Documentation ¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type AuthorizerType ¶
type AuthorizerType string
const ( AuthorizerFirstParty AuthorizerType = "resource provider" AuthorizerClusterServicePrincipal AuthorizerType = "cluster" AuthorizerClusterUserAssignedIdentity AuthorizerType = "cluster user assigned identity" AuthorizerWorkloadIdentity AuthorizerType = "platform workload identity" )
type Dynamic ¶
type Dynamic interface { ServicePrincipalValidator ValidateVnet(ctx context.Context, location string, subnets []Subnet, additionalCIDRs ...string) error ValidateSubnets(ctx context.Context, oc *api.OpenShiftCluster, subnets []Subnet) error ValidateDiskEncryptionSets(ctx context.Context, oc *api.OpenShiftCluster) error ValidateEncryptionAtHost(ctx context.Context, oc *api.OpenShiftCluster) error ValidateLoadBalancerProfile(ctx context.Context, oc *api.OpenShiftCluster) error ValidatePreConfiguredNSGs(ctx context.Context, oc *api.OpenShiftCluster, subnets []Subnet) error ValidateClusterUserAssignedIdentity(ctx context.Context, platformIdentities map[string]api.PlatformWorkloadIdentity, roleDefinitions armauthorization.RoleDefinitionsClient) error ValidatePlatformWorkloadIdentityProfile( ctx context.Context, oc *api.OpenShiftCluster, platformWorkloadIdentityRolesByRoleName map[string]api.PlatformWorkloadIdentityRole, roleDefinitions armauthorization.RoleDefinitionsClient, clusterMsiFederatedIdentityCredentials armmsi.FederatedIdentityCredentialsClient, ) error }
Dynamic validate in the operator context.
func NewValidator ¶
func NewValidator( log *logrus.Entry, env env.Interface, azEnv *azureclient.AROEnvironment, subscriptionID string, authorizer autorest.Authorizer, appID *string, authorizerType AuthorizerType, cred azcore.TokenCredential, pdpClient client.RemotePDPClient, ) (Dynamic, error)
type ServicePrincipalValidator ¶
type ServicePrincipalValidator interface {
ValidateServicePrincipal(ctx context.Context, spTokenCredential azcore.TokenCredential) error
}
func NewServicePrincipalValidator ¶
func NewServicePrincipalValidator( log *logrus.Entry, azEnv *azureclient.AROEnvironment, authorizerType AuthorizerType, ) ServicePrincipalValidator
Click to show internal directories.
Click to hide internal directories.