service

package
v1.4.58 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Nov 18, 2024 License: Apache-2.0 Imports: 13 Imported by: 2

Documentation

Index

Constants

View Source 
const (
	// ServiceTypeDatabase is the service type for database services (fka sockets).
	ServiceTypeDatabase = "database"

	// ServiceTypeHttp is the service type for http services (fka sockets).
	ServiceTypeHttp = "http"

	// ServiceTypeSsh is the service type for ssh services (fka sockets).
	ServiceTypeSsh = "ssh"

	// ServiceTypeTls is the service type for tls services (fka sockets).
	ServiceTypeTls = "tls"

	// ServiceTypeVnc is the service type for vnc services (fka sockets).
	ServiceTypeVnc = "vnc"

	// ServiceTypeVpn is the service type for vpn services (fka sockets).
	ServiceTypeVpn = "vpn"

	// ServiceTypeRdp is the service type for rdp services (fka sockets).
	ServiceTypeRdp = "rdp"

	// ServiceTypeKubernetes is the service type for kubernetes services (fka sockets).
	ServiceTypeKubernetes = "kubernetes"

	// ServiceTypeSubnetRoutes is the service type for subnet routes services (fka sockets).
	ServiceTypeSubnetRoutes = "subnet_routes"
)
View Source 
const (
	DatabaseServiceTypeStandard    = "standard"     // standard MySQL or PostgreSQL, supports TLS and password auth
	DatabaseServiceTypeAwsRds      = "aws_rds"      // AWS RDS database, supports IAM and password auth
	DatabaseServiceTypeGcpCloudSql = "gcp_cloudsql" // Google Cloud SQL database, supports IAM, TLS and password auth
	DatabaseServiceTypeAzureSql    = "azure_sql"    // Azure SQL database, supports SQL authentication, azure password auth
	DatabaseServiceTypeSnowflake   = "snowflake"    // Snowflake databases
)

Database service types supported by Border0. Choose `standard` for self-managed databases. Use `aws_rds` for AWS RDS databases, and select `gcp_cloudsql` for Google Cloud SQL databases.

View Source 
const (
	// DatabaseProtocolTypeMySql is the database service protocol for mysql databases.
	DatabaseProtocolMySql = "mysql"

	// DatabaseServiceTypePostgres is the database service protocol for postgresql databases.
	DatabaseProtocolPostgres = "postgres"

	// DatabaseProtocolTypeMSSql is the database service protocol for mssql databases.
	DatabaseProtocolSqlserver = "mssql"
)
View Source 
const (
	// DatabaseAuthenticationTypeIam is the authentication type for databases
	// that use IAM credentials for authentication.
	DatabaseAuthenticationTypeIam = "iam"

	// DatabaseAuthenticationTypeTls is the authentication type for databases
	// that use TLS certificates for authentication. When using this type of
	// authentication, the client must provide a TLS certificate and a TLS key.
	DatabaseAuthenticationTypeTls = "tls"

	// DatabaseAuthenticationTypeUsernameAndPassword is the authentication type
	// for databases that use username and password for authentication.
	DatabaseAuthenticationTypeUsernameAndPassword = "username_and_password"

	// DatabaseAuthenticationTypeSqlAuthentication is the authentication type
	// for databases that use SQL authentication for authentication.
	DatabaseAuthenticationTypeSqlAuthentication = "sql_authentication"

	// DatabaseAuthenticationTypeAzureADPassword is the authentication type
	// for databases that use Azure Active Directory with password for authentication.
	DatabaseAuthenticationTypeAzureADPassword = "azure_active_directory_password"

	// DatabaseAuthenticationTypeAzureADIntegrated is the authentication type
	// for databases that use Azure Active Directory Integrated for authentication.
	DatabaseAuthenticationTypeAzureADIntegrated = "azure_active_directory_integrated"

	// DatabaseAuthenticationTypeKerberos is the authentication type
	// for databases that use kerberos for authentication.
	DatabaseAuthenticationTypeKerberos = "kerberos"
)
View Source 
const (
	// HttpServiceTypeStandard is the http
	// service type for standard http services.
	HttpServiceTypeStandard = "standard"

	// HttpServiceTypeConnectorFileServer is the http service
	// type for the connector's built-in file webserver.
	HttpServiceTypeConnectorFileServer = "connector_file_server"
)
View Source 
const (
	KubernetesServiceTypeStandard = "standard"
	KubernetesServiceTypeAwsEks   = "aws_eks"
)

Kubernetes service types supported by Border0. Choose `standard` for self-managed kubernetes clusters or `aws_eks` for AWS EKS clusters.

