ark::aws

Enums

• AuthenticationFlow
  Enumerations of potential authentication mechanisms.

• BatchJobStatus
  An enumeration of various job statuses.

• CloudwatchPutLogResult (int32_t)
  Returned when putting log events to CloudWatch to indicate that you should create the stream and try again.

• LogStreamRequestStatus (int32_t)
  Represents a status coming back from querying a log stream for data.

Typedefs

Defined in “ark/aws/auth_client.hh”:

• using IdentityProviderClientPtr = std::shared_ptr< IdentityProviderClient >

Defined in “ark/aws/forward.hh”:

• using JwksClientPtr = std::shared_ptr< JwksClient >

• using CloudwatchClientPtr = std::shared_ptr< CloudwatchClient >

• using CloudwatchLogsClientPtr = std::shared_ptr< CloudwatchLogsClient >

• using S3ClientPtr = std::shared_ptr< S3Client >

• using KmsClientPtr = std::shared_ptr< KmsClient >

• using EcrClientPtr = std::shared_ptr< EcrClient >

• using StsClientPtr = std::shared_ptr< StsClient >

Defined in “ark/aws/lambda_host.hh”:

• using LambdaFunction = std::function< void()>
  The function signature for code that executes in the lambda.

Defined in “ark/aws/s3client.hh”:

• using S3ProgressCallback = std::function< void(uint64_t)>
  This callback will be invoked periodically while downloading and uploading data, giving you the number of bytes currently transmitted.

Classes

• ark::aws::AuthenticationPlugin
  A simple plugin that will prompt user for username/password to retrieve AWS Credentials via cognito.

• ark::aws::Authenticator
  This class will look for any stored authentication data in the user’s HOME directory.

• ark::aws::AwsInitializationSingleton
  A simple singleton that allows us to transparently handle initializing and tearing down the AWS SDK.

• ark::aws::AwsSrpAuthenticator
  An AWS-specific SRP authenticator. There are some minor differences from the true SRP protocol (near as I can tell) and this abstracts over them.

• ark::aws::BatchClient
  A wrapper around the AWS batch APIs, allowing you to submit jobs and check on their status.

• ark::aws::CloudwatchClient
  A wrapper around AWS CloudWatch client for post metrics.

• ark::aws::CloudwatchLogsClient
  A wrapper around an CloudWatchLogs client allowing you to post logs events to cloudwatch.

• ark::aws::CloudwatchLogsServer
  This class represents a mock AWS CloudwatchLogs server to handle log messages.

• ark::aws::CloudwatchServer
  This class represents a mock AWS CloudWatch server to handle metrics. Posts will be captured and transformed into a MetricsRequest and written to disk at the input root_path location. The purpose of this class is to aid in the testing of posting metrics to CloudWatch.

• ark::aws::CognitoUserPoolServer
  This is a Cognito “user pool” emulator something that allows us to register groups/users/etc against a user pool, useful for integration tests.

• ark::aws::EcrClient
  A wrapper around the AWS ECR APIs to retrieve the authorization token to access the registry.

• ark::aws::EcrServer
  This class represents a mock AWS ECR server, which allows you to create repositories and authenticate.

• ark::aws::IdentityProviderClient
  An identity provider client allows you to talk to an IDP to authenticate, list groups, users, etc, based on what permissions your existing token already has.

• ark::aws::JwksClient
  This class allows you to fetch, maintain, and validate JWT tokens against a JWK set.

• ark::aws::KmsClient
  This is a wrapper around the AWS key management client, and provides facilities for creation of keys, signing data, and downloading public keys.

• ark::aws::KmsServer
  This class represents a mock AWS KMS server, which allows you to generate keys and sign data.

• ark::aws::LambdaHost
  You can use this to host a function this will interact with the AWS lambda APIs to allow you to run a function as a lambda on the AWS architecture.

  See https://docs.aws.amazon.com/lambda/latest/dg/runtimes-api.html for more details.

• ark::aws::S3Client
  A wrapper around an S3 client. Allows you to upload/download files from a bucket.

• ark::aws::S3Server
  This class represents a mock AWS S3 server, which allows you to upload and download content using the standard S3 APIs.

• ark::aws::SqsClient
  This is a wrapper around the AWS simple queue service client, for communication with their queue service.

• ark::aws::SqsServer
  This class represents a mock AWS SQS server, which allows you to receive messages.

• ark::aws::StsClient
  A wrapper around the AWS Security Token Service Client APIs.

• ark::aws::StsServer
  This class represents a mock AWS STS server to hand out fake credentials.

• ark::aws::AuthenticationRequest
  A request to the cloud to initiate an authentication.

• ark::aws::AuthenticationState
  State of authentiation.

• ark::aws::AwsIdentity
  Structure that mirrors the reponse of the STS::GetCallerIdentity request.

• ark::aws::BatchJobDefinitionRegistration

• ark::aws::BatchJobRequest
  A structure that represents details of the job you wish to submit.

