Reference documentation and code samples for the googleauth module Google::Auth::ExternalAccount::ExternalAccountUtils.
Authenticates requests using External Account credentials, such as those provided by the AWS provider or OIDC provider like Azure, etc.
Methods
#normalize_timestamp
def normalize_timestamp(time) -> Time, nil
Normalizes a timestamp value to a Time object
- time (Time, String, nil) — The timestamp to normalize
- (Time, nil) — The normalized timestamp or nil if input is nil
- (Google::Auth::CredentialsError) — If the time value is not nil, Time, or String
#project_id
def project_id() -> String, nil
Retrieves the project ID corresponding to the workload identity or workforce pool. For workforce pool credentials, it returns the project ID corresponding to the workforce_pool_user_project. When not determinable, None is returned.
The resource may not have permission (resourcemanager.projects.get) to call this API or the required scopes may not be selected: https://cloud.google.com/resource-manager/reference/rest/v1/projects/get#authorization-scopes
- (String, nil) — The project ID corresponding to the workload identity pool or workforce pool if determinable
#project_number
def project_number() -> String, nil
Retrieve the project number corresponding to workload identity pool
STS audience pattern:
//iam.googleapis.com/projects/$PROJECT_NUMBER/locations/...
- (String, nil) — The project number extracted from the audience string, or nil if it cannot be determined
#service_account_email
def service_account_email() -> String, nil
Extracts the service account email from the impersonation URL
- (String, nil) — The service account email extracted from the service_account_impersonation_url, or nil if it cannot be determined
Constants
CLOUD_RESOURCE_MANAGER
value: "https://cloudresourcemanager.googleapis.com/v1/projects/".freeze
Cloud resource manager URL used to retrieve project information.