awsiamauth

package

v0.14.1 Latest Latest Go to latest Published: Feb 3, 2023 License: Apache-2.0 Imports: 20 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/aws/eks-anywhere

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
func CASecretName(clusterName string) string
func KubeconfigSecretName(clusterName string) string
type HookRegistrar
- func NewHookRegistrar(installer *Installer, spec *cluster.Spec) HookRegistrar
- func (r HookRegistrar) RegisterCreateManagementClusterHooks(binder workflow.HookBinder)
type Installer
- func NewInstaller(certgen crypto.CertificateGenerator, clusterID uuid.UUID, k8s KubernetesClient, ...) *Installer
type KubernetesClient
type TemplateBuilder

Constants ¶

View Source

const (

	// AwsIamAuthConfigMapName is the name of AWS IAM Authenticator configuration.
	AwsIamAuthConfigMapName = "aws-iam-authenticator"

	// AwsAuthConfigMapName is the name of IAM roles and users mapping for AWS IAM Authenticator.
	AwsAuthConfigMapName = "aws-auth"
)

Variables ¶

This section is empty.

Functions ¶

func CASecretName ¶ added in v0.13.0

func CASecretName(clusterName string) string

CASecretName returns the name of AWS IAM Authenticator secret containing the CA for the cluster.

func KubeconfigSecretName ¶ added in v0.13.0

func KubeconfigSecretName(clusterName string) string

KubeconfigSecretName returns the name of the AWS IAM Authenticator kubeconfig secret for the cluster.

Types ¶

type HookRegistrar ¶ added in v0.13.0

type HookRegistrar struct {
	*Installer
	// contains filtered or unexported fields
}

HookRegistrar is responsible for binding AWS IAM Auth hooks to workflows so it can be installed.

func NewHookRegistrar ¶ added in v0.13.0

func NewHookRegistrar(installer *Installer, spec *cluster.Spec) HookRegistrar

NewHookRegistrar creates a HookRegistrar instance.

func (HookRegistrar) RegisterCreateManagementClusterHooks ¶ added in v0.13.0

func (r HookRegistrar) RegisterCreateManagementClusterHooks(binder workflow.HookBinder)

type Installer ¶ added in v0.13.0

type Installer struct {
	// contains filtered or unexported fields
}

Installer provides the necessary behavior for installing the AWS IAM Authenticator.

func NewInstaller ¶ added in v0.13.0

func NewInstaller(
	certgen crypto.CertificateGenerator,
	clusterID uuid.UUID,
	k8s KubernetesClient,
	writer filewriter.FileWriter,
) *Installer

NewInstaller creates a new installer instance.

func (*Installer) CreateAndInstallAWSIAMAuthCASecret ¶ added in v0.13.0

func (i *Installer) CreateAndInstallAWSIAMAuthCASecret(ctx context.Context, managementCluster *types.Cluster, clusterName string) error

CreateAndInstallAWSIAMAuthCASecret creates a Kubernetes Secret in cluster containing a self-signed certificate and key for a cluster identified by clusterName.

func (*Installer) InstallAWSIAMAuth ¶ added in v0.13.0

func (i *Installer) InstallAWSIAMAuth(
	ctx context.Context,
	management, workload *types.Cluster,
	spec *cluster.Spec,
) error

InstallAWSIAMAuth installs AWS IAM Authenticator deployment manifests into the workload cluster. It writes a Kubeconfig to disk for kubectl access using AWS IAM Authentication.

func (*Installer) UpgradeAWSIAMAuth ¶ added in v0.13.0

func (i *Installer) UpgradeAWSIAMAuth(ctx context.Context, cluster *types.Cluster, spec *cluster.Spec) error

UpgradeAWSIAMAuth upgrades an AWS IAM Authenticator deployment in cluster.

type KubernetesClient ¶ added in v0.13.0

type KubernetesClient interface {
	GetApiServerUrl(ctx context.Context, cluster *types.Cluster) (string, error)
	ApplyKubeSpecFromBytes(ctx context.Context, cluster *types.Cluster, data []byte) error
	GetClusterCATlsCert(
		ctx context.Context,
		clusterName string,
		cluster *types.Cluster,
		namespace string,
	) ([]byte, error)
}

KubernetesClient provides Kubernetes API access.

type TemplateBuilder ¶ added in v0.13.0

type TemplateBuilder struct{}

TemplateBuilder generates manifest files from templates.

func (*TemplateBuilder) GenerateCertKeyPairSecret ¶ added in v0.13.0

func (t *TemplateBuilder) GenerateCertKeyPairSecret(certgen crypto.CertificateGenerator, managementClusterName string) ([]byte, error)

GenerateCertKeyPairSecret generates a YAML Kubernetes Secret for deploying the AWS IAM Authenticator.

func (*TemplateBuilder) GenerateKubeconfig ¶ added in v0.13.0

func (t *TemplateBuilder) GenerateKubeconfig(clusterSpec *cluster.Spec, clusterID uuid.UUID, serverURL, tlsCert string) ([]byte, error)

GenerateKubeconfig generates a Kubeconfig in yaml format to authenticate with AWS IAM Authenticator.

func (*TemplateBuilder) GenerateManifest ¶ added in v0.13.0

func (t *TemplateBuilder) GenerateManifest(clusterSpec *cluster.Spec, clusterID uuid.UUID) ([]byte, error)

GenerateManifest generates a YAML Kubernetes manifest for deploying the AWS IAM Authenticator.

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
reconciler
mocks Package mocks is a generated GoMock package.	Package mocks is a generated GoMock package.

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL