Documentation
¶
Index ¶
- Constants
- type Account
- type AddSocketToPolicyRequest
- type ClientResource
- type ClientResources
- type Condition
- type ConditionWhat
- type ConditionWhen
- type ConditionWhere
- type ConditionWho
- type Connector
- type ConnectorData
- type ConnectorList
- type ConnectorLocalData
- type ConnectorPlugin
- type ConnectorPluginRequest
- type ConnectorToken
- type ConnectorTokenRequest
- type ConnectorWithInstallTokenRequest
- type ConnectorWithInstallTokenResponse
- type CreatePolicyRequest
- type Credentials
- type DatabasePermission
- type DatabasePermissions
- type Domain
- type EvaluatePolicyRequest
- type EvaluatePolicyResponse
- type HTTPPermissions
- type KubectlExecNamespace
- type LoginForm
- type LoginRefresh
- type LoginRequest
- type LoginResponse
- type Metadata
- type MfaForm
- type Notification
- type NotificationUpdate
- type Organization
- type Permissions
- type Policy
- type PolicyActionUpdateRequest
- type PolicyData
- type PolicyTest
- type PolicyTestRespone
- type RDPPermissions
- type RegisterForm
- type ResultValue
- type SSHDockerExecPermission
- type SSHExecPermission
- type SSHKubectlExecPermission
- type SSHPermissions
- type SSHSFTPPermission
- type SSHShellPermission
- type SSHTCPForwardingPermission
- type SSHTcpForwardingConnection
- type SessionTokenForm
- type SessionUpdate
- type SignSshOrgCertificateRequest
- type SignSshOrgCertificateResponse
- type Socket
- type SshCsr
- type SwitchOrgRequest
- type SwitchOrgResponse
- type TLSPermissions
- type Token
- type TokenForm
- type Tunnel
- type UpdatePolicyRequest
- type UpdateSessionRequest
- type VNCPermissions
- type VPNPermissions
Constants ¶
View Source
const ( CredentialsTypeUser = "User" CredentialsTypeToken = "Token" )
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type AddSocketToPolicyRequest ¶
type AddSocketToPolicyRequest struct {
Actions []PolicyActionUpdateRequest `json:"actions" binding:"required"`
}
type ClientResource ¶
type ClientResource struct {
IPAddress string `json:"ip_address,omitempty"`
SocketType string `json:"socket_type,omitempty"`
SocketName string `json:"socket_name,omitempty"`
Description string `json:"description,omitempty"`
SocketPorts []int `json:"socket_ports,omitempty"`
Domains []string `json:"domains,omitempty"`
DatabaseType string `json:"database_type,omitempty"`
SshType string `json:"ssh_type,omitempty"`
ConnectorAuthenticationEnabled bool `json:"connector_authentication_enabled,omitempty"`
EndToEndEncryptionEnabled bool `json:"end_to_end_encryption_enabled,omitempty"`
HasUpstreamUsername bool `json:"has_upstream_username,omitempty"`
}
func (ClientResource) DomainsToString ¶
func (c ClientResource) DomainsToString() string
func (ClientResource) FirstDomain ¶
func (c ClientResource) FirstDomain(defaultValue string) string
func (ClientResource) HasDomain ¶
func (c ClientResource) HasDomain(tryToFind string) bool
func (ClientResource) Hostname ¶
func (c ClientResource) Hostname() string
func (ClientResource) Instruction ¶
func (c ClientResource) Instruction() string
type ClientResources ¶
type ClientResources struct {
RefreshHint int `json:"refresh_hint,omitempty"`
Resources []ClientResource `json:"resources,omitempty"`
DefaultIPAddresses []string `json:"ip_addresses,omitempty"`
}
type Condition ¶
type Condition struct {
Who ConditionWho `json:"who,omitempty" mapstructure:"who"`
Where ConditionWhere `json:"where,omitempty" mapstructure:"where"`
When ConditionWhen `json:"when,omitempty" mapstructure:"when"`
}
type ConditionWhat ¶
type ConditionWhat struct{}
type ConditionWhen ¶
type ConditionWhen struct {
After string `json:"after,omitempty" mapstructure:"after"`
Before string `json:"before,omitempty" mapstructure:"before"`
TimeOfDayAfter string `json:"time_of_day_after,omitempty" mapstructure:"time_of_day_after"`
TimeOfDayBefore string `json:"time_of_day_before,omitempty" mapstructure:"time_of_day_before"`
}
type ConditionWhere ¶
type ConditionWho ¶
type ConditionWho struct {
Email []string `json:"email,omitempty" mapstructure:"email"`
Domain []string `json:"domain,omitempty" mapstructure:"domain"`
Group []string `json:"group,omitempty" mapstructure:"group"`
ServiceAccount []string `json:"service_account,omitempty" mapstructure:"service_account"`
}
type Connector ¶
type Connector struct {
Name string `json:"name"`
ConnectorID string `json:"connector_id"`
BuiltInSshServiceEnabled bool `json:"built_in_ssh_service_enabled"`
BuiltInSshServiceConfiguration *service.BuiltInSshServiceConfiguration `json:"built_in_ssh_service_configuration,omitempty"`
Description string `json:"description"`
ActiveTokens int `json:"active_tokens"`
Metadata map[string]interface{} `json:"metadata"`
CreatedAt *time.Time `json:"created_at"`
UpdatedAt *time.Time `json:"updated_at"`
LastSeenAt *time.Time `json:"last_seen_at"`
}
Connector represents a cloud-managed Border0 Connector.
