aws

package

v0.1.6 Latest Latest Go to latest Published: Jan 26, 2022 License: Apache-2.0 Imports: 40 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/Optum/cloudig

Links

Open Source Insights

Documentation ¶

Index ¶

func Contains(ss []string, s string) bool
func NewAthenaTableMetaDataForCloudTrail(location string, regionList []string) *athena.TableMetadata
func NewAuthenticatedSession(region string) (*session.Session, error)
func SdkStringContains(ss []*string, s *string) bool
type APIs
- func NewClient(sess *session.Session) APIs
- func NewClientAsAssumeRole(sess *session.Session, roleARN string) APIs
type AthenaSVC
type Client
type CloudTrailSVC
type ConfigServiceSVC
type EC2SVC
type ECRSVC
type HealthSVC
type IAMSVC
type InspectorSVC
type STSSVC
type TrustedAdvisorSVC

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func Contains ¶

func Contains(ss []string, s string) bool

Contains tells whether slice of strings 'ss' contains string 's'.

func NewAthenaTableMetaDataForCloudTrail ¶

func NewAthenaTableMetaDataForCloudTrail(location string, regionList []string) *athena.TableMetadata

NewAthenaTableMetaDataForCloudTrail creates the metadata for CloudTrail table Returned metadata will not have Name for the table or location of the datasource Note : Sorted by value of Name

func NewAuthenticatedSession ¶

func NewAuthenticatedSession(region string) (*session.Session, error)

NewAuthenticatedSession creates an AWS Session using the credentials from the running environment

func SdkStringContains ¶ added in v0.1.2

func SdkStringContains(ss []*string, s *string) bool

SdkStringContains tells whether slice of pointers of strings 'ss' contains pointer string 's'.

Types ¶

type APIs ¶

type APIs interface {
	EC2SVC
	TrustedAdvisorSVC
	ConfigServiceSVC
	InspectorSVC
	STSSVC
	IAMSVC
	HealthSVC
	ECRSVC
	CloudTrailSVC
	AthenaSVC
}

APIs represent the different API calls available to the AWS client

func NewClient ¶

func NewClient(sess *session.Session) APIs

NewClient creates a Client object that implement all the methods in the APIs interface

func NewClientAsAssumeRole ¶

func NewClientAsAssumeRole(sess *session.Session, roleARN string) APIs

NewClientAsAssumeRole creates a Client object that assumes a role

type AthenaSVC ¶

type AthenaSVC interface {
	GetTableforMetadata(*athena.TableMetadata) (*string, error)
	CreateTableFromMetadata(*athena.TableMetadata) (*string, error)
	RunQuery(tableName, query string) (*athena.ResultSet, error)
	GetTableMetadata(string) (*athena.TableMetadata, error)
}

AthenaSVC is a wrapper for Athena service API calls

type Client ¶

type Client struct {
	EC2            ec2iface.EC2API
	TrustedAdvisor supportiface.SupportAPI
	AWSConfig      configserviceiface.ConfigServiceAPI
	Inspector      inspectoriface.InspectorAPI
	STS            stsiface.STSAPI
	IAM            iamiface.IAMAPI
	Health         healthiface.HealthAPI
	ECR            ecriface.ECRAPI
	CloudTrail     cloudtrailiface.CloudTrailAPI
	Athena         athenaiface.AthenaAPI
}

Client is the client for AWS API operations

func (*Client) CreateTableFromMetadata ¶

func (client *Client) CreateTableFromMetadata(meta *athena.TableMetadata) (*string, error)

CreateTableFromMetadata creates a Athena Table for given metadata and returns a table name in the form <databasename>.<tablename> and an error if there is any. Region is derived from authenticated session

func (*Client) GenerateReport ¶

func (client *Client) GenerateReport(assessmentRunArn string, reportFormat string, reportType string) (string, error)

GenerateReport generates an inspector report for a given assessment run ARN in either PDF or HTML and returns the URL

func (*Client) GetAccountID ¶

func (client *Client) GetAccountID() (string, error)

