Package org.springframework.vault.authentication

Class AwsIamAuthenticationOptions

java.lang.Object
org.springframework.vault.authentication.AwsIamAuthenticationOptions
public class AwsIamAuthenticationOptions extends Object
Authentication options for AwsIamAuthentication.

Authentication options provide the path, a AwsCredentialsProvider optional role and server name (Vault-AWS-IAM-Server-ID header). AwsIamAuthenticationOptions can be constructed using builder(). Instances of this class are immutable once constructed.

Since:
1.1
Author:
Mark Paluch
See Also:

  • Field Details

  • Method Details

    • builder

      public static AwsIamAuthenticationOptions.AwsIamAuthenticationOptionsBuilder builder()
      Returns:
      a new AwsIamAuthenticationOptions.AwsIamAuthenticationOptionsBuilder.

    • getPath

      public String getPath()
      Returns:
      the path of the aws authentication backend mount.

    • getCredentialsProvider

      public software.amazon.awssdk.auth.credentials.AwsCredentialsProvider getCredentialsProvider()
      Returns:
      the credentials provider to obtain AWS credentials.

    • getRegionProvider

      public software.amazon.awssdk.regions.providers.AwsRegionProvider getRegionProvider()
      Returns:
      the region provider to obtain the AWS region to be used for computing the signature.
      Since:
      3.0

    • getRole

      @Nullable public String getRole()
      Returns:
      the role, may be null if none.

    • getServerId

      @Nullable public String getServerId()
      Returns:
      Server name to mitigate risk of replay attacks, preferably set to Vault server's DNS name, may be null. Used for Vault-AWS-IAM-Server-ID header.
      Since:
      2.0

    • getEndpointUri

      public URI getEndpointUri()
      Returns:
      STS server URI.