type ConnectorData ¶
type ConnectorData struct {
Name string
Connector string
ProviderEnv string
ProviderType string
ProviderRegion string
Type string
Port int
TargetHostname string
PolicyGroup string
Ec2Tag string
InstanceId string
PluginName string
ManagedBy string
}
func (*ConnectorData) Key ¶
func (c *ConnectorData) Key() string
func (*ConnectorData) Tags ¶
func (c *ConnectorData) Tags() map[string]string
type ConnectorList ¶
type ConnectorList struct {
List []Connector `json:"list"`
}
ConnectorList represents a list of connectors
type ConnectorLocalData ¶
type ConnectorLocalData struct {
UpstreamUsername string
UpstreamPassword string
UpstreamCertFile string
UpstreamKeyFile string
UpstreamCACertFile string
UpstreamCertBlock []byte
UpstreamKeyBlock []byte
UpstreamCACertBlock []byte
UpstreamTLS *bool
UpstreamIdentifyFile string
UpstreamIdentityPrivateKey []byte
SqlAuthProxy bool
RdsIAMAuth bool
AWSRegion string
CloudSQLConnector bool
CloudSQLIAMAuth bool
CloudSQLInstance string
GoogleCredentialsFile string
GoogleCredentialsJSON []byte
SSHServer bool
AWSECSCluster string
AWSECSServices []string
AWSECSTasks []string
AWSECSContainers []string
AwsEC2InstanceId string
AWSEC2InstanceConnectEnabled bool
AwsCredentials *common.AwsCredentials
IsDockerExec bool
DockerContainerNameAllowlist []string
IsKubectlExec bool
K8sNamespaceAllowlist []string
K8sNamespaceSelectorsAllowlist map[string]map[string][]string
K8sMasterUrl string
K8sKubeconfigPath string
IsAwsEks bool
AwsEksCluster string
AzureAD bool
Kerberos bool
// vpn sockets
DHCPPoolSubnet string
AdvertisedRoutes []string
}
type ConnectorPlugin ¶
type ConnectorPlugin struct {
ID string `json:"id"`
Enabled bool `json:"enabled"`
PluginType string `json:"plugin_type"`
Configuration connector.PluginConfiguration `json:"configuration"`
}
ConnectorPlugin represents a plugin for a Border0 Connector.
type ConnectorPluginRequest ¶
type ConnectorPluginRequest struct {
ConnectorId string `json:"connector_id"`
Enabled bool `json:"enabled"`
PluginType string `json:"plugin_type"`
Configuration *connector.PluginConfiguration `json:"configuration"`
}
ConnectorPluginRequest represents a request to create a plugin for a Border0 Connector.
type ConnectorToken ¶
type ConnectorToken struct {
ConnectorName string `json:"connector_name,omitempty"`
Name string `json:"name,omitempty"`
ExpiresAt string `json:"expires_at,omitempty"`
Token string `json:"token,omitempty"`
}
ConnectorToken represents a token for a Border0 Connector.
type ConnectorTokenRequest ¶
type ConnectorTokenRequest struct {
ConnectorId string `json:"connector_id,omitempty"`
Name string `json:"name,omitempty"`
ExpiresAt int64 `json:"expires_at,omitempty"`
}
ConnectorTokenRequest represents a request to create a token for a Border0 Connector.