View Source 
const (
	// SshServiceTypeStandard is the ssh
	// service type for standard ssh services.
	SshServiceTypeStandard = "standard"

	// SshServiceTypeAwsSsm is the ssh service
	// type for aws session manager ssh services.
	SshServiceTypeAwsSsm = "aws_ssm"

	// SshServiceTypeAwsEc2InstanceConnect is the ssh service
	// type for aws ec2 instance connect ssh services.
	SshServiceTypeAwsEc2InstanceConnect = "aws_ec2_instance_connect"

	// SshServiceTypeKubectlExec is the ssh service
	// type for kubectl exec ssh services.
	SshServiceTypeKubectlExec = "kubectl_exec"

	// SshServiceTypeDockerExec is the ssh service
	// type for docker exec ssh services.
	SshServiceTypeDockerExec = "docker_exec"

	// SshServiceTypeConnectorBuiltIn is the ssh service
	// type for the connector's built-in ssh service.
	SshServiceTypeConnectorBuiltIn = "connector_built_in_ssh_service"
)
View Source 
const (
	// SsmTargetTypeEc2 is the ssm target type for ec2 targets.
	SsmTargetTypeEc2 = "ec2"

	// SsmTargetTypeEcs is the ssm target type for ecs targets.
	SsmTargetTypeEcs = "ecs"
)
View Source 
const (
	// KubectlExecTargetTypeStandard is the kubectl
	// exec target type for standard k8s clusters.
	KubectlExecTargetTypeStandard = "standard"

	// KubectlExecTargetTypeAwsEks is the kubectl
	// exec target type for aws eks k8s clusters.
	KubectlExecTargetTypeAwsEks = "aws_eks"
)
View Source 
const (
	// StandardSshServiceAuthenticationTypeUsernameAndPassword is the standard ssh
	// service authentication type for authenticating with a username and password.
	StandardSshServiceAuthenticationTypeUsernameAndPassword = "username_and_password"

	// StandardSshServiceAuthenticationTypePrivateKey is the standard ssh
	// service authentication type for authenticating with a private key.
	StandardSshServiceAuthenticationTypePrivateKey = "private_key"

	// StandardSshServiceAuthenticationTypeBorder0Certificate is the standard ssh
	// service authentication type for authenticating with a border0-signed certificate.
	StandardSshServiceAuthenticationTypeBorder0Certificate = "border0_certificate"
)
View Source 
const (
	// UsernameProviderDefined is the username provider
	// option for using an admin-defined (static) username.
	UsernameProviderDefined = "defined"

	// UsernameProviderPromptClient is username provider option
	// for prompting connecting clients for the username.
	UsernameProviderPromptClient = "prompt_client"

	// UsernameProviderUseConnectorUser is username provider
	// option for using the connector's OS username.
	//
	// NOTE: This option can only be used as the username
	// provider for connector built-in ssh services.
	UsernameProviderUseConnectorUser = "use_connector_user"
)
View Source 
const (
	// TlsServiceTypeStandard is the tls
	// service type for standard tls services.
	TlsServiceTypeStandard = "standard"

	// TlsServiceTypeVpn is the tls service
	// type for the connector's built-in vpn.
	TlsServiceTypeVpn = "vpn"

	// TlsServiceTypeHttpProxy is the tls service type
	// for the connector's built-in http (forward) proxy.
	TlsServiceTypeHttpProxy = "http_proxy"
)

Variables

This section is empty.

Functions

This section is empty.

Types

type AwsEc2ICSshServiceConfiguration 

type AwsEc2ICSshServiceConfiguration struct {
	HostnameAndPort
	UsernameProvider  string                 `json:"username_provider,omitempty"`
	Username          string                 `json:"username,omitempty"`
	Ec2InstanceId     string                 `json:"ec2_instance_id"`
	Ec2InstanceRegion string                 `json:"ec2_instance_region"`
	AwsCredentials    *common.AwsCredentials `json:"aws_credentials,omitempty"`
}

AwsEc2ICSshServiceConfiguration represents service configuration for aws ec2 instance connect ssh services (fka sockets).

func (*AwsEc2ICSshServiceConfiguration) Validate added in v1.3.3 

func (c *AwsEc2ICSshServiceConfiguration) Validate() error

Validate validates the AwsEc2ICSshServiceConfiguration.

type AwsEksKubectlExecTargetConfiguration added in v1.4.0 

type AwsEksKubectlExecTargetConfiguration struct {
	EksClusterName   string                 `json:"eks_cluster_name"`
	EksClusterRegion string                 `json:"eks_cluster_region"`
	AwsCredentials   *common.AwsCredentials `json:"aws_credentials,omitempty"`
}

AwsEksKubectlExecTargetConfiguration represents service configuration for aws eks kubectl exec ssh services (fka sockets).

func (*AwsEksKubectlExecTargetConfiguration) Validate added in v1.4.0 

func (c *AwsEksKubectlExecTargetConfiguration) Validate() error

Validate validates a AwsEksKubectlExecTargetConfiguration.

type AwsEksKubernetesServiceConfiguration added in v1.4.42 

type AwsEksKubernetesServiceConfiguration struct {
	EksClusterName   string                 `json:"eks_cluster_name"`
	EksClusterRegion string                 `json:"eks_cluster_region"`
	AwsCredentials   *common.AwsCredentials `json:"aws_credentials,omitempty"`
}

AwsEksKubernetesServiceConfiguration represents service configuration for aws eks kubernetes services (fka sockets).

func (*AwsEksKubernetesServiceConfiguration) Validate added in v1.4.42 

func (c *AwsEksKubernetesServiceConfiguration) Validate() error

Validate validates the AwsEksKubernetesServiceConfiguration.

type AwsRdsDatabaseServiceConfiguration 

type AwsRdsDatabaseServiceConfiguration struct {
	HostnameAndPort

	DatabaseProtocol   string `json:"protocol"`
	AuthenticationType string `json:"authentication_type"`

	UsernameAndPasswordAuth *AwsRdsUsernameAndPasswordAuthConfiguration `json:"username_and_password_auth_configuration,omitempty"`
	IamAuth                 *AwsRdsIamAuthConfiguration                 `json:"iam_auth_configuration,omitempty"`
}

AwsRdsDatabaseServiceConfiguration represents service configuration for AWS RDS databases. AWS RDS databases are cloud managed MySQL or PostgreSQL databases.

