Skip to content

Commit

Permalink
creds: Add Expiration value (#1936)
Browse files Browse the repository at this point in the history
Export expiration of the credentials, if any. Zero time means no
expiration.
  • Loading branch information
vadmeste authored Feb 16, 2024
1 parent 15213d3 commit 42ac5f4
Show file tree
Hide file tree
Showing 9 changed files with 15 additions and 4 deletions.
1 change: 1 addition & 0 deletions pkg/credentials/assume_role.go
Original file line number Diff line number Diff line change
Expand Up @@ -237,6 +237,7 @@ func (m *STSAssumeRole) Retrieve() (Value, error) {
AccessKeyID: a.Result.Credentials.AccessKey,
SecretAccessKey: a.Result.Credentials.SecretKey,
SessionToken: a.Result.Credentials.SessionToken,
Expiration: a.Result.Credentials.Expiration,
SignerType: SignatureV4,
}, nil
}
11 changes: 7 additions & 4 deletions pkg/credentials/credentials.go
Original file line number Diff line number Diff line change
Expand Up @@ -30,17 +30,20 @@ const (
defaultExpiryWindow = 0.8
)

// A Value is the AWS credentials value for individual credential fields.
// A Value is the S3 credentials value for individual credential fields.
type Value struct {
// AWS Access key ID
// S3 Access key ID
AccessKeyID string

// AWS Secret Access Key
// S3 Secret Access Key
SecretAccessKey string

// AWS Session Token
// S3 Session Token
SessionToken string

// Expiration of this credentials - null means no expiration associated
Expiration time.Time

// Signature Type.
SignerType SignatureType
}
Expand Down
1 change: 1 addition & 0 deletions pkg/credentials/file_aws_credentials.go
Original file line number Diff line number Diff line change
Expand Up @@ -129,6 +129,7 @@ func (p *FileAWSCredentials) Retrieve() (Value, error) {
AccessKeyID: externalProcessCredentials.AccessKeyID,
SecretAccessKey: externalProcessCredentials.SecretAccessKey,
SessionToken: externalProcessCredentials.SessionToken,
Expiration: externalProcessCredentials.Expiration,
SignerType: SignatureV4,
}, nil
}
Expand Down
1 change: 1 addition & 0 deletions pkg/credentials/iam_aws.go
Original file line number Diff line number Diff line change
Expand Up @@ -209,6 +209,7 @@ func (m *IAM) Retrieve() (Value, error) {
AccessKeyID: roleCreds.AccessKeyID,
SecretAccessKey: roleCreds.SecretAccessKey,
SessionToken: roleCreds.Token,
Expiration: roleCreds.Expiration,
SignerType: SignatureV4,
}, nil
}
Expand Down
1 change: 1 addition & 0 deletions pkg/credentials/sts_client_grants.go
Original file line number Diff line number Diff line change
Expand Up @@ -177,6 +177,7 @@ func (m *STSClientGrants) Retrieve() (Value, error) {
AccessKeyID: a.Result.Credentials.AccessKey,
SecretAccessKey: a.Result.Credentials.SecretKey,
SessionToken: a.Result.Credentials.SessionToken,
Expiration: a.Result.Credentials.Expiration,
SignerType: SignatureV4,
}, nil
}
1 change: 1 addition & 0 deletions pkg/credentials/sts_custom_identity.go
Original file line number Diff line number Diff line change
Expand Up @@ -113,6 +113,7 @@ func (c *CustomTokenIdentity) Retrieve() (value Value, err error) {
AccessKeyID: cr.AccessKey,
SecretAccessKey: cr.SecretKey,
SessionToken: cr.SessionToken,
Expiration: cr.Expiration,
SignerType: SignatureV4,
}, nil
}
Expand Down
1 change: 1 addition & 0 deletions pkg/credentials/sts_ldap_identity.go
Original file line number Diff line number Diff line change
Expand Up @@ -184,6 +184,7 @@ func (k *LDAPIdentity) Retrieve() (value Value, err error) {
AccessKeyID: cr.AccessKey,
SecretAccessKey: cr.SecretKey,
SessionToken: cr.SessionToken,
Expiration: cr.Expiration,
SignerType: SignatureV4,
}, nil
}
1 change: 1 addition & 0 deletions pkg/credentials/sts_tls_identity.go
Original file line number Diff line number Diff line change
Expand Up @@ -188,6 +188,7 @@ func (i *STSCertificateIdentity) Retrieve() (Value, error) {
AccessKeyID: response.Result.Credentials.AccessKey,
SecretAccessKey: response.Result.Credentials.SecretKey,
SessionToken: response.Result.Credentials.SessionToken,
Expiration: response.Result.Credentials.Expiration,
SignerType: SignatureDefault,
}, nil
}
Expand Down
1 change: 1 addition & 0 deletions pkg/credentials/sts_web_identity.go
Original file line number Diff line number Diff line change
Expand Up @@ -195,6 +195,7 @@ func (m *STSWebIdentity) Retrieve() (Value, error) {
AccessKeyID: a.Result.Credentials.AccessKey,
SecretAccessKey: a.Result.Credentials.SecretKey,
SessionToken: a.Result.Credentials.SessionToken,
Expiration: a.Result.Credentials.Expiration,
SignerType: SignatureV4,
}, nil
}
Expand Down

0 comments on commit 42ac5f4

Please sign in to comment.