Documentation
¶
Index ¶
- Constants
- type AwsCredentials
- type AwsEc2ICSshServiceConfiguration
- type AwsRdsDatabaseServiceConfiguration
- type AwsRdsIamAuthConfiguration
- type AwsRdsUsernameAndPasswordAuthConfiguration
- type AwsSsmEc2TargetConfiguration
- type AwsSsmEcsTargetConfiguration
- type AwsSsmSshServiceConfiguration
- type Border0CertificateAuthConfiguration
- type BuiltInSshServiceConfiguration
- type Configuration
- type DatabaseServiceConfiguration
- type DatabaseTlsAuthConfiguration
- type DatabaseUsernameAndPasswordAuthConfiguration
- type GoogleCloudSqlConnectorConfiguration
- type GoogleCloudSqlDatabaseServiceConfiguration
- type GoogleCloudSqlIamAuthConfiguration
- type GoogleCloudSqlStandardConfiguration
- type GoogleCloudSqlUsernameAndPasswordAuthConfiguration
- type HostnameAndPort
- type HttpServiceConfiguration
- type PrivateKeyAuthConfiguration
- type SshServiceConfiguration
- type StandardDatabaseServiceConfiguration
- type StandardSshServiceConfiguration
- type TlsConfig
- type TlsServiceConfiguration
- type UsernameAndPassword
- type UsernameAndPasswordAuthConfiguration
Constants ¶
const ( // ServiceTypeDatabase is the service type for database services (fka sockets). ServiceTypeDatabase = "database" // ServiceTypeHttp is the service type for http services (fka sockets). ServiceTypeHttp = "http" // ServiceTypeSsh is the service type for ssh services (fka sockets). ServiceTypeSsh = "ssh" // ServiceTypeTls is the service type for tls services (fka sockets). ServiceTypeTls = "tls" )
const ( DatabaseServiceTypeStandard = "standard" // standard MySQL or PostgreSQL, supports TLS and password auth DatabaseServiceTypeRds = "aws_rds" // AWS RDS database, supports IAM and password auth DatabaseServiceTypeCloudSql = "google_cloudsql" // Google Cloud SQL database, supports IAM, TLS and password auth )
Database service types supported by Border0. Choose `standard` for self-managed databases. Use `aws_rds` for AWS RDS databases, and select `google_cloudsql` for Google Cloud SQL databases.
const ( // DatabaseProtocolTypeMySql is the database service protocol for mysql databases. DatabaseProtocolMySql = "mysql" // DatabaseServiceTypePostgres is the database service protocol for postgresql databases. DatabaseProtocolPostgres = "postgres" )
const ( // DatabaseAuthenticationTypeIam is the authentication type for databases // that use IAM credentials for authentication. DatabaseAuthenticationTypeIam = "iam" // DatabaseAuthenticationTypeTls is the authentication type for databases // that use TLS certificates for authentication. When using this type of // authentication, the client must provide a TLS certificate and a TLS key. DatabaseAuthenticationTypeTls = "tls" // DatabaseAuthenticationTypeUsernameAndPassword is the authentication type // for databases that use username and password for authentication. DatabaseAuthenticationTypeUsernameAndPassword = "username_and_password" )
const ( // SshServiceTypeStandard is the ssh // service type for standard ssh services. SshServiceTypeStandard = "standard" // SshServiceTypeAwsSsm is the ssh service // type for aws session manager ssh services. SshServiceTypeAwsSsm = "aws_ssm" // SshServiceTypeAwsEc2InstanceConnect is the ssh service // type for aws ec2 instance connect ssh services. SshServiceTypeAwsEc2InstanceConnect = "aws_ec2_instance_connect" // SshServiceTypeConnectorBuiltIn is the ssh service // type for the connector's built-in ssh service. SshServiceTypeConnectorBuiltIn = "connector_built_in_ssh_service" )
const ( // SsmTargetTypeEc2 is the ssm target type for ec2 targets. SsmTargetTypeEc2 = "ec2" // SsmTargetTypeEcs is the ssm target type for ecs targets. SsmTargetTypeEcs = "ecs" )
