Documentation ¶
Index ¶
- Constants
- func DerivedRolesFQN(roleSetName string) string
- func DerivedRolesSimpleName(fqn string) string
- func FQN(p *policyv1.Policy) string
- func FQNFromPolicyKey(s string) string
- func FQNTree(p *policyv1.Policy) []string
- func PolicyKey(p *policyv1.Policy) string
- func PolicyKeyFromFQN(m string) string
- func PrincipalPolicyFQN(principal, version, scope string) string
- func PrincipalResourceActionRuleName(rule *policyv1.PrincipalRule_Action, resource string, idx int) string
- func ResourcePolicyFQN(resource, version, scope string) string
- func ResourceRuleName(rule *policyv1.ResourceRule, idx int) string
- func Sanitize(v string) string
- type ModuleID
- type PolicyCoords
Constants ¶
const ( DerivedRolesPrefix = fqnPrefix + "derived_roles" PrincipalPoliciesPrefix = fqnPrefix + "principal" ResourcePoliciesPrefix = fqnPrefix + "resource" DefaultVersion = "default" )
Variables ¶
This section is empty.
Functions ¶
func DerivedRolesFQN ¶ added in v0.9.0
DerivedRolesFQN returns the fully-qualified module name for the given derived roles set.
func DerivedRolesSimpleName ¶
DerivedRolesSimpleName extracts the simple name from a derived roles FQN.
func FQNFromPolicyKey ¶ added in v0.12.0
FQNFromPolicyKey returns FQN from the policy key.
func FQNTree ¶ added in v0.13.0
FQNTree returns the tree of FQNs that are ancestors of the given policy (including itself) sorted by most recent to oldest. For example, if the policy has scope a.b.c, the returned tree will contain the FQNs in the following order: - a.b.c - a.b - a - "" (empty scope).
func PolicyKey ¶
PolicyKey returns a human-friendly identifier that can be used to refer to the policy in logs and other outputs.
func PolicyKeyFromFQN ¶ added in v0.9.0
PolicyKeyFromFQN returns a policy key from the module name.
func PrincipalPolicyFQN ¶ added in v0.9.0
PrincipalPolicyFQN returns the fully-qualified module name for the principal policy with given principal, version and scope.
func PrincipalResourceActionRuleName ¶ added in v0.9.0
func PrincipalResourceActionRuleName(rule *policyv1.PrincipalRule_Action, resource string, idx int) string
PrincipalResourceActionRuleName returns the name for an action rule defined for a particular resource.
func ResourcePolicyFQN ¶ added in v0.9.0
ResourcePolicyFQN returns the fully-qualified name for the resource policy with given resource, version and scope.
func ResourceRuleName ¶ added in v0.9.0
func ResourceRuleName(rule *policyv1.ResourceRule, idx int) string
ResourceRuleName returns the name of the given resource rule.
Types ¶
type ModuleID ¶
type ModuleID struct {
// contains filtered or unexported fields
}
ModuleID is a unique identifier for modules.
func DerivedRolesModuleID ¶
DerivedRolesModuleID returns the module ID for the given derived roles set.
func GenModuleID ¶
GenModuleID generates a short ID for the module.
func GenModuleIDFromFQN ¶ added in v0.9.0
GenModuleIDFromFQN generates a short ID for the given module name.
func PrincipalPolicyModuleID ¶
PrincipalPolicyModuleID returns the module ID for the principal policy with given principal and version.
func ResourcePolicyModuleID ¶
ResourcePolicyModuleID returns the module ID for the resource policy with given resource, version and scope.
type PolicyCoords ¶ added in v0.13.0
func PolicyCoordsFromPolicyKey ¶ added in v0.13.0
func PolicyCoordsFromPolicyKey(key string) (PolicyCoords, error)
func (PolicyCoords) FQN ¶ added in v0.13.0
func (pc PolicyCoords) FQN() string
func (PolicyCoords) ModuleID ¶ added in v0.13.0
func (pc PolicyCoords) ModuleID() ModuleID
func (PolicyCoords) PolicyKey ¶ added in v0.13.0
func (pc PolicyCoords) PolicyKey() string