BuildRoleARN constructs a string AWS ARN from a username, region, and account ID.

CheckARNPartitionAndAccount checks an AWS ARN against an expected AWS partition and account ID.

ConvertS3Error wraps S3 error and returns trace equivalent It works on both sdk v1 and v2.

CreateBucketConfiguration creates the default CreateBucketConfiguration.

FilterAWSRoles returns role ARNs from the provided list that belong to the specified AWS account ID.

GetKnownRegions returns a list of "well-known" AWS regions generated from AWS SDK.

IsKnownRegion returns true if provided region is one of the "well-known" AWS regions.

IsPartialRoleARN returns true if the provided role ARN only contains the resource name.

IsRoleARN returns true if the provided string is a AWS role ARN.

IsSignedByAWSSigV4 checks is the request was signed by AWS Signature Version 4 algorithm.

IsUserARN returns true if the provided string is a AWS user ARN.

IsXMLOfLocalName returns true if the root XML has the provided (local) name.

MarshalXML marshals the provided root name and a map of children in XML with default indent (prefix "", indent " ").

MaybeHashRoleSessionName truncates the role session name and adds a hash when the original role session name is greater than AWS character limit (64).

NewS3V2FileWriter created s3V2FileWriter.

NewSigner creates a new V4 signer.

NewSignerV2 is a temporary AWS SDK migration helper.

ParseRoleARN parses an AWS ARN and checks that the ARN is for an IAM Role resource.

ParseSigV4 AWS SigV4 credentials string sections.

PolicyARN returns the ARN representation of an AWS IAM Policy.

RoleARN returns the ARN representation of an AWS IAM Role.

SessionProviderUsingAmbientCredentials returns an AWS Session using ambient credentials.

SignRequest creates a new HTTP request and rewrites the header from the original request and returns a new HTTP request signed by STS AWS API.

StaticAWSSessionProvider is a helper method that returns a static session.

UnmarshalRequestBody reads and unmarshals a JSON request body into a protobuf Struct wrapper.

UnmarshalXMLChildNode decodes the XML-encoded data and stores the child node with the specified name to v, where v is a pointer to an AWS SDK v1 struct.

ValidateRoleARNAndExtractRoleName validates the role ARN and extracts the short role name from it.

VerifyAWSSignature verifies the request signature ensuring that the request originates from tsh aws command execution AWS CLI signs the request with random generated credentials that are passed to LocalProxy by the AWSCredentials LocalProxyConfig configuration.

AmazonSigV4AuthorizationPrefix is AWS Authorization prefix indicating that the request was signed by AWS Signature Version 4.

AmzDateHeader is header name containing timestamp when signature was generated.

AmzDateTimeFormat is time format used in X-Amz-Date header.

AmzJSON1_0 is an AWS Content-Type header that indicates the media type is JSON.

AmzJSON1_1 is an AWS Content-Type header that indicates the media type is JSON.

AmzTargetHeader is a header containing the API target.

MaxRoleSessionNameLength is the maximum length of the role session name used by the AssumeRole call.

Role describes an AWS IAM role for AWS console access.

SigningCtx contains AWS SigV4 signing context parameters.

SigV4 contains parsed content of the AWS Authorization header.

AWSSessionProvider defines a function that creates an AWS Session.

Roles is a slice of roles.