Documentation ¶
Overview ¶
Package iambuilder exposes a fluent IAM privilege builder
Index ¶
- type IAMPrivilegeBuilder
- func (iamRes *IAMPrivilegeBuilder) AccountID(delimiter ...string) *IAMPrivilegeBuilder
- func (iamRes *IAMPrivilegeBuilder) Attr(resName string, propName string, delimiter ...string) *IAMPrivilegeBuilder
- func (iamRes *IAMPrivilegeBuilder) Literal(arnPart string) *IAMPrivilegeBuilder
- func (iamRes *IAMPrivilegeBuilder) NotificationARNS(delimiter ...string) *IAMPrivilegeBuilder
- func (iamRes *IAMPrivilegeBuilder) Partition(delimiter ...string) *IAMPrivilegeBuilder
- func (iamRes *IAMPrivilegeBuilder) Ref(resName string, delimiter ...string) *IAMPrivilegeBuilder
- func (iamRes *IAMPrivilegeBuilder) Region(delimiter ...string) *IAMPrivilegeBuilder
- func (iamRes *IAMPrivilegeBuilder) StackID(delimiter ...string) *IAMPrivilegeBuilder
- func (iamRes *IAMPrivilegeBuilder) StackName(delimiter ...string) *IAMPrivilegeBuilder
- func (iamRes *IAMPrivilegeBuilder) ToPolicyStatement() spartaIAM.PolicyStatement
- func (iamRes *IAMPrivilegeBuilder) ToPrivilege() sparta.IAMRolePrivilege
- func (iamRes *IAMPrivilegeBuilder) URLSuffix(delimiter ...string) *IAMPrivilegeBuilder
- type IAMResourceBuilder
Examples ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type IAMPrivilegeBuilder ¶
type IAMPrivilegeBuilder struct {
// contains filtered or unexported fields
}
IAMPrivilegeBuilder encapsulates the IAM builder
func (*IAMPrivilegeBuilder) AccountID ¶
func (iamRes *IAMPrivilegeBuilder) AccountID(delimiter ...string) *IAMPrivilegeBuilder
AccountID inserts the AWS::AccountId pseudo param into the privilege
func (*IAMPrivilegeBuilder) Attr ¶
func (iamRes *IAMPrivilegeBuilder) Attr(resName string, propName string, delimiter ...string) *IAMPrivilegeBuilder
Attr inserts a go-cloudformation GetAtt entry
func (*IAMPrivilegeBuilder) Literal ¶
func (iamRes *IAMPrivilegeBuilder) Literal(arnPart string) *IAMPrivilegeBuilder
Literal inserts a string literal into the ARN being constructed
func (*IAMPrivilegeBuilder) NotificationARNS ¶
func (iamRes *IAMPrivilegeBuilder) NotificationARNS(delimiter ...string) *IAMPrivilegeBuilder
NotificationARNS inserts the AWS::NotificationARNs pseudo param into the privilege
func (*IAMPrivilegeBuilder) Partition ¶
func (iamRes *IAMPrivilegeBuilder) Partition(delimiter ...string) *IAMPrivilegeBuilder
Partition inserts the AWS::Partition pseudo param into the privilege
func (*IAMPrivilegeBuilder) Ref ¶
func (iamRes *IAMPrivilegeBuilder) Ref(resName string, delimiter ...string) *IAMPrivilegeBuilder
Ref inserts a go-cloudformation Ref entry
func (*IAMPrivilegeBuilder) Region ¶
func (iamRes *IAMPrivilegeBuilder) Region(delimiter ...string) *IAMPrivilegeBuilder
Region inserts the AWS::Region pseudo param into the privilege
func (*IAMPrivilegeBuilder) StackID ¶
func (iamRes *IAMPrivilegeBuilder) StackID(delimiter ...string) *IAMPrivilegeBuilder
StackID inserts the AWS::StackID pseudo param into the privilege
func (*IAMPrivilegeBuilder) StackName ¶
func (iamRes *IAMPrivilegeBuilder) StackName(delimiter ...string) *IAMPrivilegeBuilder
StackName inserts the AWS::StackName pseudo param into the privilege
func (*IAMPrivilegeBuilder) ToPolicyStatement ¶
func (iamRes *IAMPrivilegeBuilder) ToPolicyStatement() spartaIAM.PolicyStatement
ToPolicyStatement finalizes the builder and returns a spartaIAM.PolicyStatements
func (*IAMPrivilegeBuilder) ToPrivilege ¶
func (iamRes *IAMPrivilegeBuilder) ToPrivilege() sparta.IAMRolePrivilege
ToPrivilege returns a legacy sparta.IAMRolePrivilege type for this entry
func (*IAMPrivilegeBuilder) URLSuffix ¶
func (iamRes *IAMPrivilegeBuilder) URLSuffix(delimiter ...string) *IAMPrivilegeBuilder
URLSuffix inserts the AWS::URLSuffix pseudo param into the privilege
type IAMResourceBuilder ¶
type IAMResourceBuilder struct {
// contains filtered or unexported fields
}
IAMResourceBuilder is the intermediate type that creates the Resource to which the privilege applies
Example (Lambdaarn) ¶
Allow("s3:GetObject").ForResource(). Literal("arn:aws:s3:::"). Ref("MyDynamicS3Bucket"). Literal("/*"). ToPrivilege()
Output:
Example (S3) ¶
Allow("s3:GetObject").ForResource(). Literal("arn:aws:s3:::"). Ref("MyDynamicS3Bucket"). Literal("/*"). ToPrivilege()
Output:
Example (Ssm) ¶
Allow("ssm:GetParameter").ForResource(). Literal("arn:aws:ssm:"). Region(":"). AccountID(":"). Literal("parameter/SpartaHelloWorld-Discovery"). ToPrivilege()
Output:
func Allow ¶
func Allow(apiCalls ...string) *IAMResourceBuilder
Allow creates a IAMPrivilegeBuilder instance for the supplied API calls
func (*IAMResourceBuilder) ForResource ¶
func (iamRes *IAMResourceBuilder) ForResource() *IAMPrivilegeBuilder
ForResource returns the IAMPrivilegeBuilder instance which can be finalized into an IAMRolePrivilege