@groovy.transform.CompileStatic class AwsExtension
An extension that is added to terraform source sets.
It aids in the provision of credentials when using Terraform with AWS.
By default, no credentials are passed. However, in this case if
TerraformExtension.useAwsEnvironment was set, then that will be applied.
Calling any authentication setting in this extension will turn that off.
Authentication can be applied to all workspaces or customised to specific workspaces. In addition workspaces
can use assumed role authentication instead. Certain calls will eliminate other previous calls. For instance, if
usePropertiesForAws was called for a specific workspace, and usePropertiesForAssumeRole is then
called for the same workspace then the latter wins. However if usePropertiesForAws was called for a
specific workspace and useAwsCredentialsFromEnvironment is then called, all other workspaces will use
the standard credentials, but the specific workspace will still use the assumed role.
This extension is unique to every source set. If you have multiple source sets you will need to provide the
credentials for each of them.
| Modifiers | Name | Description |
|---|---|---|
static java.lang.String |
NAME |
| Constructor and description |
|---|
AwsExtension
(Project tempProjectReference) |
| Type Params | Return Type | Name and description |
|---|---|---|
|
void |
clearAllCredentials()Removes any credential customisations and reset to a no-credential state. |
|
Provider<SessionCredentials> |
getCredentialsEnvForWorkspace(java.lang.String name = 'default') |
|
boolean |
hasCredentials()Whether credentials were configured. |
|
void |
setSessionNameFactory(java.util.concurrent.Callable<Provider<java.lang.String>> factory)Set a factory for creating session names |
|
void |
useAwsCredentialsFromEnvironment()Sets the default to be to use AWS credentials from the environment and pass as-is to Terraform. |
|
void |
useAwsCredentialsFromEnvironment(java.lang.String workspace)Sets the credentials for a specific workspace to use AWS credentials from the environment and pass as-is to Terraform. |
|
void |
useAwsCredentialsFromEnvironmentForAssumeRole(Action<AssumedRoleSpec> assumedRoleSpec)Obtain a session key for an assumed role. |
|
void |
useAwsCredentialsFromEnvironmentForAssumeRole(java.lang.String workspace, Action<AssumedRoleSpec> assumedRoleSpec)Obtain a session key for an assumed role. |
|
void |
usePropertiesForAssumeRole(java.lang.String accessKeyIdPropertyName, java.lang.String secretPropertyName, Action<AssumedRoleSpec> spec)Obtain a session key for an assume role on all workspaces. |
|
void |
usePropertiesForAssumeRole(java.lang.String workspace, java.lang.String accessKeyIdPropertyName, java.lang.String secretPropertyName, Action<AssumedRoleSpec> spec)Obtain a session key for an assumed role on a specific workspace. |
|
void |
usePropertiesForAssumeRole(Provider<java.lang.String> accessKeyId, Provider<java.lang.String> secret, Action<AssumedRoleSpec> assumedRoleSpec)Obtain a session key for an assume role on all workspaces. |
|
void |
usePropertiesForAssumeRole(java.lang.String workspace, Provider<java.lang.String> accessKeyId, Provider<java.lang.String> secret, Action<AssumedRoleSpec> assumedRoleSpec)Obtain a session key for an assume role on a specific workspace. |
|
void |
usePropertiesForAws(java.lang.String accessKeyIdPropertyName, java.lang.String secretPropertyName)Pass these property values to Terraform to use as authentication for a specific workspace. |
|
void |
usePropertiesForAws(java.lang.String workspace, java.lang.String accessKeyIdPropertyName, java.lang.String secretPropertyName)Pass these property values to Terraform to use as authentication for a specific workspace. |
|
void |
usePropertiesForAws(Provider<java.lang.String> accessKeyId, Provider<java.lang.String> secret)Pass these provider values to Terraform to use as authentication for all workspaces. |
|
void |
usePropertiesForAws(java.lang.String workspace, Provider<java.lang.String> accessKeyId, Provider<java.lang.String> secret)Pass these provider values to Terraform to use as authentication for a specific workspace. |
| Methods inherited from class | Name |
|---|---|
class java.lang.Object |
java.lang.Object#wait(long, int), java.lang.Object#wait(long), java.lang.Object#wait(), java.lang.Object#equals(java.lang.Object), java.lang.Object#toString(), java.lang.Object#hashCode(), java.lang.Object#getClass(), java.lang.Object#notify(), java.lang.Object#notifyAll() |
Removes any credential customisations and reset to a no-credential state.