• ark::aws::BatchJobRetryCriteria
  This structure allows you to configure retry criteria for a batch job.

• ark::aws::BatchJobState
  Returns the state of the batch job.

• ark::aws::CreateGroupRequest
  Populate this structure to create a new group.

• ark::aws::CreateUserPoolClientRequest
  Request to register a new user pool client.

• ark::aws::CreateUserPoolClientResponse
  A response for creating a user pool client, containing the client ID and secret.

• ark::aws::CredentialsRequest
  A credentials request, turning a JWT “id_token” into a set of AWS credentials. The ‘id_token’ parameter is retrieved through the ‘authenticate’ API.

• ark::aws::DeleteMessageRequest
  A request to delete some number of messages from the remote SQS.

• ark::aws::EcrAuthorizations

• ark::aws::EcrToken
  A structure that represents token for accessing ecr resources.

• ark::aws::IdentityProviderClientConfig
  Configuration values for IdentityProviderClient.

• ark::aws::LogStreamRequest
  A structure that represents details of the stream you wish to query.

• ark::aws::LogStreamResponse
  A structure that is returned from downloading cloudwatch logs, giving you some information about the stream that was downloaded.

• ark::aws::ObjectPolicy
  A policy for uploading files indicates additional settings for the uploaded file.

• ark::aws::ReceiveMessageRequest
  A request to receive a message over the SQS.

• ark::aws::ReceivedMessage
  A message that was received from the remote SQS system.

• ark::aws::S3FileMetadata
  File metadata (such as size, modification time, etc).

• ark::aws::S3ServerConfig
  Configuration for the S3 server.

• ark::aws::S3UploadRequest
  An upload request. Contains all the various pieces of information useful for uploading to S3.

Functions

Declared in “ark/aws/authenticator.hh”:

• AuthenticationConfig get_default_authenticator_config()
  Returns a default authenticator configuration, used for most of our services at the moment.

• AuthenticationConfig get_local_authenticator_config()
  Returns the machine-local authenticator configuration, as saved on disk. If none is present, returns the default authenticator config.

Declared in “ark/aws/batch_client.hh”:

• BatchJobState event_to_job_state(const std::string & event_json)
  Parses the given batch sample event (coming from Event Bridge) into a BatchJobState object. Assumes the event comes directly over the Event Bridge, and is in JSON.

Declared in “ark/aws/configuration.hh”:

• Aws::Client::ClientConfiguration default_client_configuration(const core::Url & endpoint)
  Returns a default configuration to use by all of the constructors.

Declared in “ark/aws/credentials_provider.hh”:

• AwsTemporaryCredentials get_local_credentials(const std::string & creds_file_path, const std::string & profile)
  Query the local system for the aws credentials If creds_file_path is empty, system will default to the default profile in ~/.aws/credentials.

• std::optional< std::shared_ptr< Aws::Auth::AWSCredentialsProvider > > get_cognito_provider(const CredentialProviderConfig & config)
  Retrieve an AWS Credentials provider based on the given configuration Currently only Anon Cognito provider is supported.

• std::optional< AuthenticationProfile > load_local_profile(const std::string & creds_file_path, const std::string & profile_name, const std::string & ark_config_path)
  Query the local system for the aws credentials If creds_file_path is empty, system will default to the default profile in ~/.aws/credentials.

• void save_credentials_profile(const AuthenticationProfile & profile_data, const std::string & creds_file_path, const std::string & ark_config_path, const std::string & aws_config_path, bool set_default_profile)
  Save the profile and credentials.

• std::optional< std::string > load_ark_config_profile(const std::string & ark_config_path)
  Read ark specific configuration from our own config file.

Declared in “ark/aws/ecr_client.hh”:

• void decode_ecr_token(const std::string & token, std::string & username, std::string & password)
  Helper function to decode base64 encoded authorization tokens. The encoded username and password are returned.

Declared in “ark/aws/oauth_client.hh”:

• std::string authenticate_via_oath(ark::core::Url & server_url, const std::string & client_id, const std::string & client_secret, const std::string & scope)
  Authenticates against the given oauth server URL with the given client ID and secret. Returns a JWT access token. This is a remote call and may block.

Declared in “ark/aws/refresh_credentials.hh”:

• std::string try_refresh_credentials()
  Tries to refresh the AWS credentials silently. Returns the JWT access token on success, or an empty string on failure. Logs at a higher verbosity level, so users do not normally see this output.

Declared in “ark/aws/user_pool_helpers.hh”:

• std::pair< std::string, std::string > split_user_pool(const std::string & pool_id)
  Splits up an AWS user pool into a region and pool ID.

• std::string get_user_pool_url(const std::string & pool_id)
  Returns the base identity provider URL for the given user pool.

• std::string get_user_pool_domain(const std::string & pool_id, const std::string & domain_prefix)
  Returns the user pool domain (full) for the given domain prefix, based on the pool ID and prefix.