Supported database protocols are: `mysql` and `postgres`. For upstream authentication, supported auth types are: `username_password` and `iam`. When using IAM authentication, the client must provide AWS credentials, AWS region and a username. You can provide an optional CA certificate to verify the RDS database server's certificate.

func (AwsRdsDatabaseServiceConfiguration) Validate added in v1.3.9 

func (config AwsRdsDatabaseServiceConfiguration) Validate() error

Validate ensures that the `AwsRdsDatabaseServiceConfiguration` is valid.

type AwsRdsIamAuthConfiguration 

type AwsRdsIamAuthConfiguration struct {
	AwsCredentials    *common.AwsCredentials `json:"aws_credentials,omitempty"`
	RdsInstanceRegion string                 `json:"rds_instance_region"`
	Username          string                 `json:"username"`
	CaCertificate     string                 `json:"ca_certificate,omitempty"`
}

AwsRdsIamAuthConfiguration represents auth configuration for AWS RDS databases that use IAM authentication. You must provide AWS credentials and a username. Optionally AWS CA bundle can be supplied to verify the server's certificate.

func (AwsRdsIamAuthConfiguration) Validate added in v1.3.9 

func (config AwsRdsIamAuthConfiguration) Validate() error

Validate ensures that the `AwsRdsIamAuthConfiguration` has the required field and that the AWS credentials are valid.

type AwsRdsUsernameAndPasswordAuthConfiguration 

type AwsRdsUsernameAndPasswordAuthConfiguration struct {
	UsernameAndPassword
	CaCertificate string `json:"ca_certificate,omitempty"`
}

AwsRdsUsernameAndPasswordAuthConfiguration represents auth configuration for AWS RDS databases that use username and password. Optionally you can provide AWS CA bundle to verify the server's certificate.

func (AwsRdsUsernameAndPasswordAuthConfiguration) Validate added in v1.3.9 

func (config AwsRdsUsernameAndPasswordAuthConfiguration) Validate() error

Validate ensures that the `AwsRdsUsernameAndPasswordAuthConfiguration` has all the required fields.

type AwsSsmEc2TargetConfiguration 

type AwsSsmEc2TargetConfiguration struct {
	Ec2InstanceId     string                 `json:"ec2_instance_id"`
	Ec2InstanceRegion string                 `json:"ec2_instance_region"`
	AwsCredentials    *common.AwsCredentials `json:"aws_credentials,omitempty"`
}

AwsSsmEc2TargetConfiguration represents service configuration for aws ssm ssh services (fka sockets) that have EC2 instances as their ssm target.

func (*AwsSsmEc2TargetConfiguration) Validate added in v1.3.3 

func (c *AwsSsmEc2TargetConfiguration) Validate() error

Validate validates the AwsSsmEc2TargetConfiguration.

type AwsSsmEcsTargetConfiguration 

type AwsSsmEcsTargetConfiguration struct {
	EcsClusterRegion string                 `json:"ecs_cluster_region"`
	EcsClusterName   string                 `json:"ecs_cluster_name"`
	EcsServiceName   string                 `json:"ecs_service_name"`
	AwsCredentials   *common.AwsCredentials `json:"aws_credentials,omitempty"`
}

AwsSsmEcsTargetConfiguration represents service configuration for aws ssm ssh services (fka sockets) that have ECS services as their ssm target.

func (*AwsSsmEcsTargetConfiguration) Validate added in v1.3.3 

func (c *AwsSsmEcsTargetConfiguration) Validate() error

Validate validates the AwsSsmEcsTargetConfiguration.

type AwsSsmSshServiceConfiguration 

type AwsSsmSshServiceConfiguration struct {
	SsmTargetType string `json:"ssm_target_type"`

	// mutually exclusive fields below
	AwsSsmEc2TargetConfiguration *AwsSsmEc2TargetConfiguration `json:"aws_ssm_ec2_target_configuration,omitempty"`
	AwsSsmEcsTargetConfiguration *AwsSsmEcsTargetConfiguration `json:"aws_ssm_ecs_target_configuration,omitempty"`
}

AwsSsmSshServiceConfiguration represents service configuration for aws ssm ssh services (fka sockets).

func (*AwsSsmSshServiceConfiguration) Validate added in v1.3.3 

func (c *AwsSsmSshServiceConfiguration) Validate() error

Validate validates the AwsSsmSshServiceConfiguration.

type AzureSqlDatabaseServiceConfiguration added in v1.4.6 

type AzureSqlDatabaseServiceConfiguration struct {
	HostnameAndPort
	DatabaseProtocol string `json:"protocol"`

	AzureActiveDirectoryPassword   *DatabaseUsernameAndPasswordAuthConfiguration `json:"azure_active_directory_password_configuration,omitempty"`
	AzureActiveDirectoryIntegrated *struct{}                                     `json:"azure_active_directory_integrated_configuration,omitempty"`
	Kerberos                       *DatabaseKerberosAuthConfiguration            `json:"kerberos_configuration,omitempty"`
	SqlAuthentication              *DatabaseSqlAuthConfiguration                 `json:"sql_authentication_configuration,omitempty"`
}

AzureSqlDatabaseServiceConfiguration represents service configuration for Azure SQL Server databases.

