accountmanager

package

v0.34.0 Latest Latest Go to latest Published: Mar 16, 2023 License: Apache-2.0 Imports: 15 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/Optum/dce

Links

Open Source Insights

Documentation ¶

Index ¶

type NewServiceInput
type Service
- func NewService(input NewServiceInput) (*Service, error)
type ServiceConfig

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type NewServiceInput ¶

type NewServiceInput struct {
	Session  *session.Session
	Sts      stsiface.STSAPI
	Storager common.Storager
	Config   ServiceConfig
}

NewServiceInput are the items needed to create a new service

type Service ¶

type Service struct {
	// contains filtered or unexported fields
}

Service manages account resources

func NewService ¶

func NewService(input NewServiceInput) (*Service, error)

NewService creates a new account manager server

func (*Service) DeletePrincipalAccess ¶

func (s *Service) DeletePrincipalAccess(account *account.Account) error

DeletePrincipalAccess removes all the principal roles and policies

func (*Service) UpsertPrincipalAccess ¶

func (s *Service) UpsertPrincipalAccess(account *account.Account) error

UpsertPrincipalAccess creates roles, policies and updates them as needed

func (*Service) ValidateAccess ¶

func (s *Service) ValidateAccess(role *arn.ARN) error

ValidateAccess creates a new Account instance

type ServiceConfig ¶

type ServiceConfig struct {
	AccountID                   string   `env:"ACCOUNT_ID" envDefault:"111111111111"`
	S3BucketName                string   `env:"ARTIFACTS_BUCKET" envDefault:"DefaultArtifactBucket"`
	S3PolicyKey                 string   `env:"PRINCIPAL_POLICY_S3_KEY" envDefault:"DefaultPrincipalPolicyS3Key"`
	PrincipalIAMDenyTags        []string `env:"PRINCIPAL_IAM_DENY_TAGS" envDefault:"DefaultPrincipalIamDenyTags"`
	PrincipalMaxSessionDuration int64    `env:"PRINCIPAL_MAX_SESSION_DURATION" envDefault:"3600"` // 3600 is the default minimum value
	AllowedRegions              []string `env:"ALLOWED_REGIONS" envDefault:"us-east-1"`
	TagEnvironment              string   `env:"TAG_ENVIRONMENT" envDefault:"DefaultTagEnvironment"`
	TagContact                  string   `env:"TAG_CONTACT" envDefault:"DefaultTagContact"`
	TagAppName                  string   `env:"TAG_APP_NAME" envDefault:"DefaultTagAppName"`
	PrincipalRoleDescription    string   `env:"PRINCIPAL_ROLE_DESCRIPTION" envDefault:"Role for principal users of DCE"`
	PrincipalPolicyDescription  string   `env:"PRINCIPAL_POLICY_DESCRIPTION" envDefault:"Policy for principal users of DCE"`
	// contains filtered or unexported fields
}

ServiceConfig has specific static values for the service configuration

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
accountmanageriface
mocks
mocks

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL