BuildRoleARN constructs a string AWS ARN from a username, region, and account ID.

CheckARNPartitionAndAccount checks an AWS ARN against an expected AWS partition and account ID.

ConvertS3Error wraps S3 error and returns trace equivalent It works on both sdk v1 and v2.

FilterAWSRoles returns role ARNs from the provided list that belong to the specified AWS account ID.

GetKnownRegions returns a list of "well-known" AWS regions generated from AWS SDK.

IsKnownRegion returns true if provided region is one of the "well-known" AWS regions.

IsPartialRoleARN returns true if the provided role ARN only contains the resource name.

IsRoleARN returns true if the provided string is a AWS role ARN.

IsSignedByAWSSigV4 checks is the request was signed by AWS Signature Version 4 algorithm.

IsUserARN returns true if the provided string is a AWS user ARN.

IsXMLOfLocalName returns true if the root XML has the provided (local) name.

MarshalXML marshals the provided root name and a map of children in XML with default indent (prefix "", indent " ").

NewCachedCredentialsGetter returns a CredentialsGetter that caches credentials.

NewCredentialsGetter returns a new CredentialsGetter.

NewS3V2FileWriter created s3V2FileWriter.

NewSigner creates a new V4 signer.

NewSigningService creates a new instance of SigningService.

NewStaticCredentialsGetter returns a CredentialsGetter that always returns the same provided credentials.

ParseRoleARN parses an AWS ARN and checks that the ARN is for an IAM Role resource.

ParseSigV4 AWS SigV4 credentials string sections.

PolicyARN returns the ARN representation of an AWS IAM Policy.

RoleARN returns the ARN representation of an AWS IAM Role.

UnmarshalRequestBody reads and unmarshals a JSON request body into a protobuf Struct wrapper.

UnmarshalXMLChildNode decodes the XML-encoded data and stores the child node with the specified name to v, where v is a pointer to an AWS SDK v1 struct.

ValidateRoleARNAndExtractRoleName validates the role ARN and extracts the short role name from it.

VerifyAWSSignature verifies the request signature ensuring that the request originates from tsh aws command execution AWS CLI signs the request with random generated credentials that are passed to LocalProxy by the AWSCredentials LocalProxyConfig configuration.

AmazonSigV4AuthorizationPrefix is AWS Authorization prefix indicating that the request was signed by AWS Signature Version 4.

AmzDateHeader is header name containing timestamp when signature was generated.

AmzDateTimeFormat is time format used in X-Amz-Date header.

AmzJSON1_0 is an AWS Content-Type header that indicates the media type is JSON.

AmzJSON1_1 is an AWS Content-Type header that indicates the media type is JSON.

AmzTargetHeader is a header containing the API target.

CachedCredentialsGetterConfig is the config for creating a CredentialsGetter that caches credentials.

GetCredentialsRequest is the request for obtaining STS credentials.

Role describes an AWS IAM role for AWS console access.

SigningCtx contains AWS SigV4 signing context parameters.

SigningService is an AWS CLI proxy service that signs AWS requests based on user identity.

SigningServiceConfig is the SigningService configuration.

SigV4 contains parsed content of the AWS Authorization header.

CredentialsGetter defines an interface for obtaining STS credentials.

Roles is a slice of roles.