Class AwsIamAuthenticationOptions
java.lang.Object
org.springframework.vault.authentication.AwsIamAuthenticationOptions
Authentication options for
AwsIamAuthentication
.
Authentication options provide the path, a AwsCredentialsProvider
optional role
and server name (Vault-AWS-IAM-Server-ID header).
AwsIamAuthenticationOptions
can be constructed using builder()
.
Instances of this class are immutable once constructed.
- Since:
- 1.1
- Author:
- Mark Paluch
- See Also:
-
Nested Class Summary
-
Field Summary
-
Method Summary
-
Field Details
-
DEFAULT_AWS_AUTHENTICATION_PATH
- See Also:
-
-
Method Details
-
builder
- Returns:
- a new
AwsIamAuthenticationOptions.AwsIamAuthenticationOptionsBuilder
.
-
getPath
- Returns:
- the path of the aws authentication backend mount.
-
getCredentialsProvider
public software.amazon.awssdk.auth.credentials.AwsCredentialsProvider getCredentialsProvider()- Returns:
- the credentials provider to obtain AWS credentials.
-
getRegionProvider
public software.amazon.awssdk.regions.providers.AwsRegionProvider getRegionProvider()- Returns:
- the region provider to obtain the AWS region to be used for computing the signature.
- Since:
- 3.0
-
getRole
- Returns:
- the role, may be null if none.
-
getServerId
- Returns:
- Server name to mitigate risk of replay attacks, preferably set to Vault server's DNS name, may be null. Used for Vault-AWS-IAM-Server-ID header.
- Since:
- 2.0
-
getServerName
Deprecated.since 2.0, renamed togetServerId()
.- Returns:
- Server name to mitigate risk of replay attacks, preferably set to Vault server's DNS name, may be null.
-
getEndpointUri
- Returns:
- STS server URI.
-
getServerId()
.