deployment

package
v0.25.3 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 3, 2025 License: MIT Imports: 16 Imported by: 0

Documentation

Overview

Package deployment contains the types and methods for managing the deployment of an Azure management group hierarchy using the supplied Alzlib.

Index

Constants

View Source 
const (
	ManagementGroupIdFmt     = "/providers/Microsoft.Management/managementGroups/%s"
	PolicyAssignmentIdFmt    = "/providers/Microsoft.Management/managementGroups/%s/providers/Microsoft.Authorization/policyAssignments/%s"
	PolicyDefinitionIdFmt    = "/providers/Microsoft.Management/managementGroups/%s/providers/Microsoft.Authorization/policyDefinitions/%s"
	PolicySetDefinitionIdFmt = "/providers/Microsoft.Management/managementGroups/%s/providers/Microsoft.Authorization/policySetDefinitions/%s"
	RoleDefinitionIdFmt      = "/providers/Microsoft.Management/managementGroups/%s/providers/Microsoft.Authorization/roleDefinitions/%s"
)

Variables

This section is empty.

Functions

This section is empty.

Types

type Hierarchy 

type Hierarchy struct {
	// contains filtered or unexported fields
}

Hierarchy represents a deployment of Azure management group hierarchy. Do not create this struct directly, use NewHierarchy instead.

func NewHierarchy 

func NewHierarchy(alzlib *alzlib.AlzLib) *Hierarchy

NewHierarchy creates a new Hierarchy with the given AlzLib.

func (*Hierarchy) AddDefaultPolicyAssignmentValue added in v0.19.0 

func (h *Hierarchy) AddDefaultPolicyAssignmentValue(ctx context.Context, defaultName string, defaultValue *armpolicy.ParameterValuesValue) error

AddDefaultPolicyAssignmentValue adds a default policy assignment value to the hierarchy.

func (*Hierarchy) FromArchitecture 

func (h *Hierarchy) FromArchitecture(ctx context.Context, arch, externalParentId, location string) error

FromArchitecture creates a hierarchy from the given architecture.

func (*Hierarchy) ManagementGroup 

func (h *Hierarchy) ManagementGroup(name string) *HierarchyManagementGroup

ManagementGroup returns the management group with the given name.

func (*Hierarchy) ManagementGroupNames 

func (h *Hierarchy) ManagementGroupNames() []string

ManagementGroupNames returns the management group names as a slice of string.

func (*Hierarchy) ManagementGroupsAtLevel 

func (h *Hierarchy) ManagementGroupsAtLevel(level int) map[string]*HierarchyManagementGroup

ManagementGroups returns the management groups from the given level as a map of string to *HierarchyManagementGroup.

func (*Hierarchy) PolicyRoleAssignments 

func (h *Hierarchy) PolicyRoleAssignments(ctx context.Context) (mapset.Set[PolicyRoleAssignment], error)

PolicyAssignments returns the policy assignments required for the hierarchy. This error returned bay be a PolicyAssignmentErrors, which contains a slice of errors. This is so that callers can choose to issue a warning here instead of halting the process.

type HierarchyManagementGroup 

type HierarchyManagementGroup struct {
	// contains filtered or unexported fields
}

HierarchyManagementGroup represents an Azure Management Group within a hierarchy, with links to parent and children.

func (*HierarchyManagementGroup) Children 

func (alzmg *HierarchyManagementGroup) Children() []*HierarchyManagementGroup

Children returns the children of the management group.

func (*HierarchyManagementGroup) DisplayName 

func (mg *HierarchyManagementGroup) DisplayName() string

DisplayName returns the display name of the management group.

func (*HierarchyManagementGroup) Exists added in v0.15.0 

func (mg *HierarchyManagementGroup) Exists() bool

Exists returns a bool value depending on whether the management group exists.

func (*HierarchyManagementGroup) HasParent 

func (mg *HierarchyManagementGroup) HasParent(id string) bool

HasParent returns a bool value depending on whether the management group has a given parent. Only works for internal parents.

func (*HierarchyManagementGroup) Level added in v0.15.0 

func (mg *HierarchyManagementGroup) Level() int

Level returns the level of the management group in the hierarchy.

func (*HierarchyManagementGroup) Location added in v0.15.0 

func (mg *HierarchyManagementGroup) Location() string

Location returns the default location to use for artifacts in the management group.

func (HierarchyManagementGroup) MarshalJSON added in v0.20.0 

func (mg HierarchyManagementGroup) MarshalJSON() ([]byte, error)

func (*HierarchyManagementGroup) ModifyPolicyAssignment 

func (alzmg *HierarchyManagementGroup) ModifyPolicyAssignment(
	name string,
	parameters map[string]*armpolicy.ParameterValuesValue,
	enforcementMode *armpolicy.EnforcementMode,
	nonComplianceMessages []*armpolicy.NonComplianceMessage,
	identity *armpolicy.Identity,
	resourceSelectors []*armpolicy.ResourceSelector,
	overrides []*armpolicy.Override,
) error