Border0 currently supports four ways of connecting to Azure SQL Server databases. Use the corresponding configuration fields to configure the upstream connection.

func (AzureSqlDatabaseServiceConfiguration) Validate added in v1.4.6 

func (config AzureSqlDatabaseServiceConfiguration) Validate() error

Validate ensures that the `AzureSqlDatabaseServiceConfiguration` is valid.

type BaseKubectlExecTargetConfiguration added in v1.4.0 

type BaseKubectlExecTargetConfiguration struct {
	// slice of allowed namespaces.
	NamespaceAllowlist []string `json:"namespace_allowlist,omitempty"`

	// map of namespace to selectors in that namespace.
	NamespaceSelectorsAllowlist map[string]map[string][]string `json:"namespace_selectors_allowlist,omitempty"`
}

BaseKubectlExecTargetConfiguration represents base configuration for kubectl exec services (fka sockets), i.e. this configuration is common regardless of how the k8s cluster is hosted (aws, on prem, kind, etc...).

type Border0CertificateAuthConfiguration 

type Border0CertificateAuthConfiguration struct {
	UsernameProvider string `json:"username_provider,omitempty"`
	Username         string `json:"username,omitempty"`
}

UsernameAndPasswordAuthConfiguration represents authentication configuration for standard ssh services that require a border0-signed certificate for authentication.

func (*Border0CertificateAuthConfiguration) Validate added in v1.3.3 

func (c *Border0CertificateAuthConfiguration) Validate() error

Validate validates the Border0CertificateAuthConfiguration.

type BuiltInSshServiceConfiguration 

type BuiltInSshServiceConfiguration struct {
	UsernameProvider string `json:"username_provider,omitempty"`
	Username         string `json:"username,omitempty"`
}

BuiltInSshServiceConfiguration represents the service configuration for the connector built-in ssh services (fka sockets).

func (*BuiltInSshServiceConfiguration) Validate added in v1.3.3 

func (c *BuiltInSshServiceConfiguration) Validate() error

Validate validates the BuiltInSshServiceConfiguration.

type Configuration 

type Configuration struct {
	ServiceType string `json:"service_type"`

	DatabaseServiceConfiguration     *DatabaseServiceConfiguration     `json:"database_service_configuration,omitempty"`
	HttpServiceConfiguration         *HttpServiceConfiguration         `json:"http_service_configuration,omitempty"`
	SshServiceConfiguration          *SshServiceConfiguration          `json:"ssh_service_configuration,omitempty"`
	TlsServiceConfiguration          *TlsServiceConfiguration          `json:"tls_service_configuration,omitempty"`
	VncServiceConfiguration          *VncServiceConfiguration          `json:"vnc_service_configuration,omitempty"`
	VpnServiceConfiguration          *VpnServiceConfiguration          `json:"vpn_service_configuration,omitempty"`
	RdpServiceConfiguration          *RdpServiceConfiguration          `json:"rdp_service_configuration,omitempty"`
	KubernetesServiceConfiguration   *KubernetesServiceConfiguration   `json:"kubernetes_service_configuration,omitempty"`
	SubnetRoutesServiceConfiguration *SubnetRoutesServiceConfiguration `json:"subnet_routes_service_configuration,omitempty"`
}

Configuration represents upstream service configuration.

func (*Configuration) Validate added in v1.3.3 

func (c *Configuration) Validate() error

Validate validates the Configuration.

type ConnectorServiceConfiguration added in v1.3.10 

type ConnectorServiceConfiguration struct {
	ConnectorAuthenticationEnabled bool          `json:"connector_authentication_enabled"`
	EndToEndEncryptionEnabled      bool          `json:"end_to_end_encryption_enabled"`
	RecordingEnabled               bool          `json:"recording_enabled"`
	Upstream                       Configuration `json:"upstream_configuration"`
	PrivateNetworkIPv4             *string       `json:"private_network_ipv4"`
	PrivateNetworkIPv6             *string       `json:"private_network_ipv6"`
}

ConnectorServiceConfiguration includes both the connector socket and upstream service configuration

func (*ConnectorServiceConfiguration) Validate added in v1.3.10 

func (c *ConnectorServiceConfiguration) Validate() error

Validate validates the ConnectorServiceConfiguration.

type DatabaseKerberosAuthConfiguration added in v1.4.13 

type DatabaseKerberosAuthConfiguration struct {
	UsernameAndPassword
}

DatabaseKerberosAuthConfiguration represents auth configuration that based on username and password.

func (DatabaseKerberosAuthConfiguration) Validate added in v1.4.13 

func (config DatabaseKerberosAuthConfiguration) Validate() error

Validate ensures that the `DatabaseKerberosAuthConfiguration` has all the required fields.

type DatabaseServiceConfiguration 

type DatabaseServiceConfiguration struct {
	DatabaseServiceType string `json:"database_service_type"`

	// mutually exclusive fields below
	Standard    *StandardDatabaseServiceConfiguration    `json:"standard_database_service_configuration,omitempty"`
	AwsRds      *AwsRdsDatabaseServiceConfiguration      `json:"aws_rds_database_service_configuration,omitempty"`
	GcpCloudSql *GcpCloudSqlDatabaseServiceConfiguration `json:"gcp_cloudsql_database_service_configuration,omitempty"`
	AzureSql    *AzureSqlDatabaseServiceConfiguration    `json:"azure_sql_database_service_configuration,omitempty"`
	Snowflake   *SnowflakeDatabaseServiceConfiguration   `json:"snowflake_database_service_configuration,omitempty"`
}

