Documentation
¶
Overview ¶
Package irsa implements tester for IAM Roles for Service Accounts (IRSA).
Index ¶
Constants ¶
View Source
const TemplateConfigMap = `` /* 1021-byte string literal not displayed */
TemplateConfigMap is the IRSA config map.
View Source
const TemplateDeploymentScript = `` /* 286-byte string literal not displayed */
TemplateDeploymentScript is the script to run in Deployment.
View Source
const TemplateRole = `` /* 1272-byte string literal not displayed */
TemplateRole is the CloudFormation template for EKS IRSA role.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Config ¶
type Config struct {
Logger *zap.Logger
Stopc chan struct{}
Sig chan os.Signal
EKSConfig *eksconfig.Config
K8SClient k8sClientSetGetter
CFNAPI cloudformationiface.CloudFormationAPI
IAMAPI iamiface.IAMAPI
S3API s3iface.S3API
}
Config defines "Secrets" configuration. ref. https://aws.amazon.com/blogs/opensource/introducing-fine-grained-iam-roles-service-accounts/
type Tester ¶
type Tester interface {
// Create creates "ServiceAccountToken" objects to test IRSA.
Create() error
// Delete deletes "ServiceAccountToken" and Pods.
Delete() error
// AggregateResults aggregates all test results from remote nodes.
// Assumes logs are already downloaded.
AggregateResults() error
}
Tester defines IRSA tester.
Source Files
Click to show internal directories.
Click to hide internal directories.