ModifyPolicyAssignment modifies an existing policy assignment in the management group. It will deep merge the supplied assignments with the existing assignments.

func (*HierarchyManagementGroup) Name 

func (mg *HierarchyManagementGroup) Name() string

Name returns the name/id of the management group.

func (*HierarchyManagementGroup) Parent 

func (mg *HierarchyManagementGroup) Parent() *HierarchyManagementGroup

Parent returns parent *AlzManagementGroup. If the parent is external, the result will be nil.

func (*HierarchyManagementGroup) ParentId 

func (mg *HierarchyManagementGroup) ParentId() string

ParentId returns the ID of the parent management group. If the parent is external, this will be preferred. If neither are set an empty string is returned (though this should never happen).

func (*HierarchyManagementGroup) ParentIsExternal 

func (mg *HierarchyManagementGroup) ParentIsExternal() bool

ParentIsExternal returns a bool value depending on whether the parent MG is external or not.

func (*HierarchyManagementGroup) PolicyAssignmentMap 

func (mg *HierarchyManagementGroup) PolicyAssignmentMap() map[string]*assets.PolicyAssignment

PolicyAssignmentMap returns a copy of the policy assignments map.

func (*HierarchyManagementGroup) PolicyDefinitionsMap 

func (mg *HierarchyManagementGroup) PolicyDefinitionsMap() map[string]*assets.PolicyDefinition

PolicyDefinitionsMap returns a copy of the policy definitions map.

func (*HierarchyManagementGroup) PolicySetDefinitionsMap 

func (mg *HierarchyManagementGroup) PolicySetDefinitionsMap() map[string]*assets.PolicySetDefinition

PolicySetDefinitionsMap returns a copy of the policy definitions map.

func (*HierarchyManagementGroup) ResourceId 

func (mg *HierarchyManagementGroup) ResourceId() string

ResourceId returns the resource ID of the management group.

func (*HierarchyManagementGroup) RoleDefinitionsMap 

func (alzmg *HierarchyManagementGroup) RoleDefinitionsMap() map[string]*assets.RoleDefinition

RoleDefinitionsMap returns a copy of the role definitions map.

type PolicyRoleAssignment 

type PolicyRoleAssignment struct {
	RoleDefinitionId  string `json:"role_definition_id,omitempty"`
	Scope             string `json:"scope,omitempty"`
	AssignmentName    string `json:"assignment_name,omitempty"`
	ManagementGroupId string `json:"management_group_id,omitempty"`
}

PolicyRoleAssignment represents the role assignments that need to be created for a management group. Since we could be using system assigned identities, we don't know the principal ID until after the deployment. Therefore this data can be used to create the role assignments after the deployment.

type PolicyRoleAssignmentError added in v0.23.1 

type PolicyRoleAssignmentError struct {
	// contains filtered or unexported fields
}

PolicyRoleAssignmentError represents an error that occurred while generating a role assignment for a policy assignment.

func NewPolicyRoleAssignmentError added in v0.23.1 

func NewPolicyRoleAssignmentError(assignmentName string, assignmentScope string, defParameterName string, pdref string, roleDefinitionIds []string, innerError error) *PolicyRoleAssignmentError

func (*PolicyRoleAssignmentError) Error added in v0.23.1 

func (e *PolicyRoleAssignmentError) Error() string

Error implements the error interface.

func (*PolicyRoleAssignmentError) Unwrap added in v0.24.0 

func (e *PolicyRoleAssignmentError) Unwrap() error

type PolicyRoleAssignmentErrors added in v0.23.1 

type PolicyRoleAssignmentErrors struct {
	// contains filtered or unexported fields
}

PolicyRoleAssignmentErrors represents a collection of PolicyRoleAssignmentError. It can be used by the caller to emit a warning rather than halt execution.

func NewPolicyRoleAssignmentErrors added in v0.23.1 

func NewPolicyRoleAssignmentErrors() *PolicyRoleAssignmentErrors

func (*PolicyRoleAssignmentErrors) Add added in v0.23.1 

func (e *PolicyRoleAssignmentErrors) Add(err ...*PolicyRoleAssignmentError)

Add adds one or more PolicyRoleAssignmentError to the collection.

func (*PolicyRoleAssignmentErrors) Error added in v0.23.1 

func (e *PolicyRoleAssignmentErrors) Error() string

Error implements the error interface.

func (*PolicyRoleAssignmentErrors) Errors added in v0.23.1 

func (e *PolicyRoleAssignmentErrors) Errors() []*PolicyRoleAssignmentError

Errors returns the collection of PolicyRoleAssignmentError.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.