Whether credentials were configured.
true if credentials were configured.Set a factory for creating session names
factory - A factory the can create session names. Sets the default to be to use AWS credentials from the environment and pass as-is to Terraform.
Sets the credentials for a specific workspace
to use AWS credentials from the environment and pass as-is to Terraform.
THis will replace any assumeRole configuration for the specific workspace.
workspace - Workspace to use.Obtain a session key for an assumed role. Use AWS credentials that are available in the environment This is applied to all workspaces. Calling this will remove any customisation done via usePropertiesForAssumeRole.
assumedRoleSpec - Configure the assumed role details.Obtain a session key for an assumed role. Use AWS credentials that are available in the environment or as system properties or in a credentials file for the mentioned workspace
workspace - Workspace to use credentialsassumedRoleSpec - Configure the assumed role details.Obtain a session key for an assume role on all workspaces. Use the values that are supplied by the following property names. Properties are searched in order of Gradle properties, then system properties and finally environmental variables. For the latter the convention of converting dots to underscores and uppercasing the name is used. Calling this will remove any external influence available via useAwsCredentialsFromEnvironmentForAssumeRole.
accessKeyIdPropertyName - Property name for AWS access key.secretPropertyName - Property name for AWS secret.assumedRoleSpec - Configure the assumed role details.Obtain a session key for an assumed role on a specific workspace. Use the values that are supplied by the following property names. Properties are searched in order of Gradle properties, then system properties and finally environmental variables. For the latter the convention of converting dots to underscores and uppercasing the name is used.
workspace - Workspace to apply this to.accessKeyIdPropertyName - Property name for AWS access key.secretPropertyName - Property name for AWS secret.assumedRoleSpec - Configure the assumed role details.Obtain a session key for an assume role on all workspaces. Use the values that are supplied by the following providers. Calling this will remove any external influence available via useAwsCredentialsFromEnvironmentForAssumeRole.
accessKeyId - Provider for AWS access key.secret - Provider for AWS secret.assumedRoleSpec - Configure the assumed role details.Obtain a session key for an assume role on a specific workspace. Use the values that are supplied by the following providers. Calling this will remove any external influence available via useAwsCredentialsFromEnvironmentForAssumeRole.
workspace - Workspace to apply this to.accessKeyId - Provider for AWS access key.secret - Provider for AWS secret.assumedRoleSpec - Configure the assumed role details. Pass these property values to Terraform to use as authentication for a specific workspace.
Use the values that are supplied by the following property names.
Properties are searched in order of Gradle properties, then system properties and finally
environmental variables. For the latter the convention of converting dots to underscores and uppercasing
the name is used.
Calling this will remove any external influence available via useAwsCredentialsFromEnvironment.
accessKeyIdPropertyName - Property name for AWS access key.secretPropertyName - Property name for AWS secret. Pass these property values to Terraform to use as authentication for a specific workspace.
Use the values that are supplied by the following property names.
Properties are searched in order of Gradle properties, then system properties and finally
environmental variables. For the latter the convention of converting dots to underscores and uppercasing
the name is used.
workspace - Workspace to apply this to.accessKeyIdPropertyName - Property name for AWS access key.secretPropertyName - Property name for AWS secret. Pass these provider values to Terraform to use as authentication for all workspaces.
Use the values that are supplied by the following providers.
Calling this will remove any external influence available via
useAwsCredentialsFromEnvironmentForAssumeRole.
accessKeyId - Provider for AWS access key.secret - Provider for AWS secret. Pass these provider values to Terraform to use as authentication for a specific workspace.
Use the values that are supplied by the following providers.
Calling this will remove any external influence available via
useAwsCredentialsFromEnvironmentForAssumeRole.
workspace - Workspace to apply this to.accessKeyId - Provider for AWS access key.secret - Provider for AWS secret.