GetAccountID returns the AccountID associated with the current session

func (*Client) GetECRImageScanFindings ¶ added in v0.1.6

func (client *Client) GetECRImageScanFindings(image *ecr.ImageDetail) map[string]int64

func (*Client) GetECRImagesWithTag ¶

func (client *Client) GetECRImagesWithTag(tag string) (map[string][]*ecr.ImageDetail, error)

GetECRImagesWithTag finds all ECR images with a given tag. If no tag specified, all tagged images are returned

func (*Client) GetFailingTrustedAdvisorCheckResults ¶

func (client *Client) GetFailingTrustedAdvisorCheckResults() (map[*support.TrustedAdvisorCheckDescription]*support.TrustedAdvisorCheckResult, error)

GetFailingTrustedAdvisorCheckResults returns all failing trusted advisor checks with detailed results

func (*Client) GetHealthAffectedEntities ¶

func (client *Client) GetHealthAffectedEntities(arnArr []*string, nextToken *string) (*health.DescribeAffectedEntitiesOutput, error)

GetHealthAffectedEntities returns a list of Health notification events

func (*Client) GetHealthEventDetails ¶

func (client *Client) GetHealthEventDetails(arnArr []*string) (*health.DescribeEventDetailsOutput, error)

GetHealthEventDetails returns a list of Health notification events

func (*Client) GetHealthEvents ¶

func (client *Client) GetHealthEvents(eventFilter *health.EventFilter, nextToken *string) (*health.DescribeEventsOutput, error)

GetHealthEvents returns a list of Health notification events

func (*Client) GetImageInformation ¶

func (client *Client) GetImageInformation(imageIds []string) (*ec2.DescribeImagesOutput, error)

GetImageInformation returns the information about a list of EC2 imageIds

func (*Client) GetInstances ¶

func (client *Client) GetInstances() (*ec2.DescribeInstancesOutput, error)

GetInstances returns a list of EC2 instances and information

func (*Client) GetInstancesByFilters ¶

func (client *Client) GetInstancesByFilters(ec2Filters map[string][]string) (*ec2.DescribeInstancesOutput, error)

GetInstancesByFilters returns all instances that match a list of EC2 filters

func (*Client) GetInstancesMatchingAllTags ¶

func (client *Client) GetInstancesMatchingAllTags(tags map[string]string) (*ec2.DescribeInstancesOutput, error)

GetInstancesMatchingAllTags returns instances that match ALL tags and their respective values in a given list. Ex: "k8s.io/cluster-autoscaler/enabled": "true" AND "terraform": "true"

func (*Client) GetInstancesMatchingAnyTags ¶

func (client *Client) GetInstancesMatchingAnyTags(tags map[string]string) (*ec2.DescribeInstancesOutput, error)

GetInstancesMatchingAnyTags returns instances that match ANY tags and their respective values in a given list. Ex: "k8s.io/cluster-autoscaler/enabled": "true" AND/OR "terraform": "true"

func (*Client) GetMostRecentAssessmentRunInfo ¶

func (client *Client) GetMostRecentAssessmentRunInfo() ([]map[string]string, error)

GetMostRecentAssessmentRunInfo returns the most recent assessment run and target group ARNs for each template

func (*Client) GetNetIAMPermissionsForRoles ¶

func (client *Client) GetNetIAMPermissionsForRoles(roleARNs []string) map[string][]string

GetNetIAMPermissionsForRoles returns the IAM permissions for each role attached via different polices

func (*Client) GetNonComplaintConfigRules ¶

func (client *Client) GetNonComplaintConfigRules() (map[string][]*configservice.EvaluationResult, error)

GetNonComplaintConfigRules returns all the non complaint rules with compliance results

func (*Client) GetResourceGroupTags ¶

func (client *Client) GetResourceGroupTags(assessmentTargetArn string) (map[string]string, error)

GetResourceGroupTags returns the resource group tags for a given assessment target ARN

func (*Client) GetRolesFromTags ¶

func (client *Client) GetRolesFromTags(tags map[string]string) ([]string, error)

