Documentation
¶
Index ¶
- func GetAccountId(metaEndPoint string, useRegionalSTS bool, region string) (string, error)
- func GetInstanceTagValue(metaEndPoint, tagKey string) (string, error)
- func GetRunsAsUidGid(opts *sc.Options) (int, int)
- func GetSvcNames(svcs []sc.Service) string
- func InitAccessProfileEnvConfig() (*sc.AccessProfileConfig, error)
- func InitAccessProfileFileConfig(fileName string) (*sc.AccessProfileConfig, error)
- func InitCredsConfig(roleSuffix, accessProfileSeparator string, useRegionalSTS bool, region string) (*sc.ConfigAccount, *sc.AccessProfileConfig, error)
- func InitEnvConfig(config *sc.Config, provider provider.Provider) (*sc.Config, *sc.ConfigAccount, error)
- func InitFileConfig(fileName, metaEndPoint string, useRegionalSTS bool, region, account string, ...) (*sc.Config, *sc.ConfigAccount, error)
- func InitGenericProfileConfig(metaEndPoint, roleSuffix, accessProfileSeparator string, ...) (*sc.Config, *sc.AccessProfileConfig, error)
- func InitProfileConfig(metaEndPoint, roleSuffix, accessProfileSeparator string) (*sc.ConfigAccount, *sc.AccessProfileConfig, error)
- func NewOptions(config *sc.Config, configAccount *sc.ConfigAccount, ...) (*sc.Options, error)
- type MockAWSProvider
- func (tp MockAWSProvider) AttestationData(string, crypto.PrivateKey, *signature.SignatureInfo) (string, error)
- func (tp MockAWSProvider) CloudAttestationData(*provider.AttestationRequest) (string, error)
- func (tp MockAWSProvider) GetAccessManagementProfileFromMeta(string) (string, error)
- func (tp MockAWSProvider) GetAccountDomainServiceFromMeta(string) (string, string, string, error)
- func (tp MockAWSProvider) GetAdditionalSshHostPrincipals(string) (string, error)
- func (tp MockAWSProvider) GetCsrDn() pkix.Name
- func (tp MockAWSProvider) GetEmail(string) []string
- func (tp MockAWSProvider) GetHostname(bool) string
- func (tp MockAWSProvider) GetName() string
- func (tp MockAWSProvider) GetRoleDnsNames(*x509.Certificate, string) []string
- func (tp MockAWSProvider) GetSanDns(string, bool, bool, []string) []string
- func (tp MockAWSProvider) GetSanIp(map[string]bool, []net.IP, ip.Opts) []net.IP
- func (tp MockAWSProvider) GetSanUri(string, ip.Opts, string, string) []*url.URL
- func (tp MockAWSProvider) GetSuffixes() []string
- func (tp MockAWSProvider) PrepareKey(string) (crypto.PrivateKey, error)
- type MockGCPProvider
- func (tp MockGCPProvider) AttestationData(svc string, key crypto.PrivateKey, sigInfo *signature.SignatureInfo) (string, error)
- func (tp MockGCPProvider) CloudAttestationData(*provider.AttestationRequest) (string, error)
- func (tp MockGCPProvider) GetAccessManagementProfileFromMeta(base string) (string, error)
- func (tp MockGCPProvider) GetAccountDomainServiceFromMeta(base string) (string, string, string, error)
- func (tp MockGCPProvider) GetAdditionalSshHostPrincipals(base string) (string, error)
- func (tp MockGCPProvider) GetCsrDn() pkix.Name
- func (tp MockGCPProvider) GetEmail(service string) []string
- func (tp MockGCPProvider) GetHostname(bool) string
- func (tp MockGCPProvider) GetName() string
- func (tp MockGCPProvider) GetRoleDnsNames(cert *x509.Certificate, service string) []string
- func (tp MockGCPProvider) GetSanDns(service string, includeHost bool, wildcard bool, cnames []string) []string
- func (tp MockGCPProvider) GetSanIp(docIp map[string]bool, ips []net.IP, opts ip.Opts) []net.IP
- func (tp MockGCPProvider) GetSanUri(svc string, opts ip.Opts, spiffeTrustDomain, spiffeNamespace string) []*url.URL
- func (tp MockGCPProvider) GetSuffixes() []string
- func (tp MockGCPProvider) PrepareKey(file string) (crypto.PrivateKey, error)
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func GetAccountId ¶
func GetInstanceTagValue ¶
func GetRunsAsUidGid ¶
GetRunsAsUidGid returns the uid/gid that the tool should continue to run as based on the configured setup. For example, if all services have been configured to have the same uid/gid for keys and certs, then the tool can drop its access from root to the specified user. If they're multiple users defined then the return values would be -1/-1
func GetSvcNames ¶
GetSvcNames returns comma separated list of service names
func InitAccessProfileEnvConfig ¶
func InitAccessProfileEnvConfig() (*sc.AccessProfileConfig, error)
func InitAccessProfileFileConfig ¶
func InitAccessProfileFileConfig(fileName string) (*sc.AccessProfileConfig, error)
func InitCredsConfig ¶
func InitCredsConfig(roleSuffix, accessProfileSeparator string, useRegionalSTS bool, region string) (*sc.ConfigAccount, *sc.AccessProfileConfig, error)
func InitEnvConfig ¶
func InitFileConfig ¶
func InitProfileConfig ¶
func InitProfileConfig(metaEndPoint, roleSuffix, accessProfileSeparator string) (*sc.ConfigAccount, *sc.AccessProfileConfig, error)
func NewOptions ¶
Types ¶
type MockAWSProvider ¶
func (MockAWSProvider) AttestationData ¶
func (tp MockAWSProvider) AttestationData(string, crypto.PrivateKey, *signature.SignatureInfo) (string, error)
func (MockAWSProvider) CloudAttestationData ¶
func (tp MockAWSProvider) CloudAttestationData(*provider.AttestationRequest) (string, error)
func (MockAWSProvider) GetAccessManagementProfileFromMeta ¶
func (tp MockAWSProvider) GetAccessManagementProfileFromMeta(string) (string, error)
func (MockAWSProvider) GetAccountDomainServiceFromMeta ¶
func (MockAWSProvider) GetAdditionalSshHostPrincipals ¶ added in v1.11.31
func (tp MockAWSProvider) GetAdditionalSshHostPrincipals(string) (string, error)
func (MockAWSProvider) GetCsrDn ¶
func (tp MockAWSProvider) GetCsrDn() pkix.Name
func (MockAWSProvider) GetEmail ¶
func (tp MockAWSProvider) GetEmail(string) []string
func (MockAWSProvider) GetHostname ¶
func (tp MockAWSProvider) GetHostname(bool) string
GetHostname returns the hostname as per the provider
func (MockAWSProvider) GetName ¶
func (tp MockAWSProvider) GetName() string
GetName returns the name of the current provider
func (MockAWSProvider) GetRoleDnsNames ¶
func (tp MockAWSProvider) GetRoleDnsNames(*x509.Certificate, string) []string
func (MockAWSProvider) GetSuffixes ¶ added in v1.11.54
func (tp MockAWSProvider) GetSuffixes() []string
func (MockAWSProvider) PrepareKey ¶
func (tp MockAWSProvider) PrepareKey(string) (crypto.PrivateKey, error)
type MockGCPProvider ¶
func (MockGCPProvider) AttestationData ¶
func (tp MockGCPProvider) AttestationData(svc string, key crypto.PrivateKey, sigInfo *signature.SignatureInfo) (string, error)
func (MockGCPProvider) CloudAttestationData ¶
func (tp MockGCPProvider) CloudAttestationData(*provider.AttestationRequest) (string, error)
func (MockGCPProvider) GetAccessManagementProfileFromMeta ¶
func (tp MockGCPProvider) GetAccessManagementProfileFromMeta(base string) (string, error)
func (MockGCPProvider) GetAccountDomainServiceFromMeta ¶
func (MockGCPProvider) GetAdditionalSshHostPrincipals ¶ added in v1.11.31
func (tp MockGCPProvider) GetAdditionalSshHostPrincipals(base string) (string, error)
func (MockGCPProvider) GetCsrDn ¶
func (tp MockGCPProvider) GetCsrDn() pkix.Name
func (MockGCPProvider) GetEmail ¶
func (tp MockGCPProvider) GetEmail(service string) []string
func (MockGCPProvider) GetHostname ¶
func (tp MockGCPProvider) GetHostname(bool) string
GetHostname returns the hostname as per the provider
func (MockGCPProvider) GetName ¶
func (tp MockGCPProvider) GetName() string
GetName returns the name of the current provider
func (MockGCPProvider) GetRoleDnsNames ¶
func (tp MockGCPProvider) GetRoleDnsNames(cert *x509.Certificate, service string) []string
func (MockGCPProvider) GetSuffixes ¶ added in v1.11.54
func (tp MockGCPProvider) GetSuffixes() []string
func (MockGCPProvider) PrepareKey ¶
func (tp MockGCPProvider) PrepareKey(file string) (crypto.PrivateKey, error)
Source Files
Click to show internal directories.
Click to hide internal directories.