forked from miquella/vaulted
/
aws_key.go
38 lines (30 loc) · 934 Bytes
/
aws_key.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
package vaulted
import (
"time"
)
type AWSKey struct {
AWSCredentials
MFA string `json:"mfa,omitempty"`
Role string `json:"role,omitempty"`
ForgoTempCredGeneration bool `json:"forgoTempCredGeneration"`
}
func (k *AWSKey) Valid() bool {
return k != nil && k.AWSCredentials.Valid()
}
func (k *AWSKey) RequiresMFA() bool {
return k.Valid() && !k.ForgoTempCredGeneration && k.MFA != ""
}
func (k *AWSKey) GetAWSCredentials(duration time.Duration) (*AWSCredentials, error) {
if k.ForgoTempCredGeneration {
creds := k.AWSCredentials
return &creds, nil
}
return k.AWSCredentials.GetSessionToken(duration)
}
func (k *AWSKey) GetAWSCredentialsWithMFA(mfaToken string, duration time.Duration) (*AWSCredentials, error) {
if k.ForgoTempCredGeneration {
creds := k.AWSCredentials
return &creds, nil
}
return k.AWSCredentials.GetSessionTokenWithMFA(k.MFA, mfaToken, duration)
}