GetRolesFromTags returns a list of IAM Roles with tags provided Please note, ListRoles doesn't get the tags - https://github.com/aws/aws-sdk-go/issues/2442 this would mean calling ListRoleTags API for each role to get the tags we call this API in parallel to speed up the overall execution

func (*Client) GetS3LogPrefixForCloudTrail ¶

func (client *Client) GetS3LogPrefixForCloudTrail() (*string, error)

GetS3LogPrefixForCloudTrail retruns a S3Prefix associated with CloudTrail if one available for a region derived from the authenticated session and an error if there is any https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-find-log-files.html

func (*Client) GetTableMetadata ¶

func (client *Client) GetTableMetadata(tableName string) (*athena.TableMetadata, error)

GetTableMetadata is helper function to return the athena table metadata for given table

func (*Client) GetTableforMetadata ¶

func (client *Client) GetTableforMetadata(meta *athena.TableMetadata) (*string, error)

GetTableforMetadata returns a Athena table in the form <databasename>.<tablename> for given metadata and an error if there is any. Region is derived from authenticated session

func (*Client) RunQuery ¶

func (client *Client) RunQuery(tableName, query string) (*athena.ResultSet, error)

RunQuery run the give query on the given table and returns the data and an error if there is any

type CloudTrailSVC ¶

type CloudTrailSVC interface {
	GetS3LogPrefixForCloudTrail() (*string, error)
}

CloudTrailSVC is a wrapper for CloudTrail service API calls

type ConfigServiceSVC ¶

type ConfigServiceSVC interface {
	GetNonComplaintConfigRules() (map[string][]*configservice.EvaluationResult, error)
}

ConfigServiceSVC is a wrapper for ConfigService API calls

type EC2SVC ¶

type EC2SVC interface {
	GetInstances() (*ec2.DescribeInstancesOutput, error)
	GetImageInformation(imageIds []string) (*ec2.DescribeImagesOutput, error)
	GetInstancesMatchingAllTags(tags map[string]string) (*ec2.DescribeInstancesOutput, error)
	GetInstancesMatchingAnyTags(tags map[string]string) (*ec2.DescribeInstancesOutput, error)
	GetInstancesByFilters(ec2Filters map[string][]string) (*ec2.DescribeInstancesOutput, error)
}

EC2SVC is a wrapper for EC2 API calls

type ECRSVC ¶

type ECRSVC interface {
	GetECRImagesWithTag(tag string) (map[string][]*ecr.ImageDetail, error)
	GetECRImageScanFindings(*ecr.ImageDetail) map[string]int64
}

ECRSVC is a wrapper for ECR Image Scan API calls

type HealthSVC ¶

type HealthSVC interface {
	GetHealthEvents(eventFilter *health.EventFilter, nextToken *string) (*health.DescribeEventsOutput, error)
	GetHealthEventDetails(arnArr []*string) (*health.DescribeEventDetailsOutput, error)
	GetHealthAffectedEntities(arnArr []*string, nextToken *string) (*health.DescribeAffectedEntitiesOutput, error)
}

HealthSVC is a wrapper for Support API calls related to Health Notifactions

type IAMSVC ¶

type IAMSVC interface {
	GetRolesFromTags(tags map[string]string) ([]string, error)
	GetNetIAMPermissionsForRoles(roleARNs []string) map[string][]string
}

IAMSVC is a wrapper for IAM API calls

type InspectorSVC ¶

type InspectorSVC interface {
	GenerateReport(assessmentRunArn string, reportFormat string, reportType string) (string, error)
	GetResourceGroupTags(assessmentTargetArn string) (map[string]string, error)
	GetMostRecentAssessmentRunInfo() ([]map[string]string, error)
}

InspectorSVC is a wrapper for Inspector API calls

type STSSVC ¶

type STSSVC interface {
	GetAccountID() (string, error)
}

STSSVC is a wrapper for STS API calls

type TrustedAdvisorSVC ¶

type TrustedAdvisorSVC interface {
	GetFailingTrustedAdvisorCheckResults() (map[*support.TrustedAdvisorCheckDescription]*support.TrustedAdvisorCheckResult, error)
}

TrustedAdvisorSVC is a wrapper for Support API calls related to TrustedAdvisor

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL