Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
var ErrDuplicateAsset = errors.New("duplicate asset")
Functions ¶
This section is empty.
Types ¶
type Asset ¶
type Asset struct {
Name string `json:"name"`
Type string `json:"asset_type"`
Resource *AssetResource `json:"resource,omitempty"`
IAMPolicy *IAMPolicy `json:"iam_policy,omitempty"`
OrgPolicy []*OrgPolicy `json:"org_policy,omitempty"`
Ancestors []string `json:"ancestors"`
// contains filtered or unexported fields
}
Asset contains the resource data and metadata in the same format as Google CAI (Cloud Asset Inventory).
type AssetResource ¶
type AssetResource struct {
Version string `json:"version"`
DiscoveryDocumentURI string `json:"discovery_document_uri"`
DiscoveryName string `json:"discovery_name"`
Parent string `json:"parent"`
Data map[string]interface{} `json:"data"`
}
AssetResource is nested within the Asset type.
type BooleanPolicy ¶
type BooleanPolicy struct {
Enforced bool `json:"enforced,omitempty"`
}
BooleanPolicy If `true`, then the `Policy` is enforced. If `false`, then any configuration is acceptable.
type Converter ¶
type Converter struct {
// contains filtered or unexported fields
}
Converter knows how to convert terraform resources to their Google CAI (Cloud Asset Inventory) format (the Asset type).
func NewConverter ¶
func NewConverter(cfg *resources.Config, ancestryManager ancestrymanager.AncestryManager, offline bool, convertUnchanged bool, errorLogger *zap.Logger) *Converter
NewConverter is a factory function for Converter.
func (*Converter) AddResourceChanges ¶
func (c *Converter) AddResourceChanges(changes []*tfjson.ResourceChange) error
AddResourceChange processes the resource changes in two stages: 1. Process deletions (fetching canonical resources from GCP as necessary) 2. Process creates, updates, and no-ops (fetching canonical resources from GCP as necessary) This will give us a deterministic end result even in cases where for example an IAM Binding and Member conflict with each other, but one is replacing the other.
type IAMBinding ¶
IAMBinding binds a role to a set of members.
type IAMPolicy ¶
type IAMPolicy struct {
Bindings []IAMBinding `json:"bindings"`
}
IAMPolicy is the representation of a Cloud IAM policy set on a cloud resource.
type ListPolicy ¶
type ListPolicy struct {
AllowedValues []string `json:"allowed_values,omitempty"`
DeniedValues []string `json:"denied_values,omitempty"`
AllValues ListPolicyAllValues `json:"all_values,omitempty"`
SuggestedValue string `json:"suggested_value,omitempty"`
InheritFromParent bool `json:"inherit_from_parent,omitempty"`
}
ListPolicy can define specific values and subtrees of Cloud Resource Manager resource hierarchy (`Organizations`, `Folders`, `Projects`) that are allowed or denied by setting the `allowed_values` and `denied_values` fields.
type ListPolicyAllValues ¶
type ListPolicyAllValues int32
ListPolicyAllValues is used to set `Policies` that apply to all possible configuration values rather than specific values in `allowed_values` or `denied_values`.
type OrgPolicy ¶
type OrgPolicy struct {
Constraint string `json:"constraint,omitempty"`
ListPolicy *ListPolicy `json:"list_policy,omitempty"`
BooleanPolicy *BooleanPolicy `json:"boolean_policy,omitempty"`
RestoreDefault *RestoreDefault `json:"restore_default,omitempty"`
UpdateTime *Timestamp `json:"update_time,omitempty"`
}
OrgPolicy is for managing organization policies.
type RestoreDefault ¶
type RestoreDefault struct {
}
RestoreDefault determines if the default values of the `Constraints` are active for the resources.
Source Files
Directories