const ( // StandardSshServiceAuthenticationTypeUsernameAndPassword is the standard ssh // service authentication type for authenticating with a username and password. StandardSshServiceAuthenticationTypeUsernameAndPassword = "username_and_password" // StandardSshServiceAuthenticationTypePrivateKey is the standard ssh // service authentication type for authenticating with a private key. StandardSshServiceAuthenticationTypePrivateKey = "private_key" // StandardSshServiceAuthenticationTypeBorder0Certificate is the standard ssh // service authentication type for authenticating with a border0-signed certificate. StandardSshServiceAuthenticationTypeBorder0Certificate = "border0_certificate" )
const ( // UsernameProviderDefined is the username provider // option for using an admin-defined (static) username. UsernameProviderDefined = "defined" // UsernameProviderPromptClient is username provider option // for prompting connecting clients for the username. UsernameProviderPromptClient = "prompt_client" // UsernameProviderUseConnectorUser is username provider // option for using the connector's OS username. // // NOTE: This option can only be used as the username // provider for connector built-in ssh services. UsernameProviderUseConnectorUser = "use_connector_user" )
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type AwsCredentials ¶
type AwsCredentials struct {
AwsAccessKeyId string `json:"aws_access_key_id"`
AwsSecretAccessKey string `json:"aws_secret_access_key"`
AwsSessionToken string `json:"aws_session_token,omitempty"`
AwsProfile string `json:"aws_profile,omitempty"`
AwsRegion string `json:"aws_region,omitempty"`
}
AwsCredentials represents aws credentials.
type AwsEc2ICSshServiceConfiguration ¶
type AwsEc2ICSshServiceConfiguration struct {
HostnameAndPort // inherited
Ec2InstanceId string `json:"ec2_instance_id"`
Ec2InstanceRegion string `json:"ec2_instance_region"`
AwsCredentials *AwsCredentials `json:"aws_credentials,omitempty"`
}
AwsEc2ICSshServiceConfiguration represents service configuration for aws ec2 instance connect ssh services (fka sockets).
type AwsRdsDatabaseServiceConfiguration ¶
type AwsRdsDatabaseServiceConfiguration struct {
HostnameAndPort
DatabaseProtocol string `json:"protocol"`
AuthenticationType string `json:"authentication_type"`
UsernameAndPasswordAuth *AwsRdsUsernameAndPasswordAuthConfiguration `json:"username_and_password_auth_configuration,omitempty"`
IamAuth *AwsRdsIamAuthConfiguration `json:"iam_auth_configuration,omitempty"`
}
AwsRdsDatabaseServiceConfiguration represents service configuration for AWS RDS databases. AWS RDS databases are cloud managed MySQL or PostgreSQL databases.
Supported database protocols are: `mysql` and `postgres`. For upstream authentication, supported auth types are: `username_password` and `iam`. When using IAM authentication, the client must provide AWS credentials, AWS region and a username. You can provide an optional CA certificate to verify the RDS database server's certificate.
type AwsRdsIamAuthConfiguration ¶
type AwsRdsIamAuthConfiguration struct {
AwsCredentials
Username string `json:"username"`
CaCertificate string `json:"ca_certificate,omitempty"`
}
AwsRdsIamAuthConfiguration represents auth configuration for AWS RDS databases that use IAM authentication. You must provide AWS credentials and a username. Optionally AWS CA bundle can be supplied to verify the server's certificate.
type AwsRdsUsernameAndPasswordAuthConfiguration ¶
type AwsRdsUsernameAndPasswordAuthConfiguration struct {
UsernameAndPassword
CaCertificate string `json:"ca_certificate,omitempty"`
}
AwsRdsUsernameAndPasswordAuthConfiguration represents auth configuration for AWS RDS databases that use username and password. Optionally you can provide AWS CA bundle to verify the server's certificate.
