iam

package

v1.0.2 Latest Latest Go to latest Published: Jul 17, 2020 License: AGPL-3.0 Imports: 12 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/YaleSpinup/s3-api

Links

Open Source Insights

Documentation ¶

Index ¶

type IAM
- func NewSession(account common.Account) IAM
type PolicyDoc
type PolicyStatement

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type IAM ¶

type IAM struct {
	Service                              iamiface.IAMAPI
	DefaultS3BucketActions               []string
	DefaultS3ObjectActions               []string
	DefaultCloudfrontDistributionActions []string
}

IAM is a wrapper around the aws IAM service with some default config info

func NewSession ¶

func NewSession(account common.Account) IAM

NewSession creates a new IAM session

func (*IAM) AddUserToGroup ¶

func (i *IAM) AddUserToGroup(ctx context.Context, input *iam.AddUserToGroupInput) (*iam.AddUserToGroupOutput, error)

AddUserToGroup adds the existing user to an existing group

func (*IAM) AttachGroupPolicy ¶

func (i *IAM) AttachGroupPolicy(ctx context.Context, input *iam.AttachGroupPolicyInput) (*iam.AttachGroupPolicyOutput, error)

AttachGroupPolicy attaches a policy to a group

func (*IAM) CreateAccessKey ¶

func (i *IAM) CreateAccessKey(ctx context.Context, input *iam.CreateAccessKeyInput) (*iam.CreateAccessKeyOutput, error)

CreateAccessKey creates an access key for an IAM user

func (*IAM) CreateGroup ¶

func (i *IAM) CreateGroup(ctx context.Context, input *iam.CreateGroupInput) (*iam.CreateGroupOutput, error)

CreateGroup handles creating an IAM group

func (*IAM) CreatePolicy ¶

func (i *IAM) CreatePolicy(ctx context.Context, input *iam.CreatePolicyInput) (*iam.CreatePolicyOutput, error)

CreatePolicy handles creating IAM policy

func (*IAM) CreateUser ¶

func (i *IAM) CreateUser(ctx context.Context, input *iam.CreateUserInput) (*iam.CreateUserOutput, error)

CreateUser creates an IAM user

func (*IAM) DefaultBucketAdminPolicy ¶

func (i *IAM) DefaultBucketAdminPolicy(bucket *string) ([]byte, error)

DefaultBucketAdminPolicy generates the default policy statement for s3 buckets

func (*IAM) DefaultWebAdminPolicy ¶ added in v1.0.0

func (i *IAM) DefaultWebAdminPolicy(distributionArn *string) ([]byte, error)

DefaultWebAdminPolicy generates the default policy statement for website admin

func (*IAM) DefaultWebsiteAccessPolicy ¶ added in v0.3.0

func (i *IAM) DefaultWebsiteAccessPolicy(bucket *string) ([]byte, error)

DefaultWebsiteAccessPolicy generated the default website access policy statement for s3 websites

  {
    "Version":"2012-10-17",
    "Statement":[{
	     "Sid":"PublicReadGetObject",
		 "Effect":"Allow",
	     "Principal": "*",
	     "Action":["s3:GetObject"],
	     "Resource":["arn:aws:s3:::example-bucket/*"]
    }]
  }

func (*IAM) DeleteAccessKey ¶

func (i *IAM) DeleteAccessKey(ctx context.Context, input *iam.DeleteAccessKeyInput) (*iam.DeleteAccessKeyOutput, error)

DeleteAccessKey deletes a users access key

func (*IAM) DeleteGroup ¶

func (i *IAM) DeleteGroup(ctx context.Context, input *iam.DeleteGroupInput) (*iam.DeleteGroupOutput, error)

DeleteGroup handles deleting an IAM group

func (*IAM) DeletePolicy ¶

func (i *IAM) DeletePolicy(ctx context.Context, input *iam.DeletePolicyInput) (*iam.DeletePolicyOutput, error)

DeletePolicy handles deleting IAM policy

func (*IAM) DeleteUser ¶

func (i *IAM) DeleteUser(ctx context.Context, input *iam.DeleteUserInput) (*iam.DeleteUserOutput, error)

func (*IAM) DetachGroupPolicy ¶

func (i *IAM) DetachGroupPolicy(ctx context.Context, input *iam.DetachGroupPolicyInput) error

DetachGroupPolicy detaches a policy from a group

func (*IAM) DetachUserPolicy ¶ added in v0.3.2

func (i *IAM) DetachUserPolicy(ctx context.Context, input *iam.DetachUserPolicyInput) error

DetachUserPolicy removes an IAM policy from a user

func (*IAM) GetUser ¶ added in v0.3.2

func (i *IAM) GetUser(ctx context.Context, input *iam.GetUserInput) (*iam.GetUserOutput, error)

GetUser gets the details for an IAM user

func (*IAM) ListAccessKeys ¶

func (i *IAM) ListAccessKeys(ctx context.Context, input *iam.ListAccessKeysInput) ([]*iam.AccessKeyMetadata, error)

ListAccessKeys lists the access keys for a user

func (*IAM) ListGroupPolicies ¶

func (i *IAM) ListGroupPolicies(ctx context.Context, input *iam.ListAttachedGroupPoliciesInput) ([]*iam.AttachedPolicy, error)

ListGroupPolicies lists the policies attached to a group

func (*IAM) ListGroupUsers ¶

func (i *IAM) ListGroupUsers(ctx context.Context, input *iam.GetGroupInput) ([]*iam.User, error)

ListGroupUsers lists the users that belong to a group

func (*IAM) ListPolicies ¶

func (i *IAM) ListPolicies(ctx context.Context, input *iam.ListPoliciesInput) ([]*iam.Policy, error)

ListPolicies lists all policies for an account

func (*IAM) ListUserGroups ¶

func (i *IAM) ListUserGroups(ctx context.Context, input *iam.ListGroupsForUserInput) ([]*iam.Group, error)

ListUserGroups returns a list of groups that a user belongs to

func (*IAM) ListUserPolicies ¶ added in v0.3.2

func (i *IAM) ListUserPolicies(ctx context.Context, input *iam.ListAttachedUserPoliciesInput) ([]*iam.AttachedPolicy, error)

ListUserPolicies lists the attached policies for a user

func (*IAM) RemoveUserFromGroup ¶

func (i *IAM) RemoveUserFromGroup(ctx context.Context, input *iam.RemoveUserFromGroupInput) error

RemoveUserFromGroup removes an existing user from a group

type PolicyDoc ¶

type PolicyDoc struct {
	Version   string
	Statement []PolicyStatement
}

PolicyDoc collects the policy statements

type PolicyStatement ¶

type PolicyStatement struct {
	Effect    string
	Principal string `json:",omitempty"`
	Action    []string
	Resource  []string
}

PolicyStatement is an individual IAM Policy statement

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL