# README
AWSUTIL - Go library for generating aws credentials
NOTE: This is version 2 of the library. The v0 branch contains version 0,
which may be needed for legacy applications or while transitioning to version 2.
Usage
Following is an example usage of generating AWS credentials with static user credentials
// AWS access keys for an IAM user can be used as your AWS credentials.
// This is an example of an access key and secret key
var accessKey = "AKIAIOSFODNN7EXAMPLE"
var secretKey = "wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY"
// Access key IDs beginning with AKIA are long-term access keys. A long-term
// access key should be supplied when generating static credentials.
config, err := awsutil.NewCredentialsConfig(
awsutil.WithAccessKey(accessKey),
awsutil.WithSecretKey(secretKey),
)
if err != nil {
return err
}
s3Client := s3.NewFromConfig(config)
Contributing to v0
To push a bug fix or feature for awsutil v0, branch out from the awsutil/v0 branch.
Commit the code changes you want to this new branch and open a PR. Make sure the PR
is configured so that the base branch is set to awsutil/v0 and not main. Once the PR
is reviewed, feel free to merge it into the awsutil/v0 branch. When creating a new
release, validate that the Target branch is awsutil/v0 and the tag is awsutil/v0.x.x.
# Functions
AppendAWSError checks if the given error is a known AWS error we modify, and if so then returns a go-multierror, appending the original and the AWS error.
CheckAWSError will examine an error and convert to a logical error if appropriate.
It's impossible to mimic "normal" AWS behavior here because it's not consistent
or well-defined.
MockAWSThrottleErr returns a mocked aws error that mimics a throttling exception.
MockOptionErr provides a mock option error for use with testing.
GenerateCredentialChain uses the config to generate a credential chain suitable for creating AWS sessions and clients.
NewMockCredentialsProvider provides a factory function to use with the WithCredentialsProvider option.
NewMockIAM provides a factory function to use with the WithIAMAPIFunc option.
NewMockSTS provides a factory function to use with the WithSTSAPIFunc option.
No description provided by the author
WithAccessKey allows passing an access key to use for operations.
WithAssumeRoleError sets the error output for the AssumeRole method.
WithAssumeRoleOutput sets the output for the AssumeRole method.
WithAwsConfig allows controlling the configuration passed into the client.
WithCreateAccessKeyError sets the error output for the CreateAccessKey method.
WithCreateAccessKeyOutput sets the output for the CreateAccessKey method.
WithCredentials sets the output for the Retrieve method.
WithCredentialsProvider allows passing in a CredentialsProvider interface constructor for mocking the AWS Credential Provider.
WithDeleteAccessKeyError sets the error output for the DeleteAccessKey method.
WithCredentials sets the output for the Retrieve method.
WithGetCallerIdentityError sets the error output for the GetCallerIdentity method.
WithGetCallerIdentityOutput sets the output for the GetCallerIdentity method.
WithGetUserError sets the error output for the GetUser method.
WithGetUserOutput sets the output for the GetUser method.
WithHttpClient allows passing a custom client to use.
WithIAMAPIFunc allows passing in an IAM interface constructor for mocking the AWS IAM API.
WithIamEndppointResolver allows passing a custom IAM endpoint resolver.
WithListAccessKeysError sets the error output for the ListAccessKeys method.
WithListAccessKeysOutput sets the output for the ListAccessKeys method.
WithLogger allows passing a logger to use.
WithMaxRetries allows passing custom max retries to set.
WithRegion allows passing a custom region.
WithRoleArn allows passing a role arn to use when creating either a web identity role provider or a ec2-instance role provider.
WithRoleExternalId allows passing a external id to use when creating a ec2-instance role provider.
WithRoleSessionName allows passing a session name to use when creating either a web identity role provider or a ec2-instance role provider.
WithRoleTags allows passing tags to use when creating a ec2-instance role provider.
WithSecretKey allows passing a secret key to use for operations.
WithSharedCredentials allows controlling whether shared credentials are used.
WithSTSAPIFunc allows passing in a STS interface constructor for mocking the AWS STS API.
WithStsEndpointResolver allows passing a custom STS endpoint resolver.
WithUsername allows passing the user name to use for an operation.
WithValidityCheckTimeout allows passing a timeout for operations that can wait on success.
WithWebIdentityToken allows passing a web identity token to use for the assumed role.
WithWebIdentityTokenFile allows passing a web identity token file to use for the assumed role.
# Constants
"us-east-1 is used because it's where AWS first provides support for new features, is a widely used region, and is the most common one for some services like STS.
# Variables
No description provided by the author
# Structs
No description provided by the author
MockAWSErr is used to mock API error types for tests.
MockCredentialsProvider provides a way to mock the aws.CredentialsProvider.
MockIAM provides a way to mock the AWS IAM API.
MockSTS provides a way to mock the AWS STS API.
# Type aliases
FetchTokenContents allows the use of the content of a token in the WebIdentityProvider, instead of the path to a token.
IAMAPIFunc is a factory function for returning an IAM interface, useful for supplying mock interfaces for testing IAM.
MockCredentialsProviderOption is a function for setting the various fields on a MockCredentialsProvider object.
MockIAMOption is a function for setting the various fields on a MockIAM object.
MockSTSOption is a function for setting the various fields on a MockSTS object.
Option - how Options are passed as arguments.
STSAPIFunc is a factory function for returning a STS interface, useful for supplying mock interfaces for testing STS.