type ConnectorWithInstallTokenRequest ¶
type ConnectorWithInstallTokenRequest struct {
Connector
InstallToken string `json:"install_token"`
}
ConnectorWithInstallTokenRequest represents a request to create a Border0 connector and connector token with an install token.
type ConnectorWithInstallTokenResponse ¶
type ConnectorWithInstallTokenResponse struct {
Connector Connector `json:"connector"`
ConnectorToken ConnectorToken `json:"connector_token"`
}
ConnectorWithInstallTokenResponse represents a response from the request that created a Border0 connector and connector token with an install token.
type CreatePolicyRequest ¶
type CreatePolicyRequest struct {
Name string `json:"name" binding:"required"`
Description string `json:"description"`
PolicyData PolicyData `json:"policy_data" binding:"required"`
Orgwide bool `json:"org_wide"`
Version string `json:"version"`
}
type Credentials ¶
type Credentials struct {
AccessToken string `json:"access_token"`
ExpiresIn int `json:"expires_in"`
TokenType string `json:"token_type"`
}
func NewCredentials ¶
func NewCredentials(accessToken string, credentialsType string) *Credentials
func (*Credentials) ShouldRefresh ¶
func (a *Credentials) ShouldRefresh() bool
type DatabasePermission ¶
type DatabasePermissions ¶
type DatabasePermissions struct {
AllowedDatabases *[]DatabasePermission `json:"allowed_databases,omitempty"`
MaxSessionDurationSeconds *int `json:"max_session_duration_seconds,omitempty"`
}
type EvaluatePolicyRequest ¶
type EvaluatePolicyResponse ¶
type HTTPPermissions ¶
type HTTPPermissions struct{}
type KubectlExecNamespace ¶
type LoginRefresh ¶
type LoginRefresh struct {
}
type LoginRequest ¶
type LoginResponse ¶
type Notification ¶
type NotificationUpdate ¶
type Organization ¶
type Permissions ¶
type Permissions struct {
Database *DatabasePermissions `json:"database,omitempty"`
SSH *SSHPermissions `json:"ssh,omitempty"`
HTTP *HTTPPermissions `json:"http,omitempty"`
TLS *TLSPermissions `json:"tls,omitempty"`
VNC *VNCPermissions `json:"vnc,omitempty"`
RDP *RDPPermissions `json:"rdp,omitempty"`
VPN *VPNPermissions `json:"vpn,omitempty"`
}
type Policy ¶
type Policy struct {
ID string `json:"id"`
Name string `json:"name"`
Description string `json:"description"`
PolicyData PolicyData `json:"policy_data"`
SocketIDs []string `json:"socket_ids"`
OrgID string `json:"org_id"`
OrgWide bool `json:"org_wide"`
CreatedAt time.Time `json:"created_at"`
Version string `json:"version"`
}
type PolicyData ¶
type PolicyTest ¶
type PolicyTestRespone ¶
type RDPPermissions ¶
type RDPPermissions struct{}
type RegisterForm ¶
type ResultValue ¶
type ResultValue string
const ( ResultSuccess ResultValue = "success" ResultDenied ResultValue = "denied" )
type SSHDockerExecPermission ¶
type SSHDockerExecPermission struct {
AllowedContainers *[]string `json:"allowed_containers,omitempty"`
}
type SSHExecPermission ¶
type SSHExecPermission struct {
Commands *[]string `json:"commands,omitempty"`
}
type SSHKubectlExecPermission ¶
type SSHKubectlExecPermission struct {
AllowedNamespaces *[]KubectlExecNamespace `json:"allowed_namespaces,omitempty"`
}
type SSHPermissions ¶
type SSHPermissions struct {
Shell *SSHShellPermission `json:"shell,omitempty"`
Exec *SSHExecPermission `json:"exec,omitempty"`
SFTP *SSHSFTPPermission `json:"sftp,omitempty"`
TCPForwarding *SSHTCPForwardingPermission `json:"tcp_forwarding,omitempty"`
KubectlExec *SSHKubectlExecPermission `json:"kubectl_exec,omitempty"`
DockerExec *SSHDockerExecPermission `json:"docker_exec,omitempty"`
MaxSessionDurationSeconds *int `json:"max_session_duration_seconds,omitempty"`
AllowedUsernames *[]string `json:"allowed_usernames,omitempty"`
}
