awsiamauth

package

v0.13.1 Latest Latest Go to latest Published: Dec 29, 2022 License: Apache-2.0 Imports: 19 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/aws/eks-anywhere

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
func CASecretName(clusterName string) string
func KubeconfigSecretName(clusterName string) string
type HookRegistrar
- func NewHookRegistrar(installer *Installer, spec *cluster.Spec) HookRegistrar
- func (r HookRegistrar) RegisterCreateManagementClusterHooks(binder workflow.HookBinder)
type Installer
- func NewInstaller(certgen crypto.CertificateGenerator, clusterID uuid.UUID, k8s KubernetesClient, ...) *Installer
type KubernetesClient
type TemplateBuilder

Constants ¶

View Source

const (

	// AwsIamAuthConfigMapName is the name of AWS IAM Authenticator configuration.
	AwsIamAuthConfigMapName = "aws-iam-authenticator"

	// AwsAuthConfigMapName is the name of IAM roles and users mapping for AWS IAM Authenticator.
	AwsAuthConfigMapName = "aws-auth"
)

Variables ¶

This section is empty.

Functions ¶

func CASecretName ¶ added in v0.13.0

func CASecretName(clusterName string) string

CASecretName returns the name of AWS IAM Authenticator secret containing the CA for the cluster.

func KubeconfigSecretName ¶ added in v0.13.0

func KubeconfigSecretName(clusterName string) string

KubeconfigSecretName returns the name of the AWS IAM Authenticator kubeconfig secret for the cluster.

Types ¶

type HookRegistrar ¶ added in v0.13.0

type HookRegistrar struct {
	*Installer
	// contains filtered or unexported fields
}

HookRegistrar is responsible for binding AWS IAM Auth hooks to workflows so it can be installed.

func NewHookRegistrar ¶ added in v0.13.0

func NewHookRegistrar(installer *Installer, spec *cluster.Spec) HookRegistrar

NewHookRegistrar creates a HookRegistrar instance.

func (HookRegistrar) RegisterCreateManagementClusterHooks ¶ added in v0.13.0

func (r HookRegistrar) RegisterCreateManagementClusterHooks(binder workflow.HookBinder)

type Installer ¶ added in v0.13.0

type Installer struct {
	// contains filtered or unexported fields
}

Installer provides the necessary behavior for installing the AWS IAM Authenticator.

func NewInstaller ¶ added in v0.13.0

func NewInstaller(
	certgen crypto.CertificateGenerator,
	clusterID uuid.UUID,
	k8s KubernetesClient,
	writer filewriter.FileWriter,
) *Installer

NewInstaller creates a new installer instance.

func (*Installer) CreateAndInstallAWSIAMAuthCASecret ¶ added in v0.13.0

func (i *Installer) CreateAndInstallAWSIAMAuthCASecret(ctx context.Context, managementCluster *types.Cluster, clusterName string) error

CreateAndInstallAWSIAMAuthCASecret creates a Kubernetes Secret in cluster containing a self-signed certificate and key for a cluster identified by clusterName.

func (*Installer) InstallAWSIAMAuth ¶ added in v0.13.0

func (i *Installer) InstallAWSIAMAuth(
	ctx context.Context,
	management, workload *types.Cluster,
	spec *cluster.Spec,
) error

InstallAWSIAMAuth installs AWS IAM Authenticator deployment manifests into the workload cluster. It writes a Kubeconfig to disk for kubectl access using AWS IAM Authentication.

func (*Installer) UpgradeAWSIAMAuth ¶ added in v0.13.0

func (i *Installer) UpgradeAWSIAMAuth(ctx context.Context, cluster *types.Cluster, spec *cluster.Spec) error

UpgradeAWSIAMAuth upgrades an AWS IAM Authenticator deployment in cluster.

type KubernetesClient ¶ added in v0.13.0

type KubernetesClient interface {
	GetApiServerUrl(ctx context.Context, cluster *types.Cluster) (string, error)
	ApplyKubeSpecFromBytes(ctx context.Context, cluster *types.Cluster, data []byte) error
	GetClusterCATlsCert(
		ctx context.Context,
		clusterName string,
		cluster *types.Cluster,
		namespace string,
	) ([]byte, error)
}

KubernetesClient provides Kubernetes API access.

type TemplateBuilder ¶ added in v0.13.0

type TemplateBuilder struct{}

TemplateBuilder generates manifest files from templates.

func (*TemplateBuilder) GenerateCertKeyPairSecret ¶ added in v0.13.0

func (t *TemplateBuilder) GenerateCertKeyPairSecret(certgen crypto.CertificateGenerator, managementClusterName string) ([]byte, error)

GenerateCertKeyPairSecret generates a YAML Kubernetes Secret for deploying the AWS IAM Authenticator.

func (*TemplateBuilder) GenerateKubeconfig ¶ added in v0.13.0

func (t *TemplateBuilder) GenerateKubeconfig(clusterSpec *cluster.Spec, clusterID uuid.UUID, serverURL, tlsCert string) ([]byte, error)

GenerateKubeconfig generates a Kubeconfig in yaml format to authenticate with AWS IAM Authenticator.

func (*TemplateBuilder) GenerateManifest ¶ added in v0.13.0

func (t *TemplateBuilder) GenerateManifest(clusterSpec *cluster.Spec, clusterID uuid.UUID) ([]byte, error)

GenerateManifest generates a YAML Kubernetes manifest for deploying the AWS IAM Authenticator.

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
reconciler
mocks Package mocks is a generated GoMock package.	Package mocks is a generated GoMock package.

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL