本文整理汇总了Golang中github.com/aws/aws-sdk-go/service/sts.New函数的典型用法代码示例。如果您正苦于以下问题:Golang New函数的具体用法?Golang New怎么用?Golang New使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了New函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Golang代码示例。
示例1: ExampleSTS_GetSessionToken
func ExampleSTS_GetSessionToken() {
sess, err := session.NewSession()
if err != nil {
fmt.Println("failed to create session,", err)
return
}
svc := sts.New(sess)
params := &sts.GetSessionTokenInput{
DurationSeconds: aws.Int64(1),
SerialNumber: aws.String("serialNumberType"),
TokenCode: aws.String("tokenCodeType"),
}
resp, err := svc.GetSessionToken(params)
if err != nil {
// Print the error, cast err to awserr.Error to get the Code and
// Message from an error.
fmt.Println(err.Error())
return
}
// Pretty-print the response data.
fmt.Println(resp)
}
示例2: Retrieve
// Retrieve generates a new set of temporary credentials using STS.
func (p *AssumeRoleProvider) Retrieve() (credentials.Value, error) {
// Apply defaults where parameters are not set.
if p.Client == nil {
p.Client = sts.New(nil)
}
if p.RoleSessionName == "" {
// Try to work out a role name that will hopefully end up unique.
p.RoleSessionName = fmt.Sprintf("%d", time.Now().UTC().UnixNano())
}
if p.Duration == 0 {
// Expire as often as AWS permits.
p.Duration = 15 * time.Minute
}
roleOutput, err := p.Client.AssumeRole(&sts.AssumeRoleInput{
DurationSeconds: aws.Long(int64(p.Duration / time.Second)),
RoleARN: aws.String(p.RoleARN),
RoleSessionName: aws.String(p.RoleSessionName),
})
if err != nil {
return credentials.Value{}, err
}
// We will proactively generate new credentials before they expire.
p.SetExpiration(*roleOutput.Credentials.Expiration, p.ExpiryWindow)
return credentials.Value{
AccessKeyID: *roleOutput.Credentials.AccessKeyID,
SecretAccessKey: *roleOutput.Credentials.SecretAccessKey,
SessionToken: *roleOutput.Credentials.SessionToken,
}, nil
}
示例3: ExampleSTS_GetFederationToken
func ExampleSTS_GetFederationToken() {
sess, err := session.NewSession()
if err != nil {
fmt.Println("failed to create session,", err)
return
}
svc := sts.New(sess)
params := &sts.GetFederationTokenInput{
Name: aws.String("userNameType"), // Required
DurationSeconds: aws.Int64(1),
Policy: aws.String("sessionPolicyDocumentType"),
}
resp, err := svc.GetFederationToken(params)
if err != nil {
// Print the error, cast err to awserr.Error to get the Code and
// Message from an error.
fmt.Println(err.Error())
return
}
// Pretty-print the response data.
fmt.Println(resp)
}
示例4: ExampleSTS_AssumeRole
func ExampleSTS_AssumeRole() {
sess, err := session.NewSession()
if err != nil {
fmt.Println("failed to create session,", err)
return
}
svc := sts.New(sess)
params := &sts.AssumeRoleInput{
RoleArn: aws.String("arnType"), // Required
RoleSessionName: aws.String("roleSessionNameType"), // Required
DurationSeconds: aws.Int64(1),
ExternalId: aws.String("externalIdType"),
Policy: aws.String("sessionPolicyDocumentType"),
SerialNumber: aws.String("serialNumberType"),
TokenCode: aws.String("tokenCodeType"),
}
resp, err := svc.AssumeRole(params)
if err != nil {
// Print the error, cast err to awserr.Error to get the Code and
// Message from an error.
fmt.Println(err.Error())
return
}
// Pretty-print the response data.
fmt.Println(resp)
}
示例5: ExampleSTS_DecodeAuthorizationMessage
func ExampleSTS_DecodeAuthorizationMessage() {
svc := sts.New(nil)
params := &sts.DecodeAuthorizationMessageInput{
EncodedMessage: aws.String("encodedMessageType"), // Required
}
resp, err := svc.DecodeAuthorizationMessage(params)
if err != nil {
if awsErr, ok := err.(awserr.Error); ok {
// Generic AWS error with Code, Message, and original error (if any)
fmt.Println(awsErr.Code(), awsErr.Message(), awsErr.OrigErr())
if reqErr, ok := err.(awserr.RequestFailure); ok {
// A service error occurred
fmt.Println(reqErr.Code(), reqErr.Message(), reqErr.StatusCode(), reqErr.RequestID())
}
} else {
// This case should never be hit, the SDK should always return an
// error which satisfies the awserr.Error interface.
fmt.Println(err.Error())
}
}
// Pretty-print the response data.
fmt.Println(awsutil.Prettify(resp))
}
示例6: ExampleSTS_AssumeRoleWithSAML
func ExampleSTS_AssumeRoleWithSAML() {
svc := sts.New(nil)
params := &sts.AssumeRoleWithSAMLInput{
PrincipalARN: aws.String("arnType"), // Required
RoleARN: aws.String("arnType"), // Required
SAMLAssertion: aws.String("SAMLAssertionType"), // Required
DurationSeconds: aws.Long(1),
Policy: aws.String("sessionPolicyDocumentType"),
}
resp, err := svc.AssumeRoleWithSAML(params)
if err != nil {
if awsErr, ok := err.(awserr.Error); ok {
// Generic AWS Error with Code, Message, and original error (if any)
fmt.Println(awsErr.Code(), awsErr.Message(), awsErr.OrigErr())
if reqErr, ok := err.(awserr.RequestFailure); ok {
// A service error occurred
fmt.Println(reqErr.Code(), reqErr.Message(), reqErr.StatusCode(), reqErr.RequestID())
}
} else {
// This case should never be hit, the SDK should always return an
// error which satisfies the awserr.Error interface.
fmt.Println(err.Error())
}
}
// Pretty-print the response data.
fmt.Println(awsutil.StringValue(resp))
}
示例7: roleHandler
func (app *App) roleHandler(w http.ResponseWriter, r *http.Request) {
svc := sts.New(session.New(), &aws.Config{LogLevel: aws.LogLevel(2)})
resp, err := svc.AssumeRole(&sts.AssumeRoleInput{
RoleArn: aws.String(app.RoleArn),
RoleSessionName: aws.String("aws-mock-metadata"),
})
if err != nil {
log.Errorf("Error assuming role %+v", err)
http.Error(w, err.Error(), 500)
return
}
log.Debugf("STS response %+v", resp)
credentials := Credentials{
AccessKeyID: *resp.Credentials.AccessKeyId,
Code: "Success",
Expiration: resp.Credentials.Expiration.Format("2006-01-02T15:04:05Z"),
LastUpdated: time.Now().Format("2006-01-02T15:04:05Z"),
SecretAccessKey: *resp.Credentials.SecretAccessKey,
Token: *resp.Credentials.SessionToken,
Type: "AWS-HMAC",
}
if err := json.NewEncoder(w).Encode(credentials); err != nil {
log.Errorf("Error sending json %+v", err)
http.Error(w, err.Error(), 500)
}
}
示例8: ExampleSTS_GetSessionToken
func ExampleSTS_GetSessionToken() {
svc := sts.New(nil)
params := &sts.GetSessionTokenInput{
DurationSeconds: aws.Int64(1),
SerialNumber: aws.String("serialNumberType"),
TokenCode: aws.String("tokenCodeType"),
}
resp, err := svc.GetSessionToken(params)
if err != nil {
if awsErr, ok := err.(awserr.Error); ok {
// Generic AWS error with Code, Message, and original error (if any)
fmt.Println(awsErr.Code(), awsErr.Message(), awsErr.OrigErr())
if reqErr, ok := err.(awserr.RequestFailure); ok {
// A service error occurred
fmt.Println(reqErr.Code(), reqErr.Message(), reqErr.StatusCode(), reqErr.RequestID())
}
} else {
// This case should never be hit, the SDK should always return an
// error which satisfies the awserr.Error interface.
fmt.Println(err.Error())
}
}
// Pretty-print the response data.
fmt.Println(awsutil.Prettify(resp))
}
示例9: assumeRole
// assumeRole uses IAM credentials to assume a role
func (p *VaultProvider) assumeRole(creds credentials.Value, roleArn string) (sts.Credentials, error) {
client := sts.New(session.New(&aws.Config{
Credentials: credentials.NewCredentials(&credentials.StaticProvider{Value: creds}),
}))
input := &sts.AssumeRoleInput{
RoleArn: aws.String(roleArn),
RoleSessionName: aws.String(p.roleSessionName()),
DurationSeconds: aws.Int64(int64(p.AssumeRoleDuration.Seconds())),
}
// if we don't have a session, we need to include MFA token in the AssumeRole call
if mfa, ok := p.profiles[p.profile]["mfa_serial"]; ok {
input.SerialNumber = aws.String(mfa)
if p.MfaToken == "" {
token, err := p.MfaPrompt(fmt.Sprintf("Enter token for %s: ", mfa))
if err != nil {
return sts.Credentials{}, err
}
input.TokenCode = aws.String(token)
} else {
input.TokenCode = aws.String(p.MfaToken)
}
}
log.Printf("Assuming role %s with iam credentials", roleArn)
resp, err := client.AssumeRole(input)
if err != nil {
return sts.Credentials{}, err
}
return *resp.Credentials, nil
}
示例10: getSessionToken
func (p *VaultProvider) getSessionToken(creds *credentials.Value) (sts.Credentials, error) {
params := &sts.GetSessionTokenInput{
DurationSeconds: aws.Int64(int64(p.SessionDuration.Seconds())),
}
if mfa, ok := p.profiles[p.profile]["mfa_serial"]; ok {
params.SerialNumber = aws.String(mfa)
if p.MfaToken == "" {
token, err := p.MfaPrompt(fmt.Sprintf("Enter token for %s: ", mfa))
if err != nil {
return sts.Credentials{}, err
}
params.TokenCode = aws.String(token)
} else {
params.TokenCode = aws.String(p.MfaToken)
}
}
client := sts.New(session.New(&aws.Config{
Credentials: credentials.NewCredentials(&credentials.StaticProvider{
Value: *creds,
}),
}))
log.Printf("Getting new session token for profile %s", sourceProfile(p.profile, p.profiles))
resp, err := client.GetSessionToken(params)
if err != nil {
return sts.Credentials{}, err
}
return *resp.Credentials, nil
}
示例11: ExampleSTS_AssumeRoleWithWebIdentity
func ExampleSTS_AssumeRoleWithWebIdentity() {
svc := sts.New(nil)
params := &sts.AssumeRoleWithWebIdentityInput{
RoleArn: aws.String("arnType"), // Required
RoleSessionName: aws.String("userNameType"), // Required
WebIdentityToken: aws.String("clientTokenType"), // Required
DurationSeconds: aws.Int64(1),
Policy: aws.String("sessionPolicyDocumentType"),
ProviderId: aws.String("urlType"),
}
resp, err := svc.AssumeRoleWithWebIdentity(params)
if err != nil {
if awsErr, ok := err.(awserr.Error); ok {
// Generic AWS error with Code, Message, and original error (if any)
fmt.Println(awsErr.Code(), awsErr.Message(), awsErr.OrigErr())
if reqErr, ok := err.(awserr.RequestFailure); ok {
// A service error occurred
fmt.Println(reqErr.Code(), reqErr.Message(), reqErr.StatusCode(), reqErr.RequestID())
}
} else {
// This case should never be hit, the SDK should always return an
// error which satisfies the awserr.Error interface.
fmt.Println(err.Error())
}
}
// Pretty-print the response data.
fmt.Println(awsutil.Prettify(resp))
}
示例12: assumeRole
func (p *VaultProvider) assumeRole(session sts.Credentials, roleArn string) (sts.Credentials, error) {
client := p.client
if client == nil {
client = sts.New(&aws.Config{Credentials: credentials.NewStaticCredentials(
*session.AccessKeyId,
*session.SecretAccessKey,
*session.SessionToken,
)})
}
// Try to work out a role name that will hopefully end up unique.
roleSessionName := fmt.Sprintf("%d", time.Now().UTC().UnixNano())
input := &sts.AssumeRoleInput{
RoleArn: aws.String(roleArn),
RoleSessionName: aws.String(roleSessionName),
DurationSeconds: aws.Int64(int64(p.AssumeRoleDuration.Seconds())),
}
log.Printf("Assuming role %s", roleArn)
resp, err := client.AssumeRole(input)
if err != nil {
return sts.Credentials{}, err
}
return *resp.Credentials, nil
}
示例13: ExampleSTS_AssumeRoleWithWebIdentity
func ExampleSTS_AssumeRoleWithWebIdentity() {
sess, err := session.NewSession()
if err != nil {
fmt.Println("failed to create session,", err)
return
}
svc := sts.New(sess)
params := &sts.AssumeRoleWithWebIdentityInput{
RoleArn: aws.String("arnType"), // Required
RoleSessionName: aws.String("roleSessionNameType"), // Required
WebIdentityToken: aws.String("clientTokenType"), // Required
DurationSeconds: aws.Int64(1),
Policy: aws.String("sessionPolicyDocumentType"),
ProviderId: aws.String("urlType"),
}
resp, err := svc.AssumeRoleWithWebIdentity(params)
if err != nil {
// Print the error, cast err to awserr.Error to get the Code and
// Message from an error.
fmt.Println(err.Error())
return
}
// Pretty-print the response data.
fmt.Println(resp)
}
示例14: ExampleSTS_AssumeRoleWithSAML
func ExampleSTS_AssumeRoleWithSAML() {
sess, err := session.NewSession()
if err != nil {
fmt.Println("failed to create session,", err)
return
}
svc := sts.New(sess)
params := &sts.AssumeRoleWithSAMLInput{
PrincipalArn: aws.String("arnType"), // Required
RoleArn: aws.String("arnType"), // Required
SAMLAssertion: aws.String("SAMLAssertionType"), // Required
DurationSeconds: aws.Int64(1),
Policy: aws.String("sessionPolicyDocumentType"),
}
resp, err := svc.AssumeRoleWithSAML(params)
if err != nil {
// Print the error, cast err to awserr.Error to get the Code and
// Message from an error.
fmt.Println(err.Error())
return
}
// Pretty-print the response data.
fmt.Println(resp)
}
示例15: stsClient
func (k *AWSKey) stsClient() *sts.STS {
sess := session.New(&aws.Config{
Credentials: credentials.NewStaticCredentials(
k.ID,
k.Secret,
"", // Temporary session token
),
})
return sts.New(sess)
}