type SSHSFTPPermission ¶
type SSHSFTPPermission struct{}
type SSHShellPermission ¶
type SSHShellPermission struct{}
type SSHTCPForwardingPermission ¶
type SSHTCPForwardingPermission struct {
AllowedConnections *[]SSHTcpForwardingConnection `json:"allowed_connections,omitempty"`
}
type SessionTokenForm ¶
type SessionUpdate ¶
type SignSshOrgCertificateResponse ¶
type SignSshOrgCertificateResponse struct {
Certificate string `json:"certificate"`
}
type Socket ¶
type Socket struct {
Tunnels []Tunnel `json:"tunnels,omitempty"`
Username string `json:"user_name,omitempty"`
SocketID string `json:"socket_id,omitempty"`
SocketTcpPorts []int `json:"socket_tcp_ports,omitempty"`
Dnsname string `json:"dnsname,omitempty"`
Name string `json:"name,omitempty"`
Description string `json:"description,omitempty"`
SocketType string `json:"socket_type,omitempty"`
AllowedEmailAddresses []string `json:"cloud_authentication_email_allowed_addressses,omitempty"`
AllowedEmailDomains []string `json:"cloud_authentication_email_allowed_domains,omitempty"`
SSHCa string `json:"ssh_ca,omitempty"`
UpstreamUsername *string `json:"upstream_username,omitempty"`
UpstreamPassword *string `json:"upstream_password,omitempty"`
UpstreamCert *string `json:"upstream_cert,omitempty"`
UpstreamKey *string `json:"upstream_key,omitempty"`
UpstreamCa *string `json:"upstream_ca,omitempty"`
UpstreamHttpHostname *string `json:"upstream_http_hostname,omitempty"`
UpstreamType string `json:"upstream_type,omitempty"`
CloudAuthEnabled bool `json:"cloud_authentication_enabled,omitempty"`
ConnectorAuthenticationEnabled bool `json:"connector_authentication_enabled,omitempty"`
EndToEndEncryptionEnabled bool `json:"end_to_end_encryption_enabled,omitempty"`
RecordingEnabled bool `json:"recording_enabled,omitempty"`
Tags map[string]string `json:"tags,omitempty"`
CustomDomains []string `json:"custom_domains,omitempty"`
PolicyNames []string `json:"policy_names,omitempty"`
Policies []Policy `json:"policies,omitempty"`
OrgCustomDomain string `json:"org_custom_domain,omitempty"`
TargetHostname string `json:"-"`
TargetPort int `json:"-"`
PolicyGroup string `json:"-"`
Ec2Tag string `json:"-"`
InstanceId string `json:"-"`
PluginName string `json:"-"`
ManagedBy string `json:"-"`
ConnectorData *ConnectorData `json:"-"`
ConnectorLocalData *ConnectorLocalData `json:"-"`
IsBorder0Certificate bool `json:"-"`
UpstreamCertFile string `json:"-"`
UpstreamKeyFile string `json:"-"`
UpstreamCACertFile string `json:"-"`
UpstreamIdentifyFile string `json:"-"`
UpstreamTLS *bool `json:"-"`
RdsIAMAuth bool `json:"-"`
AWSRegion string `json:"-"`
CloudSQLConnector bool `json:"-"`
CloudSQLIAMAuth bool `json:"-"`
CloudSQLInstance string `json:"-"`
GoogleCredentialsFile string `json:"-"`
SSHServer bool `json:"-"`
}
func (*Socket) BuildConnectorData ¶
func (*Socket) BuildConnectorDataAndTags ¶
func (*Socket) BuildConnectorDataByTags ¶
func (s *Socket) BuildConnectorDataByTags()
func (*Socket) SanitizeName ¶
func (s *Socket) SanitizeName()
func (*Socket) SetupTypeAndUpstreamTypeByPortOrTags ¶
func (s *Socket) SetupTypeAndUpstreamTypeByPortOrTags()
type SwitchOrgRequest ¶
type SwitchOrgRequest struct {
OrgName string `json:"org_name"`
}
type SwitchOrgResponse ¶
type TLSPermissions ¶
type TLSPermissions struct{}
type UpdatePolicyRequest ¶
type UpdatePolicyRequest struct {
Name *string `json:"name"`
Description *string `json:"description"`
PolicyData *PolicyData `json:"policy_data" binding:"required"`
}
type UpdateSessionRequest ¶
type VNCPermissions ¶
type VNCPermissions struct{}
type VPNPermissions ¶
type VPNPermissions struct{}
Source Files
Click to show internal directories.
Click to hide internal directories.