aws-config/aws.sdk.kotlin.runtime.auth.credentials

Package-level declarations

Types

class AssumeRoleParameters(val roleArn: String, val roleSessionName: String? = null, val externalId: String? = null, val duration: Duration = DEFAULT_CREDENTIALS_REFRESH_SECONDS.seconds, val policyArns: List<String>? = null, val policy: String? = null, val tags: Map<String, String>? = null, val transitiveTagKeys: List<String>? = null, val serialNumber: String? = null, val tokenCode: String? = null, val sourceIdentity: String? = null)

Parameters passed to an AssumeRole call

AssumeRoleWithWebIdentityParameters

class AssumeRoleWithWebIdentityParameters(val roleArn: String, val webIdentityTokenFilePath: String, val roleSessionName: String? = null, val duration: Duration = DEFAULT_CREDENTIALS_REFRESH_SECONDS.seconds, val providerId: String? = null, val policyArns: List<String>? = null, val policy: String? = null)

Parameters passed to an AssumeRoleWithWebIdentity call

CredentialsNotLoadedException

class CredentialsNotLoadedException(message: String?, cause: Throwable? = null) : ClientException

No credentials were available from this CredentialsProvider

DefaultChainBearerTokenProvider

class DefaultChainBearerTokenProvider(val profileName: String? = null, val platformProvider: PlatformProvider = PlatformProvider.System, val httpClient: HttpClientEngine? = null) : CloseableBearerTokenProvider

Default AWS bearer token provider chain used by services marked with @httpBearerAuth

DefaultChainCredentialsProvider

class DefaultChainCredentialsProvider(val profileName: String? = null, val platformProvider: PlatformProvider = PlatformProvider.System, httpClient: HttpClientEngine? = null, val region: String? = null) : CloseableCredentialsProvider

Default AWS credential provider chain used by most AWS SDKs.

EcsCredentialsProvider

class EcsCredentialsProvider(val platformProvider: PlatformProvider = PlatformProvider.System, httpClient: HttpClientEngine? = null, hostResolver: HostResolver = HostResolver.Default) : CloseableCredentialsProvider

A CredentialsProvider that sources credentials from a local metadata service.

EnvironmentCredentialsProvider

class EnvironmentCredentialsProvider(val getEnv: (String) -> String? = PlatformProvider.System::getenv) : CredentialsProvider

A CredentialsProvider which reads from AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, and AWS_SESSION_TOKEN.

ImdsCredentialsProvider

class ImdsCredentialsProvider(instanceProfileName: String? = null, client: InstanceMetadataProvider? = null, platformProvider: PlatformProvider = PlatformProvider.System) : CloseableCredentialsProvider

CredentialsProvider that uses EC2 instance metadata service (IMDS) to provide credentials information. This provider requires that the EC2 instance has an instance profile configured.

InvalidJsonCredentialsException

class InvalidJsonCredentialsException(message: String, cause: Throwable? = null) : ClientException

Exception thrown when credentials from response do not contain valid credentials or malformed JSON

InvalidSsoTokenException

class InvalidSsoTokenException(message: String, cause: Throwable? = null) : ConfigurationException

An error associated with a cached SSO token from ~/.aws/sso/cache/

ProcessCredentialsProvider

class ProcessCredentialsProvider(credentialProcess: String, platformProvider: PlatformProvider = PlatformProvider.System, maxOutputLengthBytes: Long = 64 * 1024, timeoutMillis: Long) : CredentialsProvider

CredentialsProvider that invokes a command to retrieve Credentials from stdout. If the exit code is non-zero, log and throw an exception including the stderr from the command.

ProfileCredentialsProvider

class ProfileCredentialsProvider : CloseableCredentialsProvider

A CredentialsProvider that gets credentials from a profile in ~/.aws/config or the shared credentials file ~/.aws/credentials. The locations of these files are configurable via environment or system property on the JVM (see AwsSdkSetting.AwsConfigFile and AwsSdkSetting.AwsSharedCredentialsFile).

ProviderConfigurationException

class ProviderConfigurationException(message: String, cause: Throwable? = null) : ConfigurationException

The CredentialsProvider was given an invalid configuration (e.g. invalid aws configuration file, invalid IMDS endpoint, etc)

SsoCredentialsProvider

class SsoCredentialsProvider(val accountId: String, val roleName: String, val startUrl: String, val ssoRegion: String, val ssoSessionName: String? = null, val httpClient: HttpClientEngine? = null, val platformProvider: PlatformProvider = PlatformProvider.System, clock: Clock = Clock.System) : CredentialsProvider

CredentialsProvider that uses AWS Single Sign-On (AWS SSO) to source credentials. The provider is expected to be configured for the AWS Region where the AWS SSO user portal is hosted.

SsoTokenProvider

class SsoTokenProvider(val ssoSessionName: String, val startUrl: String, val ssoRegion: String, val refreshBufferWindow: Duration = DEFAULT_SSO_TOKEN_REFRESH_BUFFER_SECONDS.seconds, val httpClient: HttpClientEngine? = null, val platformProvider: PlatformProvider = PlatformProvider.System, clock: Clock = Clock.System) : BearerTokenProvider

SsoTokenProvider provides a utility for refreshing SSO AccessTokens for Bearer Authentication. The provider can only be used to refresh already cached SSO Tokens. This utility cannot perform the initial SSO create token flow.

StaticCredentialsProvider

class StaticCredentialsProvider(val credentials: Credentials) : CredentialsProvider

A credentials provider for a fixed set of credentials

StsAssumeRoleCredentialsProvider

class StsAssumeRoleCredentialsProvider(val bootstrapCredentialsProvider: CredentialsProvider, val assumeRoleParameters: AssumeRoleParameters, val region: String? = null, val httpClient: HttpClientEngine? = null) : CredentialsProvider

A CredentialsProvider that uses another provider to assume a role from the AWS Security Token Service (STS).

StsWebIdentityCredentialsProvider

class StsWebIdentityCredentialsProvider(val webIdentityParameters: AssumeRoleWithWebIdentityParameters, val region: String?, val platformProvider: PlatformProvider = PlatformProvider.System, val httpClient: HttpClientEngine? = null) : CredentialsProvider

A CredentialsProvider that exchanges a Web Identity Token for credentials from the AWS Security Token Service (STS).

StsWebIdentityProvider

class StsWebIdentityProvider(val platformProvider: PlatformProvider = PlatformProvider.System, val httpClient: HttpClientEngine? = null, val region: String? = null) : CloseableCredentialsProvider

Wrapper around StsWebIdentityCredentialsProvider that delays any exceptions until resolve is invoked. This allows it to be part of the default chain and any failures result in the chain to move onto the next provider.

SystemPropertyCredentialsProvider

class SystemPropertyCredentialsProvider(val getProperty: (String) -> String? = PlatformProvider.System::getProperty) : CredentialsProvider

A CredentialsProvider which reads aws.accessKeyId, aws.secretAccessKey, and aws.sessionToken from system properties.