Package io.envoyproxy.envoy.extensions.common.aws.v3

Interface AssumeRoleWithWebIdentityCredentialProviderOrBuilder

All Superinterfaces:
com.google.protobuf.MessageLiteOrBuilder, com.google.protobuf.MessageOrBuilder
All Known Implementing Classes:
AssumeRoleWithWebIdentityCredentialProvider, AssumeRoleWithWebIdentityCredentialProvider.Builder
public interface AssumeRoleWithWebIdentityCredentialProviderOrBuilder extends com.google.protobuf.MessageOrBuilder

  • Method Summary

    Modifier and Type
    Method
    Description
    String
    getRoleArn()
    The ARN of the role to assume.
    com.google.protobuf.ByteString
    getRoleArnBytes()
    The ARN of the role to assume.
    String
    getRoleSessionName()
    Optional role session name to use in AssumeRoleWithWebIdentity API call.
    com.google.protobuf.ByteString
    getRoleSessionNameBytes()
    Optional role session name to use in AssumeRoleWithWebIdentity API call.
    DataSource
    getWebIdentityTokenDataSource()
    Data source for a web identity token that is provided by the identity provider to assume the role.
    DataSourceOrBuilder
    getWebIdentityTokenDataSourceOrBuilder()
    Data source for a web identity token that is provided by the identity provider to assume the role.
    boolean
    hasWebIdentityTokenDataSource()
    Data source for a web identity token that is provided by the identity provider to assume the role.

    Methods inherited from interface com.google.protobuf.MessageLiteOrBuilder

    isInitialized

    Methods inherited from interface com.google.protobuf.MessageOrBuilder

    findInitializationErrors, getAllFields, getDefaultInstanceForType, getDescriptorForType, getField, getInitializationErrorString, getOneofFieldDescriptor, getRepeatedField, getRepeatedFieldCount, getUnknownFields, hasField, hasOneof

  • Method Details

    • hasWebIdentityTokenDataSource

      boolean hasWebIdentityTokenDataSource()
       Data source for a web identity token that is provided by the identity provider to assume the role.
 If a ``watched_directory`` is not provided, one will be automatically inferred from the directory of the token file. This is to ensure
 that if the token file is rotated, the new token will be picked up. This behaviour differs from the standard envoy data source behavior, which does not
 automatically watch the directory of a file data source.
 Even when file rotation occurs, current credentials will continue to be used until they expire, at which point new credentials will be retrieved using the new token.
      .envoy.config.core.v3.DataSource web_identity_token_data_source = 1 [(.udpa.annotations.sensitive) = true];
      Returns:
      Whether the webIdentityTokenDataSource field is set.

    • getWebIdentityTokenDataSource

      DataSource getWebIdentityTokenDataSource()
       Data source for a web identity token that is provided by the identity provider to assume the role.
 If a ``watched_directory`` is not provided, one will be automatically inferred from the directory of the token file. This is to ensure
 that if the token file is rotated, the new token will be picked up. This behaviour differs from the standard envoy data source behavior, which does not
 automatically watch the directory of a file data source.
 Even when file rotation occurs, current credentials will continue to be used until they expire, at which point new credentials will be retrieved using the new token.
      .envoy.config.core.v3.DataSource web_identity_token_data_source = 1 [(.udpa.annotations.sensitive) = true];
      Returns:
      The webIdentityTokenDataSource.

    • getWebIdentityTokenDataSourceOrBuilder

      DataSourceOrBuilder getWebIdentityTokenDataSourceOrBuilder()
       Data source for a web identity token that is provided by the identity provider to assume the role.
 If a ``watched_directory`` is not provided, one will be automatically inferred from the directory of the token file. This is to ensure
 that if the token file is rotated, the new token will be picked up. This behaviour differs from the standard envoy data source behavior, which does not
 automatically watch the directory of a file data source.
 Even when file rotation occurs, current credentials will continue to be used until they expire, at which point new credentials will be retrieved using the new token.
      .envoy.config.core.v3.DataSource web_identity_token_data_source = 1 [(.udpa.annotations.sensitive) = true];

    • getRoleArn

      String getRoleArn()
       The ARN of the role to assume.
      string role_arn = 2 [(.validate.rules) = { ... }
      Returns:
      The roleArn.

    • getRoleArnBytes

      com.google.protobuf.ByteString getRoleArnBytes()
       The ARN of the role to assume.
      string role_arn = 2 [(.validate.rules) = { ... }
      Returns:
      The bytes for roleArn.

    • getRoleSessionName

      String getRoleSessionName()
       Optional role session name to use in AssumeRoleWithWebIdentity API call.
      string role_session_name = 3;
      Returns:
      The roleSessionName.

    • getRoleSessionNameBytes

      com.google.protobuf.ByteString getRoleSessionNameBytes()
       Optional role session name to use in AssumeRoleWithWebIdentity API call.
      string role_session_name = 3;
      Returns:
      The bytes for roleSessionName.