pub trait CredentialResolver: Send + Sync {
// Required method
fn resolve(&self, access_key_id: &str) -> Option<ResolvedCredential>;
}Expand description
Abstraction over “given an access key ID, return the secret and resolved
principal.” Implemented by the IAM crate against IamState; the core
crate depends only on the trait so there’s no circular dependency.
Implementations must be cheap to clone-share via Arc and must be
thread-safe — dispatch calls them from an axum handler under a tokio
worker.
Required Methods§
Sourcefn resolve(&self, access_key_id: &str) -> Option<ResolvedCredential>
fn resolve(&self, access_key_id: &str) -> Option<ResolvedCredential>
Resolve access_key_id to its secret access key and principal.
Returns None when the AKID is unknown or its underlying credential
has expired.