Documentation
¶
Index ¶
- Constants
- func AssetsByName(assetsByID map[string]*HierarchyNode) map[string]*HierarchyNode
- func FoldersBeneath(folderID string, hierarchyGraph *HierarchyGraph) (map[string]struct{}, error)
- func Merge(assetsA, assetsB map[string]*HierarchyNode) map[string]*HierarchyNode
- type AssetIAM
- type AssetInventory
- type AssetInventoryClient
- func (c *AssetInventoryClient) Buckets(ctx context.Context, organizationID, query string) ([]string, error)
- func (c *AssetInventoryClient) HierarchyAssets(ctx context.Context, organizationID, assetType string) ([]*HierarchyNode, error)
- func (c *AssetInventoryClient) IAM(ctx context.Context, scope, query string) ([]*AssetIAM, error)
- type HierarchyGraph
- type HierarchyNode
- type HierarchyNodeWithChildren
- type IAMCondition
- type MockAssetInventoryClient
- func (m *MockAssetInventoryClient) Buckets(ctx context.Context, organizationID, query string) ([]string, error)
- func (m *MockAssetInventoryClient) HierarchyAssets(ctx context.Context, organizationID, assetType string) ([]*HierarchyNode, error)
- func (m *MockAssetInventoryClient) IAM(ctx context.Context, scope, query string) ([]*AssetIAM, error)
- type Request
Constants ¶
View Source
const ( // Organization Node Type. Organization = "Organization" // Folder Node Type. Folder = "Folder" // Project Node Type. Project = "Project" // Unknown is used when we cannot find an the asset in the GCP hierarchy. // This may indicate that the project/folder was filtered out of the asset inventory results. // The most likely reason for this is that the project/folder was deleted. Unknown = "Unknown" // OrganizationAssetType represent the org asset type used in the cloud resource manager api. OrganizationAssetType = "cloudresourcemanager.googleapis.com/Organization" // FolderAssetType represent the folder asset type used in the cloud resource manager api. FolderAssetType = "cloudresourcemanager.googleapis.com/Folder" // ProjectAssetType represent the project asset type used in the cloud resource manager api. ProjectAssetType = "cloudresourcemanager.googleapis.com/Project" // BucketAssetType represent the bucket asset type used in the cloud resource manager api. BucketAssetType = "storage.googleapis.com/Bucket" )
Variables ¶
This section is empty.
Functions ¶
func AssetsByName ¶
func AssetsByName(assetsByID map[string]*HierarchyNode) map[string]*HierarchyNode
AssetsByName returns a map of assets keyed by asset name.
func FoldersBeneath ¶
func FoldersBeneath(folderID string, hierarchyGraph *HierarchyGraph) (map[string]struct{}, error)
FoldersBeneath tranverses the hierarchy graph to find all folders that are beneath a certain folder.
func Merge ¶
func Merge(assetsA, assetsB map[string]*HierarchyNode) map[string]*HierarchyNode
Merge combines two maps of assets. In the case of collision we use the asset in assetsB.
Types ¶
type AssetIAM ¶
type AssetIAM struct {
// ResourceID is the ID of the resource (e.g. Project ID, Folder ID, Org ID).
ResourceID string
// ResourceType is the type of the resource (e.g. Project, Folder, Org).
ResourceType string
// Member is the IAM membership (e.g. group:my-group@google.com).
Member string
// Role is the role of the IAM binding (e.g. roles/owner).
Role string
// Condition is the condition set on the iam.
Condition *IAMCondition
}
AssetIAM represents the IAM of a GCP resource (e.g binding/policy/membership of GCP Project, Folder, Org).
type AssetInventory ¶
type AssetInventory interface {
// Buckets returns the GCS Buckets matching a given query.
Buckets(ctx context.Context, organizationID, query string) ([]string, error)
// HierarchyAssets returns the projects or folders in a given organization.
HierarchyAssets(ctx context.Context, organizationID, assetType string) ([]*HierarchyNode, error)
// IAM returns all IAM that matches the given query.
IAM(ctx context.Context, scope, query string) ([]*AssetIAM, error)
}
AssetInventory defines the common gcp asset inventory functionality.
type AssetInventoryClient ¶
type AssetInventoryClient struct {
// contains filtered or unexported fields
}
AssetInventoryClient exposes GCP Asset Inventory functionality.
func NewClient ¶
func NewClient(ctx context.Context) (*AssetInventoryClient, error)
NewClient creates a new asset inventory client.
func (*AssetInventoryClient) Buckets ¶
func (c *AssetInventoryClient) Buckets(ctx context.Context, organizationID, query string) ([]string, error)
Buckets returns all GCS Buckets in the organization that matches the given query.
func (*AssetInventoryClient) HierarchyAssets ¶
func (c *AssetInventoryClient) HierarchyAssets(ctx context.Context, organizationID, assetType string) ([]*HierarchyNode, error)
HierarchyAssets returns all GCP Hierarchy Nodes (Folders or Projects) for the given organization.
type HierarchyGraph ¶
type HierarchyGraph struct {
// IDToNodes maps parent node id (e.g. folder or organization) to their children nodes (e.g. folders or projects).
IDToNodes map[string]*HierarchyNodeWithChildren
}
HierarchyGraph represents a complete GCP Resource Hierarchy including a single organization, all of the folders and all of the projects.
func NewHierarchyGraph ¶
func NewHierarchyGraph(organizationID string, folders, projects map[string]*HierarchyNode) (*HierarchyGraph, error)
NewHierarchyGraph builds a complete gcp organization graph representation of the org, its folders, and its projects.
type HierarchyNode ¶
type HierarchyNode struct {
// ID is the unique identifier of the GCP Organization, Folder, or Project
// Example: 123123423423
ID string
// Name is the unique string name of the Organization, Folder, or Project.
// Example: my-project-1234
Name string
// ParentID is the unique identifier of the Folder or Organization this Folder or Project resides in.
ParentID string
// ParentType is the type of the parent node. Either Folder or Organization.
ParentType string
// NodeType is the type of node. Either Folder or Organization or Project
NodeType string
}
HierarchyNode represents a node in the GCP Resource Hierarchy. Example: Organization, Folder, or Project.
type HierarchyNodeWithChildren ¶
type HierarchyNodeWithChildren struct {
*HierarchyNode
// ProjectIDs contains the set of all projects that are immediate children of this node.
ProjectIDs []string
// FolderIDs contains the set of all folders that are immediate children of this node.
FolderIDs []string
}
HierarchyNodeWithChildren represents a node in the GCP Resource Hierarchy and all of its children.
type IAMCondition ¶
type IAMCondition struct {
// Title is the name of the IAM condition.
Title string
// Expression describing when to apply the IAM policy.
Expression string
// Description of the IAM condition.
Description string
}
IAMCondition represents the IAM Condition for an IAM binding.
type MockAssetInventoryClient ¶
type MockAssetInventoryClient struct {
IAMData []*AssetIAM
IAMErr error
BucketsData []string
BucketsErr error
AssetFolderData []*HierarchyNode
AssetProjectData []*HierarchyNode
AssetErr error
}
func (*MockAssetInventoryClient) HierarchyAssets ¶
func (m *MockAssetInventoryClient) HierarchyAssets(ctx context.Context, organizationID, assetType string) ([]*HierarchyNode, error)
Source Files
Click to show internal directories.
Click to hide internal directories.