type AwsSsmEc2TargetConfiguration ¶
type AwsSsmEc2TargetConfiguration struct {
Ec2InstanceId string `json:"ec2_instance_id"`
Ec2InstanceRegion string `json:"ec2_instance_region"`
AwsCredentials *AwsCredentials `json:"aws_credentials,omitempty"`
}
AwsSsmEc2TargetConfiguration represents service configuration for aws ssm ssh services (fka sockets) that have EC2 instances as their ssm target.
type AwsSsmEcsTargetConfiguration ¶
type AwsSsmEcsTargetConfiguration struct {
EcsClusterRegion string `json:"ecs_cluster_region"`
EcsClusterName string `json:"ecs_cluster_name"`
EcsServiceName string `json:"ecs_service_name"`
AwsCredentials *AwsCredentials `json:"aws_credentials,omitempty"`
}
AwsSsmEcsTargetConfiguration represents service configuration for aws ssm ssh services (fka sockets) that have ECS services as their ssm target.
type AwsSsmSshServiceConfiguration ¶
type AwsSsmSshServiceConfiguration struct {
SsmTargetType string `json:"ssm_target_type"`
// mutually exclusive fields below
AwsSsmEc2TargetConfiguration *AwsSsmEc2TargetConfiguration `json:"aws_ssm_ec2_target_configuration,omitempty"`
AwsSsmEcsTargetConfiguration *AwsSsmEcsTargetConfiguration `json:"aws_ssm_ecs_target_configuration,omitempty"`
}
AwsSsmSshServiceConfiguration represents service configuration for aws ssm ssh services (fka sockets).
type Border0CertificateAuthConfiguration ¶
type Border0CertificateAuthConfiguration struct {
UsernameProvider string `json:"username_provider,omitempty"`
Username string `json:"username,omitempty"`
}
UsernameAndPasswordAuthConfiguration represents authentication configuration for standard ssh services that require a border0-signed certificate for authentication.
type BuiltInSshServiceConfiguration ¶
type BuiltInSshServiceConfiguration struct {
UsernameProvider string `json:"username_provider,omitempty"`
Username string `json:"username,omitempty"`
}
BuiltInSshServiceConfiguration represents the service configuration for the connector built-in ssh services (fka sockets).
type Configuration ¶
type Configuration struct {
ServiceType string `json:"service_type"`
DatabaseServiceConfiguration *DatabaseServiceConfiguration `json:"database_service_configuration,omitempty"`
HttpServiceConfiguration *HttpServiceConfiguration `json:"http_service_configuration,omitempty"`
SshServiceConfiguration *SshServiceConfiguration `json:"ssh_service_configuration,omitempty"`
TlsServiceConfiguration *TlsServiceConfiguration `json:"tls_service_configuration,omitempty"`
}
Configuration represents service configuration.
type DatabaseServiceConfiguration ¶
type DatabaseServiceConfiguration struct {
DatabaseServiceType string `json:"database_service_type"`
// mutually exclusive fields below
Standard *StandardDatabaseServiceConfiguration `json:"standard_database_service_configuration,omitempty"`
AwsRds *AwsRdsDatabaseServiceConfiguration `json:"aws_rds_database_service_configuration,omitempty"`
GoogleCloudSql *GoogleCloudSqlDatabaseServiceConfiguration `json:"google_cloudsql_database_service_configuration,omitempty"`
}
DatabaseServiceConfiguration represents service configuration for database services (aka sockets).
type DatabaseTlsAuthConfiguration ¶
type DatabaseTlsAuthConfiguration struct {
UsernameAndPassword
TlsConfig
}
DatabaseTlsAuthConfiguration represents auth configuration that uses TLS for securing the connection. You must provide a username, a password, a client certificate and a client key. Optionally you can provide a CA certificate to verify the server's certificate.
type DatabaseUsernameAndPasswordAuthConfiguration ¶
type DatabaseUsernameAndPasswordAuthConfiguration struct {
UsernameAndPassword
}
DatabaseUsernameAndPasswordAuthConfiguration represents auth configuration that based on username and password.
type GoogleCloudSqlConnectorConfiguration ¶
type GoogleCloudSqlConnectorConfiguration struct {
DatabaseProtocol string `json:"protocol"`
AuthenticationType string `json:"authentication_type"`
UsernameAndPasswordAuth *GoogleCloudSqlUsernameAndPasswordAuthConfiguration `json:"username_and_password_auth_configuration,omitempty"`
IamAuth *GoogleCloudSqlIamAuthConfiguration `json:"iam_auth_configuration,omitempty"`
}
GoogleCloudSqlConnectorConfiguration represents service configuration for Google Cloud SQL databases that will be connected to the upstream using the Cloud SQL Connector.
Supported database protocol is: `mysql`. For upstream authentication, supported auth types are: `username_password`, and `iam`. When using IAM authentication, the client must provide a username and an instance ID. You will need to supply google credentials that are copied from the JSON credentials file.
type GoogleCloudSqlDatabaseServiceConfiguration ¶
type GoogleCloudSqlDatabaseServiceConfiguration struct {
CloudSqlConnectorEnabled bool `json:"cloudsql_connector_enabled"`
Standard *GoogleCloudSqlStandardConfiguration `json:"standard_configuration,omitempty"`
Connector *GoogleCloudSqlConnectorConfiguration `json:"connector_configuration,omitempty"`
}
GoogleCloudSqlDatabaseServiceConfiguration represents service configuration for Google Cloud SQL databases. Google Cloud SQL databases are cloud managed MySQL or PostgreSQL databases.
Border0 currently supports two ways of connecting to Google Cloud SQL databases: with and without the Cloud SQL Connector. Use the corresponding configuration fields to configure the upstream connection.
type GoogleCloudSqlIamAuthConfiguration ¶
type GoogleCloudSqlIamAuthConfiguration struct {
Username string `json:"username"`
InstanceId string `json:"instance_id"`
GcpCredentialsJson string `json:"gcp_credentials_json"`
}
GoogleCloudSqlIamAuthConfiguration represents auth configuration for Google Cloud SQL databases that use IAM authentication, and are connected to the upstream using the Cloud SQL Connector. You must provide a username, an Cloud SQL instance ID and Google credentials that are copied from the JSON credentials file.
type GoogleCloudSqlStandardConfiguration ¶
type GoogleCloudSqlStandardConfiguration struct {
HostnameAndPort
DatabaseProtocol string `json:"protocol"`
AuthenticationType string `json:"authentication_type"`
UsernameAndPasswordAuth *DatabaseUsernameAndPasswordAuthConfiguration `json:"username_and_password_auth_configuration,omitempty"`
TlsAuth *DatabaseTlsAuthConfiguration `json:"tls_auth_configuration,omitempty"`
}
GoogleCloudSqlStandardConfiguration represents service configuration for Google Cloud SQL databases that will be connected to the upstream _WITHOUT_ using the Cloud SQL Connector.
Supported database protocol is: `mysql`. For upstream authentication, supported auth types are: `username_password`, and `tls`. When using TLS authentication, the client must provide a username, a password, a client certificate and a client key.
type GoogleCloudSqlUsernameAndPasswordAuthConfiguration ¶
type GoogleCloudSqlUsernameAndPasswordAuthConfiguration struct {
UsernameAndPassword
InstanceId string `json:"instance_id"`
GcpCredentialsJson string `json:"gcp_credentials_json"`
}
GoogleCloudSqlUsernameAndPasswordAuthConfiguration represents auth configuration for Google Cloud SQL databases that use username and password for authentication, and are connected to the upstream using the Cloud SQL Connector. You must provide a username, a password, an Cloud SQL instance ID and Google credentials that are copied from the JSON credentials file.
type HostnameAndPort ¶
HostnameAndPort represents a host and port.
type HttpServiceConfiguration ¶
type HttpServiceConfiguration struct {
HostnameAndPort // inherited
}
HttpServiceConfiguration represents service configuration for http services (fka sockets).
type PrivateKeyAuthConfiguration ¶
type PrivateKeyAuthConfiguration struct {
UsernameProvider string `json:"username_provider,omitempty"`
Username string `json:"username,omitempty"`
PrivateKey string `json:"private_key"`
}
PrivateKeyAuthConfiguration represents authentication configuration for standard ssh services that require a private key for authentication.
type SshServiceConfiguration ¶
type SshServiceConfiguration struct {
SshServiceType string `json:"ssh_service_type"`
// mutually exclusive fields below
StandardSshServiceConfiguration *StandardSshServiceConfiguration `json:"standard_ssh_service_configuration,omitempty"`
AwsSsmSshServiceConfiguration *AwsSsmSshServiceConfiguration `json:"aws_ssm_ssh_service_configuration,omitempty"`
AwsEc2ICSshServiceConfiguration *AwsEc2ICSshServiceConfiguration `json:"aws_ec2ic_ssh_service_configuration,omitempty"`
BuiltInSshServiceConfiguration *BuiltInSshServiceConfiguration `json:"built_in_ssh_service_configuration,omitempty"`
}
SshServiceConfiguration represents service configuration for shell services (fka sockets).
type StandardDatabaseServiceConfiguration ¶
type StandardDatabaseServiceConfiguration struct {
HostnameAndPort
DatabaseProtocol string `json:"protocol"`
AuthenticationType string `json:"authentication_type"`
UsernameAndPasswordAuth *DatabaseUsernameAndPasswordAuthConfiguration `json:"username_and_password_auth_configuration,omitempty"`
TlsAuth *DatabaseTlsAuthConfiguration `json:"tls_auth_configuration,omitempty"`
}
StandardDatabaseServiceConfiguration represents service configuration for self-managed databases. Self-managed databases are databases that are not managed by a cloud provider. For example, a MySQL or PostgreSQL database running on your laptop, or in a VM running in your data center or in the cloud.
Supported database protocols are: `mysql` and `postgres`. For upstream authentication, supported auth types are: `username_and_password` and `tls`.
type StandardSshServiceConfiguration ¶
type StandardSshServiceConfiguration struct {
SshAuthenticationType string `json:"ssh_authentication_type"`
HostnameAndPort // inherited
// mutually exclusive fields below
UsernameAndPasswordAuthConfiguration *UsernameAndPasswordAuthConfiguration `json:"username_and_password_auth_configuration,omitempty"`
PrivateKeyAuthConfiguration *PrivateKeyAuthConfiguration `json:"private_key_auth_configuration,omitempty"`
Border0CertificateAuthConfiguration *Border0CertificateAuthConfiguration `json:"border0_certificate_auth_configuration,omitempty"`
}
StandardSshServiceConfiguration represents service configuration for standard ssh services (fka sockets).
type TlsConfig ¶
type TlsConfig struct {
CaCertificate string `json:"ca_certificate"`
Certificate string `json:"certificate"`
Key string `json:"key"`
}
TlsConfig represents a TLS configuration. Services can use this to configure TLS for securing connections to upstreams.
type TlsServiceConfiguration ¶
type TlsServiceConfiguration struct {
HostnameAndPort // inherited
}
TlsServiceConfiguration represents service configuration for tls services (fka sockets).
type UsernameAndPassword ¶
type UsernameAndPassword struct {
Username string `json:"username"`
Password string `json:"password"`
}
UsernameAndPassword represents a username and password. Used for basic auth, for example, MySQL username and password in a database upstream configuration.
type UsernameAndPasswordAuthConfiguration ¶
type UsernameAndPasswordAuthConfiguration struct {
UsernameProvider string `json:"username_provider,omitempty"`
Username string `json:"username,omitempty"`
Password string `json:"password"`
}
UsernameAndPasswordAuthConfiguration represents authentication configuration for standard ssh services that require a username and password for authentication.
Source Files