DatabaseServiceConfiguration represents service configuration for database services (aka sockets).

func (DatabaseServiceConfiguration) Validate added in v1.3.3 

func (config DatabaseServiceConfiguration) Validate() error

Validate ensures that the `DatabaseServiceConfiguration` is valid.

type DatabaseSqlAuthConfiguration added in v1.4.13 

type DatabaseSqlAuthConfiguration struct {
	UsernameAndPassword
}

DatabaseSqlAuthConfiguration represents auth configuration that based on username and password.

func (DatabaseSqlAuthConfiguration) Validate added in v1.4.13 

func (config DatabaseSqlAuthConfiguration) Validate() error

Validate ensures that the `DatabaseSqlAuthConfiguration` has all the required fields.

type DatabaseTlsAuthConfiguration 

type DatabaseTlsAuthConfiguration struct {
	UsernameAndPassword
	TlsConfig
}

DatabaseTlsAuthConfiguration represents auth configuration that uses TLS for securing the connection. You must provide a username, a password, a client certificate and a client key. Optionally you can provide a CA certificate to verify the server's certificate.

func (DatabaseTlsAuthConfiguration) Validate added in v1.3.9 

func (config DatabaseTlsAuthConfiguration) Validate() error

Validate ensures that the `DatabaseTlsAuthConfiguration` has all the required fields.

type DatabaseUsernameAndPasswordAuthConfiguration 

type DatabaseUsernameAndPasswordAuthConfiguration struct {
	UsernameAndPassword
}

DatabaseUsernameAndPasswordAuthConfiguration represents auth configuration that based on username and password.

func (DatabaseUsernameAndPasswordAuthConfiguration) Validate added in v1.3.9 

func (config DatabaseUsernameAndPasswordAuthConfiguration) Validate() error

Validate ensures that the `DatabaseUsernameAndPasswordAuthConfiguration` has all the required fields.

type DockerExecSshServiceConfiguration added in v1.4.26 

type DockerExecSshServiceConfiguration struct {
	ContainerNameAllowlist []string `json:"container_name_allowlist,omitempty"`
}

DockerExecSshServiceConfiguration represents service configuration for docker exec ssh services (fka sockets).

func (*DockerExecSshServiceConfiguration) Validate added in v1.4.26 

func (c *DockerExecSshServiceConfiguration) Validate() error

Validate validates a DockerExecSshServiceConfiguration.

type FileServerHttpServiceConfiguration added in v1.3.2 

type FileServerHttpServiceConfiguration struct {
	TopLevelDirectory string `json:"top_level_directory,omitempty"`
}

FileServerHttpServiceConfiguration represents service configuration for the connector built-in file webserver.

func (*FileServerHttpServiceConfiguration) Validate added in v1.3.4 

func (c *FileServerHttpServiceConfiguration) Validate() error

Validate validates the FileServerHttpServiceConfiguration.

type GcpCloudSqlConnectorAuthConfiguration added in v1.4.15 

type GcpCloudSqlConnectorAuthConfiguration struct {
	Username           string `json:"username"`
	Password           string `json:"password"`
	InstanceId         string `json:"instance_id"`
	GcpCredentialsJson string `json:"gcp_credentials_json"`
}

GcpCloudSqlConnectorAuthConfiguration represents service configuration for Google Cloud SQL database that will be connected to the upstream using the Cloud SQL Connector.

func (GcpCloudSqlConnectorAuthConfiguration) Validate added in v1.4.15 

func (config GcpCloudSqlConnectorAuthConfiguration) Validate() error

Validate ensures that the `GcpCloudSqlConnectorAuthConfiguration` has all the required fields.

type GcpCloudSqlConnectorIamAuthConfiguration added in v1.4.15 

type GcpCloudSqlConnectorIamAuthConfiguration struct {
	Username           string `json:"username"`
	InstanceId         string `json:"instance_id"`
	GcpCredentialsJson string `json:"gcp_credentials_json"`
}

GcpCloudSqlConnectorIamAuthConfiguration represents service configuration for Google Cloud SQL database that will be connected to the upstream using the Cloud SQL Connector and IAM authentication.

func (GcpCloudSqlConnectorIamAuthConfiguration) Validate added in v1.4.15 

func (config GcpCloudSqlConnectorIamAuthConfiguration) Validate() error

Validate ensures that the `GcpCloudSqlConnectorIamAuthConfiguration` has all the required fields.

type GcpCloudSqlDatabaseServiceConfiguration added in v1.3.9 

type GcpCloudSqlDatabaseServiceConfiguration struct {
	HostnameAndPort
	DatabaseProtocol string `json:"protocol"`

	UsernameAndPasswordAuth     *DatabaseUsernameAndPasswordAuthConfiguration `json:"username_and_password_auth_configuration,omitempty"`
	TlsAuth                     *DatabaseTlsAuthConfiguration                 `json:"tls_auth_configuration,omitempty"`
	GcpCloudSQLConnectorAuth    *GcpCloudSqlConnectorAuthConfiguration        `json:"cloudsql_connector_configuration,omitempty"`
	GcpCloudSQLConnectorIAMAuth *GcpCloudSqlConnectorIamAuthConfiguration     `json:"cloudsql_connector_iam_configuration,omitempty"`
}

GcpCloudSqlDatabaseServiceConfiguration represents service configuration for Google Cloud SQL databases. Google Cloud SQL databases are cloud managed MySQL or PostgreSQL databases.

Border0 currently supports two ways of connecting to Google Cloud SQL databases: with and without the Cloud SQL Connector. Use the corresponding configuration fields to configure the upstream connection.

func (GcpCloudSqlDatabaseServiceConfiguration) Validate added in v1.3.9 

func (config GcpCloudSqlDatabaseServiceConfiguration) Validate() error

Validate ensures that the `GcpCloudSqlDatabaseServiceConfiguration` is valid.

type HostnameAndPort 

type HostnameAndPort struct {
	Hostname string `json:"hostname"`
	Port     uint16 `json:"port"`
}

HostnameAndPort represents a host and port.

func (*HostnameAndPort) Validate added in v1.3.4 

func (c *HostnameAndPort) Validate() error

Validate validates the HostnameAndPort.

type HttpProxyTlsServiceConfiguration added in v1.3.2 

type HttpProxyTlsServiceConfiguration struct {
	HostAllowlist []string `json:"host_allowlist,omitempty"`
}

HttpProxyTlsServiceConfiguration represents service configuration for http proxy services over the tls socket.

func (*HttpProxyTlsServiceConfiguration) Validate added in v1.3.4 

func (c *HttpProxyTlsServiceConfiguration) Validate() error

Validate validates the HttpProxyTlsServiceConfiguration.

type HttpServiceConfiguration 

type HttpServiceConfiguration struct {
	HttpServiceType string `json:"http_service_type"`

	// mutually exclusive fields below
	StandardHttpServiceConfiguration   *StandardHttpServiceConfiguration   `json:"standard_http_service_configuration,omitempty"`
	FileServerHttpServiceConfiguration *FileServerHttpServiceConfiguration `json:"fileserver_http_service_configuration,omitempty"`
}

HttpServiceConfiguration represents service configuration for http services (fka sockets).

func (*HttpServiceConfiguration) Validate added in v1.3.3 

func (c *HttpServiceConfiguration) Validate() error

Validate validates the HttpServiceConfiguration.

type KubectlExecSshServiceConfiguration added in v1.4.0 

type KubectlExecSshServiceConfiguration struct {
	KubectlExecTargetType string `json:"kubectl_exec_target_type"`

	BaseKubectlExecTargetConfiguration

	// mutually exclusive fields below
	StandardKubectlExecTargetConfiguration *StandardKubectlExecTargetConfiguration `json:"standard_kubectl_exec_target_configuration,omitempty"`
	AwsEksKubectlExecTargetConfiguration   *AwsEksKubectlExecTargetConfiguration   `json:"aws_eks_kubectl_exec_target_configuration,omitempty"`
}

KubectlExecSshServiceConfiguration represents service configuration for kubectl exec ssh services (fka sockets).

func (*KubectlExecSshServiceConfiguration) Validate added in v1.4.0 

func (c *KubectlExecSshServiceConfiguration) Validate() error

Validate validates a KubectlExecSshServiceConfiguration.

type KubernetesServiceConfiguration added in v1.4.39 

type KubernetesServiceConfiguration struct {
	KubernetesServiceType string `json:"kubernetes_service_type"`

	// mutually exclusive fields below
	StandardKubernetesServiceConfiguration *StandardKubernetesServiceConfiguration `json:"standard_kubernetes_service_configuration,omitempty"`
	AwsEksKubernetesServiceConfiguration   *AwsEksKubernetesServiceConfiguration   `json:"aws_eks_kubernetes_service_configuration,omitempty"`
}

KubernetesServiceConfiguration represents service configuration for kubernetes services (fka sockets).

func (*KubernetesServiceConfiguration) Validate added in v1.4.39 

func (c *KubernetesServiceConfiguration) Validate() error

Validate validates the KubernetesServiceConfiguration.

type PrivateKeyAuthConfiguration 

type PrivateKeyAuthConfiguration struct {
	UsernameProvider string `json:"username_provider,omitempty"`
	Username         string `json:"username,omitempty"`
	PrivateKey       string `json:"private_key"`
}

PrivateKeyAuthConfiguration represents authentication configuration for standard ssh services that require a private key for authentication.

func (*PrivateKeyAuthConfiguration) Validate added in v1.3.3 

func (c *PrivateKeyAuthConfiguration) Validate() error

Validate validates the PrivateKeyAuthConfiguration.

type RdpServiceConfiguration added in v1.4.20 

type RdpServiceConfiguration struct {
	HostnameAndPort
}

RdpServiceConfiguration represents service configuration for rdp services (fka sockets).

func (*RdpServiceConfiguration) Validate added in v1.4.20 

func (c *RdpServiceConfiguration) Validate() error

Validate validates the RdpServiceConfiguration.

type SnowflakeDatabaseServiceConfiguration added in v1.4.45 

type SnowflakeDatabaseServiceConfiguration struct {
	Account   string `json:"account"`
	Username  string `json:"username"`
	Password  string `json:"password"`
	Database  string `json:"database"`
	Schema    string `json:"schema"`
	Warehouse string `json:"warehouse"`
	Role      string `json:"role"`
}

