Documentation
¶
Index ¶
- Constants
- Variables
- func GetTenantID(subscriptionID string, client *http.Client) (string, error)
- func IsFederatedCredentialAlreadyExists(err error) bool
- func IsFederatedCredentialNotFound(err error) bool
- func IsNotFound(err error) bool
- func IsRoleAssignmentAlreadyDeleted(err error) bool
- func IsRoleAssignmentExists(err error) bool
- type AzureClient
- func NewAzureClientWithCLI(env azure.Environment, subscriptionID string, client *http.Client) (*AzureClient, error)
- func NewAzureClientWithClientCertificate(env azure.Environment, subscriptionID, clientID, tenantID string, ...) (*AzureClient, error)
- func NewAzureClientWithClientCertificateFile(env azure.Environment, ...) (*AzureClient, error)
- func NewAzureClientWithClientSecret(env azure.Environment, subscriptionID, clientID, clientSecret, tenantID string, ...) (*AzureClient, error)
- func (c *AzureClient) AddFederatedCredential(ctx context.Context, objectID string, ...) error
- func (c *AzureClient) CreateApplication(ctx context.Context, displayName string) (models.Applicationable, error)
- func (c *AzureClient) CreateRoleAssignment(ctx context.Context, scope, roleName, principalID string) (armauthorization.RoleAssignment, error)
- func (c *AzureClient) CreateServicePrincipal(ctx context.Context, appID string, tags []string) (models.ServicePrincipalable, error)
- func (c *AzureClient) DeleteApplication(ctx context.Context, objectID string) error
- func (c *AzureClient) DeleteFederatedCredential(ctx context.Context, objectID, federatedCredentialID string) error
- func (c *AzureClient) DeleteRoleAssignment(ctx context.Context, roleAssignmentID string) (armauthorization.RoleAssignment, error)
- func (c *AzureClient) DeleteServicePrincipal(ctx context.Context, objectID string) error
- func (c *AzureClient) GetApplication(ctx context.Context, displayName string) (models.Applicationable, error)
- func (c *AzureClient) GetFederatedCredential(ctx context.Context, objectID, issuer, subject string) (models.FederatedIdentityCredentialable, error)
- func (c *AzureClient) GetRoleDefinitionIDByName(ctx context.Context, scope, roleName string) (armauthorization.RoleDefinition, error)
- func (c *AzureClient) GetServicePrincipal(ctx context.Context, displayName string) (models.ServicePrincipalable, error)
- type GraphError
- type Interface
Constants ¶
const ( // GraphErrorCodeResourceNotFound is the error code for resource not found. GraphErrorCodeResourceNotFound = "Request_ResourceNotFound" // GraphErrorCodeMultipleObjectsWithSameKeyValue is the error code for multiple objects with same key value. GraphErrorCodeMultipleObjectsWithSameKeyValue = "Request_MultipleObjectsWithSameKeyValue" )
Variables ¶
var ( // ErrFederatedCredentialNotFound is returned when the federated credential is not found. ErrFederatedCredentialNotFound = errors.New("federated credential not found") )
Functions ¶
func GetTenantID ¶
GetTenantID returns the tenantID for the given subscriptionID The tenantID is parsed from the WWW-Authenticate header of a failed request
func IsFederatedCredentialAlreadyExists ¶ added in v0.7.0
IsFederatedCredentialAlreadyExists returns true if the given error is a federated credential already exists error. E1202 22:40:05.500821 867104 main.go:57] "failed to add federated identity credential" err="code: Request_MultipleObjectsWithSameKeyValue, message: FederatedIdentityCredential with name aramase-default-cred already exists."
func IsFederatedCredentialNotFound ¶ added in v0.7.0
IsFederatedCredentialNotFound returns true if the given error is a federated credential not found error.
func IsNotFound ¶
IsNotFound returns true if the given error is a NotFound error.
func IsRoleAssignmentAlreadyDeleted ¶
IsRoleAssignmentAlreadyDeleted returns true if the given error is a role assignment already deleted error. Ref: https://docs.microsoft.com/en-us/rest/api/authorization/role-assignments/delete#response
func IsRoleAssignmentExists ¶ added in v1.1.0
IsRoleAssignmentExists returns true if the given error is a role assignment already exists error.
Types ¶
type AzureClient ¶
type AzureClient struct {
// contains filtered or unexported fields
}
func NewAzureClientWithCLI ¶
func NewAzureClientWithCLI(env azure.Environment, subscriptionID string, client *http.Client) (*AzureClient, error)
NewAzureClientWithCLI creates an AzureClient configured from Azure CLI 2.0 for local development scenarios.
