t, e.OrigErr()) assert.Equal(t, "", creds.AccessKeyID, "Expect access key ID to match") assert.Equal(t, "", creds.SecretAccessKey, "Expect secret access key to match") assert.Equal(t, "", creds.SessionToken, "Expect session token to match") }
func ExampleSTS_AssumeRoleWithSAML() { svc := sts.New(session.New()) params := &sts.AssumeRoleWithSAMLInput{ PrincipalArn: aws.String("arnType"), // Required RoleArn: aws.String("arnType"), // Required SAMLAssertion: aws.String("SAMLAssertionType"), // Required DurationSeconds: aws.Int64(1), Policy: aws.String("sessionPolicyDocumentType"), } resp, err := svc.AssumeRoleWithSAML(params) if err != nil { // Print the error, cast err to awserr.Error to get the Code and // Message from an error. fmt.Println(err.Error()) return } // Pretty-print the response data. fmt.Println(resp) }
func ExampleSTS_AssumeRoleWithWebIdentity() { svc := sts.New(session.New()) params := &sts.AssumeRoleWithWebIdentityInput{ RoleArn: aws.String("arnType"), // Required RoleSessionName: aws.String("roleSessionNameType"), // Required WebIdentityToken: aws.String("clientTokenType"), // Required DurationSeconds: aws.Int64(1), Policy: aws.String("sessionPolicyDocumentType"), ProviderId: aws.String("urlType"), } resp, err := svc.AssumeRoleWithWebIdentity(params) if err != nil { // Print the error, cast err to awserr.Error to get the Code and // Message from an error. fmt.Println(err.Error()) return } // Pretty-print the response data. fmt.Println(resp) }
func ExampleSTS_AssumeRole() { svc := sts.New(session.New()) params := &sts.AssumeRoleInput{ RoleArn: aws.String("arnType"), // Required RoleSessionName: aws.String("roleSessionNameType"), // Required DurationSeconds: aws.Int64(1), ExternalId: aws.String("externalIdType"), Policy: aws.String("sessionPolicyDocumentType"), SerialNumber: aws.String("serialNumberType"), TokenCode: aws.String("tokenCodeType"), } resp, err := svc.AssumeRole(params) if err != nil { // Print the error, cast err to awserr.Error to get the Code and // Message from an error. fmt.Println(err.Error()) return } // Pretty-print the response data. fmt.Println(resp) }