SnowflakeDatabaseServiceConfiguration represents service configuration for snowflake database services (fka sockets).

func (SnowflakeDatabaseServiceConfiguration) Validate added in v1.4.45 

func (config SnowflakeDatabaseServiceConfiguration) Validate() error

Validate ensures that the `SnowflakeDatabaseServiceConfiguration` has the required fields.

type SshServiceConfiguration 

type SshServiceConfiguration struct {
	SshServiceType string `json:"ssh_service_type"`

	// mutually exclusive fields below
	StandardSshServiceConfiguration    *StandardSshServiceConfiguration    `json:"standard_ssh_service_configuration,omitempty"`
	AwsSsmSshServiceConfiguration      *AwsSsmSshServiceConfiguration      `json:"aws_ssm_ssh_service_configuration,omitempty"`
	AwsEc2ICSshServiceConfiguration    *AwsEc2ICSshServiceConfiguration    `json:"aws_ec2ic_ssh_service_configuration,omitempty"`
	DockerExecSshServiceConfiguration  *DockerExecSshServiceConfiguration  `json:"docker_exec_ssh_service_configuration,omitempty"`
	KubectlExecSshServiceConfiguration *KubectlExecSshServiceConfiguration `json:"kubectl_exec_ssh_service_configuration,omitempty"`
	BuiltInSshServiceConfiguration     *BuiltInSshServiceConfiguration     `json:"built_in_ssh_service_configuration,omitempty"`
}

SshServiceConfiguration represents service configuration for shell services (fka sockets).

func (*SshServiceConfiguration) Validate added in v1.3.3 

func (c *SshServiceConfiguration) Validate() error

Validate validates the SshServiceConfiguration.

type StandardDatabaseServiceConfiguration 

type StandardDatabaseServiceConfiguration struct {
	HostnameAndPort

	DatabaseProtocol   string `json:"protocol"`
	AuthenticationType string `json:"authentication_type"`

	UsernameAndPasswordAuth *DatabaseUsernameAndPasswordAuthConfiguration `json:"username_and_password_auth_configuration,omitempty"`
	TlsAuth                 *DatabaseTlsAuthConfiguration                 `json:"tls_auth_configuration,omitempty"`
	Kerberos                *DatabaseKerberosAuthConfiguration            `json:"kerberos_configuration,omitempty"`
	SqlAuthentication       *DatabaseSqlAuthConfiguration                 `json:"sql_authentication_configuration,omitempty"`
}

StandardDatabaseServiceConfiguration represents service configuration for self-managed databases. Self-managed databases are databases that are not managed by a cloud provider. For example, a MySQL or PostgreSQL database running on your laptop, or in a VM running in your data center or in the cloud.

Supported database protocols are: `mysql`, `postgres` and `mssql`. For upstream authentication, supported auth types are: `username_and_password` and `tls`.

func (StandardDatabaseServiceConfiguration) Validate added in v1.3.9 

func (config StandardDatabaseServiceConfiguration) Validate() error

Validate ensures that the `StandardDatabaseServiceConfiguration` is valid.

type StandardHttpServiceConfiguration added in v1.3.2 

type StandardHttpServiceConfiguration struct {
	HostnameAndPort        // inherited
	HostHeader      string `json:"host_header"`
}

StandardHttpServiceConfiguration represents service configuration for standard http services (fka sockets).

func (*StandardHttpServiceConfiguration) Validate added in v1.3.4 

func (c *StandardHttpServiceConfiguration) Validate() error

Validate validates the StandardHttpServiceConfiguration.

type StandardKubectlExecTargetConfiguration added in v1.4.0 

type StandardKubectlExecTargetConfiguration struct {
	MasterUrl      string `json:"master_url,omitempty"`
	KubeconfigPath string `json:"kubeconfig_path,omitempty"`
}

StandardKubectlExecTargetConfiguration represents service configuration for standard kubectl exec ssh services (fka sockets).

func (*StandardKubectlExecTargetConfiguration) Validate added in v1.4.0 

func (c *StandardKubectlExecTargetConfiguration) Validate() error

Validate validates a StandardKubectlExecTargetConfiguration.

type StandardKubernetesServiceConfiguration added in v1.4.42 

type StandardKubernetesServiceConfiguration struct {
	// for the connector to load config from the filesystem
	KubeconfigPath string `json:"kubeconfig_path,omitempty"`
	Context        string `json:"context,omitempty"`

	// for the connector to communicate to the kubernetes api server
	Server                   string `json:"server,omitempty"`
	CertificateAuthority     string `json:"certificate_authority,omitempty"`
	CertificateAuthorityData string `json:"certificate_authority_data,omitempty"`

	// for the kubernetes api server to authenticate the connector with client certificates
	ClientCertificate     string `json:"client_certificate,omitempty"`
	ClientCertificateData string `json:"client_certificate_data,omitempty"`
	ClientKey             string `json:"client_key,omitempty"`
	ClientKeyData         string `json:"client_key_data,omitempty"`

	// for the kubernetes api server to authenticate the connector with a token
	Token     string `json:"token,omitempty"`
	TokenFile string `json:"token_file,omitempty"`
}

StandardKubernetesServiceConfiguration represents service configuration for standard kubernetes services (fka sockets).

func (*StandardKubernetesServiceConfiguration) Validate added in v1.4.42 

func (c *StandardKubernetesServiceConfiguration) Validate() error

Validate validates the StandardKubernetesServiceConfiguration.

