policy

package
v0.44.0-rc.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Sep 1, 2023 License: Apache-2.0 Imports: 3 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func ArePoliciesEqal 

func ArePoliciesEqal(a, b *Policy) (equal bool, diff string)

ArePoliciesEqal determines if the two Policy objects can be considered equal.

Types

type ConditionMap 

type ConditionMap map[string]ConditionSettings

ConditionMap is map with the operator as key and the setting as values. See https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition.html for details.

type ConditionSettings 

type ConditionSettings map[string]any

ConditionSettings is a map of keys and values. Depending on the type of operation, the values can strings, integers, bools or lists of strings.

func (*ConditionSettings) UnmarshalJSON 

func (m *ConditionSettings) UnmarshalJSON(data []byte) error

UnmarshalJSON unmarshals data into m.

type Policy 

type Policy struct {
	// Version is the current IAM policy version
	Version string `json:"Version"`

	// ID is the policy's optional identifier
	ID string `json:"Id,omitempty"`

	// Statements is the list of statement this policy applies.
	Statements StatementList `json:"Statement,omitempty"`
}

Policy represents an AWS IAM policy.

func ParsePolicyBytes 

func ParsePolicyBytes(raw []byte) (Policy, error)

ParsePolicyBytes from a byte array representing a raw JSOn string.

func ParsePolicyObject 

func ParsePolicyObject(obj any) (Policy, error)

ParsePolicyObject parses a policy from an object (i.e. an API struct) which can be marshalled into JSON.

func ParsePolicyString 

func ParsePolicyString(raw string) (Policy, error)

ParsePolicyString from a raw JSON string.

type Principal 

type Principal struct {
	// This flag indicates if the policy should be made available
	// to all anonymous users. Also known as "*".
	// +optional
	AllowAnon bool `json:"-"`

	// This list contains the all of the AWS IAM users which are affected
	// by the policy statement.
	// +optional
	AWSPrincipals StringOrArray `json:"AWS,omitempty"`

	// This string contains the identifier for any federated web identity
	// provider.
	// +optional
	Federated string `json:"Federated,omitempty"`

	// Service define the services which can have access to this bucket
	// +optional
	Service StringOrArray `json:"Service,omitempty"`
}

Principal defines the principal users affected by the PolicyStatement Please see the AWS S3 docs for more information https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_principal.html

func (*Principal) UnmarshalJSON 

func (p *Principal) UnmarshalJSON(data []byte) error

UnmarshalJSON unmarshals data into p.

type Statement 

type Statement struct {
	// Optional identifier for this statement, must be unique within the
	// policy if provided.
	SID string `json:"Sid,omitempty"`

	// The effect is required and specifies whether the statement results
	// in an allow or an explicit deny.
	// Valid values for Effect are "Allow" and "Deny".
	Effect StatementEffect `json:"Effect"`

	// Used with the policy to specify the principal that is allowed
	// or denied access to a resource.
	Principal *Principal `json:"Principal,omitempty"`

	// Used with the S3 policy to specify the users which are not included
	// in this policy
	NotPrincipal *Principal `json:"NotPrincipal,omitempty"`

	// Action specifies the action or actions that will be allowed or denied
	// with this Statement.
	Action StringOrArray `json:"Action,omitempty"`

	// NotAction specifies each element that will allow the property to match
	// all but the listed actions.
	NotAction StringOrArray `json:"NotAction,omitempty"`

	// Resource specifies paths on which this statement will apply.
	Resource StringOrArray `json:"Resource,omitempty"`

	// NotResource explicitly specifies all resource paths that are defined in
	// this array.
	NotResource StringOrArray `json:"NotResource,omitempty"`

	// Condition specifies where conditions for policy are in effect.
	// https://docs.aws.amazon.com/AmazonS3/latest/dev/amazon-s3-policy-keys.html
	Condition ConditionMap `json:"Condition,omitempty"`
}

Statement defines an individual statement within the policy.

type StatementEffect 

type StatementEffect string

StatementEffect specifies the effect of a policy statement. 

const (
	StatementEffectAllow StatementEffect = "Allow"
	StatementEffectDeny  StatementEffect = "Deny"
)

Statement effect values.

type StatementList 

type StatementList []Statement

StatementList is a list of statements. It implements a custom marshaller to support parsing from a single, non-list statement.

func (*StatementList) UnmarshalJSON 

func (s *StatementList) UnmarshalJSON(data []byte) error

UnmarshalJSON unmarshals data into s.

type StringOrArray 

type StringOrArray []string

StringOrArray is a string array that supports parsing from a single string as a single entry array.

func (*StringOrArray) UnmarshalJSON 

func (s *StringOrArray) UnmarshalJSON(data []byte) error

UnmarshalJSON unmarshals data into s.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.