func NewAzureClientWithClientCertificate ¶
func NewAzureClientWithClientCertificate(env azure.Environment, subscriptionID, clientID, tenantID string, certificate *x509.Certificate, privateKey *rsa.PrivateKey, client *http.Client) (*AzureClient, error)
NewAzureClientWithClientCertificate returns an AzureClient via client_id and jwt certificate assertion
func NewAzureClientWithClientCertificateFile ¶
func NewAzureClientWithClientCertificateFile(env azure.Environment, subscriptionID, clientID, tenantID, certificatePath, privateKeyPath string, client *http.Client) (*AzureClient, error)
NewAzureClientWithClientCertificateFile returns an AzureClient via client_id and jwt certificate assertion
func NewAzureClientWithClientSecret ¶
func NewAzureClientWithClientSecret(env azure.Environment, subscriptionID, clientID, clientSecret, tenantID string, client *http.Client) (*AzureClient, error)
NewAzureClientWithClientSecret returns an AzureClient via client_id and client_secret
func (*AzureClient) AddFederatedCredential ¶
func (c *AzureClient) AddFederatedCredential(ctx context.Context, objectID string, fic models.FederatedIdentityCredentialable) error
AddFederatedCredential adds a federated credential to the cloud provider.
func (*AzureClient) CreateApplication ¶
func (c *AzureClient) CreateApplication(ctx context.Context, displayName string) (models.Applicationable, error)
CreateApplication creates an application.
func (*AzureClient) CreateRoleAssignment ¶
func (c *AzureClient) CreateRoleAssignment(ctx context.Context, scope, roleName, principalID string) (armauthorization.RoleAssignment, error)
CreateRoleAssignment creates a role assignment.
func (*AzureClient) CreateServicePrincipal ¶
func (c *AzureClient) CreateServicePrincipal(ctx context.Context, appID string, tags []string) (models.ServicePrincipalable, error)
CreateServicePrincipal creates a service principal for the given application. No secret or certificate is generated.
func (*AzureClient) DeleteApplication ¶
func (c *AzureClient) DeleteApplication(ctx context.Context, objectID string) error
DeleteApplication deletes an application.
func (*AzureClient) DeleteFederatedCredential ¶
func (c *AzureClient) DeleteFederatedCredential(ctx context.Context, objectID, federatedCredentialID string) error
DeleteFederatedCredential deletes a federated credential from the cloud provider.
func (*AzureClient) DeleteRoleAssignment ¶
func (c *AzureClient) DeleteRoleAssignment(ctx context.Context, roleAssignmentID string) (armauthorization.RoleAssignment, error)
DeleteRoleAssignment deletes a role assignment.
func (*AzureClient) DeleteServicePrincipal ¶
func (c *AzureClient) DeleteServicePrincipal(ctx context.Context, objectID string) error
DeleteServicePrincipal deletes a service principal.
func (*AzureClient) GetApplication ¶
func (c *AzureClient) GetApplication(ctx context.Context, displayName string) (models.Applicationable, error)
GetApplication gets an application by its display name.
func (*AzureClient) GetFederatedCredential ¶
func (c *AzureClient) GetFederatedCredential(ctx context.Context, objectID, issuer, subject string) (models.FederatedIdentityCredentialable, error)
GetFederatedCredential gets a federated credential from the cloud provider.
func (*AzureClient) GetRoleDefinitionIDByName ¶ added in v0.7.0
func (c *AzureClient) GetRoleDefinitionIDByName(ctx context.Context, scope, roleName string) (armauthorization.RoleDefinition, error)
GetRoleDefinitionIDByName returns the role definition ID for the given role name.
func (*AzureClient) GetServicePrincipal ¶
func (c *AzureClient) GetServicePrincipal(ctx context.Context, displayName string) (models.ServicePrincipalable, error)
GetServicePrincipal gets a service principal by its display name.
type GraphError ¶ added in v0.7.0
type GraphError struct {
Errorable odataerrors.MainErrorable
}
GraphError is a custom error type for Graph API errors.
func (GraphError) Error ¶ added in v0.7.0
func (e GraphError) Error() string
Error returns the error message.
type Interface ¶
type Interface interface {
CreateServicePrincipal(ctx context.Context, appID string, tags []string) (models.ServicePrincipalable, error)
CreateApplication(ctx context.Context, displayName string) (models.Applicationable, error)
DeleteServicePrincipal(ctx context.Context, objectID string) error
DeleteApplication(ctx context.Context, objectID string) error
GetServicePrincipal(ctx context.Context, displayName string) (models.ServicePrincipalable, error)
GetApplication(ctx context.Context, displayName string) (models.Applicationable, error)
// Role assignment methods
CreateRoleAssignment(ctx context.Context, scope, roleName, principalID string) (armauthorization.RoleAssignment, error)
DeleteRoleAssignment(ctx context.Context, roleAssignmentID string) (armauthorization.RoleAssignment, error)
// Role definition methods
GetRoleDefinitionIDByName(ctx context.Context, scope, roleName string) (armauthorization.RoleDefinition, error)
// Federation methods
AddFederatedCredential(ctx context.Context, objectID string, fic models.FederatedIdentityCredentialable) error
GetFederatedCredential(ctx context.Context, objectID, issuer, subject string) (models.FederatedIdentityCredentialable, error)
DeleteFederatedCredential(ctx context.Context, objectID, federatedCredentialID string) error
}
Source Files
¶
Directories
¶
| Path | Synopsis |
|---|---|
|
Package mock_cloud is a generated GoMock package.
|
Package mock_cloud is a generated GoMock package. |