diff --git a/content/en/user-guide/integrations/sdks/go/index.md b/content/en/user-guide/integrations/sdks/go/index.md index 9dbf2063a9..24809b94e6 100644 --- a/content/en/user-guide/integrations/sdks/go/index.md +++ b/content/en/user-guide/integrations/sdks/go/index.md @@ -78,6 +78,120 @@ func main() { }) // ... }{{< /tab >}} + +{{< tab header="aws-go-sdk-v2 Credential Provider" lang="golang" >}} +package main + +import ( + "context" + "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/config" +) + +const ( + AwsLocalEndpoint = "http://localhost:4566" + AwsLocalCredentialsName = "AwsLocalCredentials" + AwsLocalDefaultRegion = "us-east-1" + AwsLocalAccountId = "000000000000" + AwsLocalAccessKey = "test" + AwsLocalSecret = "test" +) + +var ( + ErrorAwsLocalCredentialsEmpty = "awslocal credentials are empty" +) + +// NewAwsLocalConfig returns a new [aws.Config] object configured to connect to LocalStack. +func NewAwsLocalConfig(ctx context.Context, accountId, endpoint, region, key, secret string, optFns ...func(*config.LoadOptions) error) aws.Config { + opts := []func(*config.LoadOptions) error{ + config.WithRegion(region), + config.WithCredentialsProvider(NewAwsLocalCredentialsProvider(key, secret, accountId)), + } + opts = append(opts, optFns...) + + cfg, err := config.LoadDefaultConfig(ctx, opts...) + if err != nil { + panic(err) + } + + cfg.BaseEndpoint = aws.String(endpoint) + return cfg +} + +// NewDefaultAwsLocalConfig returns a new default [aws.Config] object configured to connect to the default LocalStack. +func NewDefaultAwsLocalConfig() aws.Config { + cfg, err := config.LoadDefaultConfig(context.TODO(), + config.WithRegion(AwsLocalDefaultRegion), + config.WithCredentialsProvider(NewDefaultAwsLocalCredentialsProvider())) + if err != nil { + panic(err) + } + cfg.BaseEndpoint = aws.String(AwsLocalEndpoint) + return cfg +} + +// to ensure AwsLocalCredentialsProvider implements the [aws.CredentialsProvider] interface +var _ aws.CredentialsProvider = (*AwsLocalCredentialsProvider)(nil) + +// A AwsLocalCredentialsProvider is a static credentials provider that returns the same credentials, +// designed for use with LocalStack +type AwsLocalCredentialsProvider struct { + Value aws.Credentials +} + +// NewDefaultAwsLocalCredentialsProvider returns an AwsLocalCredentialsProvider +// initialized with the default AwsLocal credentials. +func NewDefaultAwsLocalCredentialsProvider() AwsLocalCredentialsProvider { + return NewAwsLocalCredentialsProvider(AwsLocalAccessKey, AwsLocalSecret, AwsLocalAccountId) +} + +// NewAwsLocalCredentialsProvider return a StaticCredentialsProvider initialized with the AWS credentials passed in. +func NewAwsLocalCredentialsProvider(key, secret, accountId string) AwsLocalCredentialsProvider { + return AwsLocalCredentialsProvider{ + Value: aws.Credentials{ + AccessKeyID: key, + SecretAccessKey: secret, + AccountID: accountId, + SessionToken: "", + CanExpire: false, + }, + } +} + +// Retrieve returns the credentials or error if the credentials are invalid. +func (s AwsLocalCredentialsProvider) Retrieve(_ context.Context) (aws.Credentials, error) { + v := s.Value + if v.AccessKeyID == "" || v.SecretAccessKey == "" { + return aws.Credentials{ + Source: AwsLocalCredentialsName, + }, &AwsLocalCredentialsEmptyError{} + } + + if len(v.Source) == 0 { + v.Source = AwsLocalCredentialsName + } + + return v, nil +} + +func (s AwsLocalCredentialsProvider) IsExpired() bool { + return false +} + +// AwsLocalCredentialsEmptyError is emitted when the AwsLocal credentials are empty. +type AwsLocalCredentialsEmptyError struct{} + +func (*AwsLocalCredentialsEmptyError) Error() string { + return ErrorAwsLocalCredentialsEmpty +} + +func main() { + // build an aws.Credential-compliant configuration + awsCfg := NewDefaultAwsLocalConfig() + + // ... +} +{{< /tab >}} {{< /tabpane >}} ## Resources