type StandardSshServiceConfiguration 

type StandardSshServiceConfiguration struct {
	HostnameAndPort
	SshAuthenticationType string `json:"ssh_authentication_type"`

	// mutually exclusive fields below
	UsernameAndPasswordAuthConfiguration *UsernameAndPasswordAuthConfiguration `json:"username_and_password_auth_configuration,omitempty"`
	PrivateKeyAuthConfiguration          *PrivateKeyAuthConfiguration          `json:"private_key_auth_configuration,omitempty"`
	Border0CertificateAuthConfiguration  *Border0CertificateAuthConfiguration  `json:"border0_certificate_auth_configuration,omitempty"`
}

StandardSshServiceConfiguration represents service configuration for standard ssh services (fka sockets).

func (*StandardSshServiceConfiguration) Validate added in v1.3.3 

func (c *StandardSshServiceConfiguration) Validate() error

type StandardTlsServiceConfiguration added in v1.3.2 

type StandardTlsServiceConfiguration struct {
	HostnameAndPort
}

StandardTlsServiceConfiguration represents service configuration for standard tls services (fka sockets).

func (*StandardTlsServiceConfiguration) Validate added in v1.3.4 

func (c *StandardTlsServiceConfiguration) Validate() error

Validate validates the StandardTlsServiceConfiguration.

type SubnetRoutesServiceConfiguration added in v1.4.56 

type SubnetRoutesServiceConfiguration struct {
	IPv4CIDRRanges []string `json:"ipv4_cidr_ranges"`
	IPv6CIDRRanges []string `json:"ipv6_cidr_ranges"`
}

SubnetRoutesServiceConfiguration represents service configuration for subnet routes services (fka sockets).

func (*SubnetRoutesServiceConfiguration) Validate added in v1.4.56 

func (c *SubnetRoutesServiceConfiguration) Validate() error

Validate validates the SubnetRoutesServiceConfiguration.

type TlsConfig 

type TlsConfig struct {
	CaCertificate string `json:"ca_certificate"`
	Certificate   string `json:"certificate"`
	Key           string `json:"key"`
}

TlsConfig represents a TLS configuration. Services can use this to configure TLS for securing connections to upstreams.

type TlsServiceConfiguration 

type TlsServiceConfiguration struct {
	TlsServiceType string `json:"tls_service_type,omitempty"`

	// mutually exclusive fields below
	StandardTlsServiceConfiguration  *StandardTlsServiceConfiguration  `json:"standard_tls_service_configuration,omitempty"`
	VpnTlsServiceConfiguration       *VpnTlsServiceConfiguration       `json:"vpn_tls_service_configuration,omitempty"`
	HttpProxyTlsServiceConfiguration *HttpProxyTlsServiceConfiguration `json:"http_proxy_tls_service_configuration,omitempty"`
}

TlsServiceConfiguration represents service configuration for tls services (fka sockets).

func (*TlsServiceConfiguration) Validate added in v1.3.3 

func (c *TlsServiceConfiguration) Validate() error

Validate validates the TlsServiceConfiguration.

type UsernameAndPassword 

type UsernameAndPassword struct {
	Username string `json:"username"`
	Password string `json:"password"`
}

UsernameAndPassword represents a username and password. Used for basic auth, for example, MySQL username and password in a database upstream configuration.

type UsernameAndPasswordAuthConfiguration 

type UsernameAndPasswordAuthConfiguration struct {
	UsernameProvider string `json:"username_provider,omitempty"`
	Username         string `json:"username,omitempty"`
	Password         string `json:"password"`
}

UsernameAndPasswordAuthConfiguration represents authentication configuration for standard ssh services that require a username and password for authentication.

func (*UsernameAndPasswordAuthConfiguration) Validate added in v1.3.3 

func (c *UsernameAndPasswordAuthConfiguration) Validate() error

Validate validates the Border0CertificateAuthConfiguration.

type VncServiceConfiguration added in v1.4.20 

type VncServiceConfiguration struct {
	HostnameAndPort
	Password string `json:"password"`
}

VncServiceConfiguration represents service configuration for vnc services (fka sockets).

func (*VncServiceConfiguration) Validate added in v1.4.20 

func (c *VncServiceConfiguration) Validate() error

Validate validates the VncServiceConfiguration.

type VpnServiceConfiguration added in v1.4.21 

type VpnServiceConfiguration struct {
	DHCPPoolSubnet   string   `json:"dhcp_pool_subnet"`
	AdvertisedRoutes []string `json:"advertised_routes,omitempty"`
}

VpnServiceConfiguration represents service configuration for vpn services (fka sockets).

func (*VpnServiceConfiguration) Validate added in v1.4.21 

func (c *VpnServiceConfiguration) Validate() error

Validate validates the VpnServiceConfiguration.

type VpnTlsServiceConfiguration added in v1.3.2 

type VpnTlsServiceConfiguration struct {
	VpnSubnet string   `json:"vpn_subnet"`
	Routes    []string `json:"routes,omitempty"`
}

VpnTlsServiceConfiguration represents service configuration for vpn services services over the tls socket.

func (*VpnTlsServiceConfiguration) Validate added in v1.3.4 

func (c *VpnTlsServiceConfiguration) Validate() error

Validate validates the VpnTlsServiceConfiguration.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.