googleauth - Module Google::Auth::ExternalAccount::ExternalAccountUtils (v1.15.0)

Reference documentation and code samples for the googleauth module Google::Auth::ExternalAccount::ExternalAccountUtils.

Authenticates requests using External Account credentials, such as those provided by the AWS provider or OIDC provider like Azure, etc.

Methods

#normalize_timestamp

def normalize_timestamp(time) -> Time, nil

Normalizes a timestamp value to a Time object

Parameter
  • time (Time, String, nil) — The timestamp to normalize
Returns
  • (Time, nil) — The normalized timestamp or nil if input is nil
Raises

#project_id

def project_id() -> String, nil

Retrieves the project ID corresponding to the workload identity or workforce pool. For workforce pool credentials, it returns the project ID corresponding to the workforce_pool_user_project. When not determinable, None is returned.

The resource may not have permission (resourcemanager.projects.get) to call this API or the required scopes may not be selected: https://cloud.google.com/resource-manager/reference/rest/v1/projects/get#authorization-scopes

Returns
  • (String, nil) — The project ID corresponding to the workload identity pool or workforce pool if determinable

#project_number

def project_number() -> String, nil

Retrieve the project number corresponding to workload identity pool STS audience pattern: //iam.googleapis.com/projects/$PROJECT_NUMBER/locations/...

Returns
  • (String, nil) — The project number extracted from the audience string, or nil if it cannot be determined

#service_account_email

def service_account_email() -> String, nil

Extracts the service account email from the impersonation URL

Returns
  • (String, nil) — The service account email extracted from the service_account_impersonation_url, or nil if it cannot be determined

Constants

CLOUD_RESOURCE_MANAGER

value: "https://cloudresourcemanager.googleapis.com/v1/projects/".freeze
Cloud resource manager URL used to retrieve project information.