client

package
v1.51.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 13, 2023 License: Apache-2.0, MIT Imports: 37 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func IsAlreadyAssociatedError added in v1.44.0 

func IsAlreadyAssociatedError(err error) bool

IsAlreadyAssociatedError returns true if the given error is a awserr.Error indicating that an AWS resource was already associated.

func IsNoSuchHostedZoneError added in v1.28.0 

func IsNoSuchHostedZoneError(err error) bool

IsNoSuchHostedZoneError returns true if the error indicates a non-existing route53 hosted zone.

func IsNotFoundError added in v1.29.0 

func IsNotFoundError(err error) bool

IsNotFoundError returns true if the given error is a awserr.Error indicating that an AWS resource was not found.

func IsNotPermittedInZoneError added in v1.28.0 

func IsNotPermittedInZoneError(err error) bool

IsNotPermittedInZoneError returns true if the error indicates that the DNS name is not permitted in the route53 hosted zone.

func IsThrottlingError added in v1.33.0 

func IsThrottlingError(err error) bool

IsThrottlingError returns true if the error is a throttling error.

Types

type Client 

type Client struct {
	EC2                           ec2iface.EC2API
	STS                           stsiface.STSAPI
	IAM                           iamiface.IAMAPI
	S3                            s3iface.S3API
	ELB                           elbiface.ELBAPI
	ELBv2                         elbv2iface.ELBV2API
	Route53                       route53iface.Route53API
	Route53RateLimiter            *rate.Limiter
	Route53RateLimiterWaitTimeout time.Duration
	Logger                        logr.Logger
	PollInterval                  time.Duration
}

Client is a struct containing several clients for the different AWS services it needs to interact with. * EC2 is the standard client for the EC2 service. * STS is the standard client for the STS service. * IAM is the standard client for the IAM service. * S3 is the standard client for the S3 service. * ELB is the standard client for the ELB service. * ELBv2 is the standard client for the ELBv2 service. * Route53 is the standard client for the Route53 service.

func NewClient 

func NewClient(accessKeyID, secretAccessKey, region string) (*Client, error)

NewClient creates a new Client for the given AWS credentials <accessKeyID>, <secretAccessKey>, and the AWS region <region>. It initializes the clients for the various services like EC2, ELB, etc.

func (*Client) AddRoleToIAMInstanceProfile added in v1.44.0 

func (c *Client) AddRoleToIAMInstanceProfile(ctx context.Context, profileName, roleName string) error

AddRoleToIAMInstanceProfile adds a role to an instance profile.

func (*Client) AddVpcDhcpOptionAssociation added in v1.44.0 

func (c *Client) AddVpcDhcpOptionAssociation(vpcId string, dhcpOptionsId *string) error

AddVpcDhcpOptionAssociation associates existing DHCP options resource to VPC resource, both identified by id.

func (*Client) AttachInternetGateway added in v1.44.0 

func (c *Client) AttachInternetGateway(ctx context.Context, vpcId, internetGatewayId string) error

AttachInternetGateway attaches an internet gateway to a VPC. Returns no error, if the internet gateway is already attached to the VPC.

func (*Client) AuthorizeSecurityGroupRules added in v1.44.0 

func (c *Client) AuthorizeSecurityGroupRules(ctx context.Context, groupId string, rules []*SecurityGroupRule) error

AuthorizeSecurityGroupRules adds security group rules for the security group identified by the groupId.

func (*Client) CheckSubnetIPv6Cidr added in v1.46.0 

func (c *Client) CheckSubnetIPv6Cidr(subnetID string) (bool, error)

CheckSubnetIPv6Cidr checks if the subnet has an IPv6 CIDR block assigned

func (*Client) CheckVpcIPv6Cidr added in v1.46.0 

func (c *Client) CheckVpcIPv6Cidr(vpcID string) (bool, error)

CheckVpcIPv6Cidr checks if the vpc has an IPv6 CIDR block assigned

func (*Client) CreateBucketIfNotExists 

func (c *Client) CreateBucketIfNotExists(ctx context.Context, bucket, region string) error

CreateBucketIfNotExists creates the s3 bucket with name <bucket> in <region>. If it already exists, no error is returned.

func (*Client) CreateDNSHostedZone added in v1.27.0 

func (c *Client) CreateDNSHostedZone(ctx context.Context, name, comment string) (string, error)

CreateDNSHostedZone creates the DNS hosted zone with the given name and comment, and returns the ID of the newly created zone.

func (*Client) CreateEC2Tags added in v1.44.0 

func (c *Client) CreateEC2Tags(ctx context.Context, resources []string, tags Tags) error

CreateEC2Tags creates the tags for the given EC2 resource identifiers

func (*Client) CreateElasticIP added in v1.44.0 

func (c *Client) CreateElasticIP(ctx context.Context, eip *ElasticIP) (*ElasticIP, error)

CreateElasticIP creates an EC2 elastip IP resource.

func (*Client) CreateIAMInstanceProfile added in v1.44.0 

func (c *Client) CreateIAMInstanceProfile(ctx context.Context, profile *IAMInstanceProfile) (*IAMInstanceProfile, error)

CreateIAMInstanceProfile creates an IAM instance profile.

func (*Client) CreateIAMRole added in v1.44.0 

func (c *Client) CreateIAMRole(ctx context.Context, role *IAMRole) (*IAMRole, error)

CreateIAMRole creates an IAM role resource.

func (*Client) CreateInternetGateway added in v1.44.0 

func (c *Client) CreateInternetGateway(ctx context.Context, gateway *InternetGateway) (*InternetGateway, error)

CreateInternetGateway creates an internet gateway.

func (*Client) CreateNATGateway added in v1.44.0 

func (c *Client) CreateNATGateway(ctx context.Context, gateway *NATGateway) (*NATGateway, error)

CreateNATGateway creates an EC2 NAT gateway resource. The method does NOT wait until the NAT gateway is available.

func (*Client) CreateOrUpdateDNSRecordSet added in v1.27.0 

func (c *Client) CreateOrUpdateDNSRecordSet(ctx context.Context, zoneId, name, recordType string, values []string, ttl int64) error

CreateOrUpdateDNSRecordSet creates or updates the DNS recordset in the DNS hosted zone with the given zone ID, with the given name, type, values, and TTL.

func (*Client) CreateRoute added in v1.44.0 

func (c *Client) CreateRoute(ctx context.Context, routeTableId string, route *Route) error

CreateRoute creates a route for the given route table.

func (*Client) CreateRouteTable added in v1.44.0 

func (c *Client) CreateRouteTable(ctx context.Context, routeTable *RouteTable) (*RouteTable, error)

CreateRouteTable creates an EC2 route table resource. Routes specified in the input object are ignored.

func (*Client) CreateRouteTableAssociation added in v1.44.0 

func (c *Client) CreateRouteTableAssociation(ctx context.Context, routeTableId, subnetId string) (*string, error)

CreateRouteTableAssociation associates a route table with a subnet. Returns association id and error.

func (*Client) CreateSecurityGroup added in v1.44.0 

func (c *Client) CreateSecurityGroup(ctx context.Context, sg *SecurityGroup) (*SecurityGroup, error)

CreateSecurityGroup creates a security group. Note that the rules of the input object are ignored. Use the AuthorizeSecurityGroupRules method to add rules.

func (*Client) CreateSubnet added in v1.44.0 

func (c *Client) CreateSubnet(ctx context.Context, subnet *Subnet) (*Subnet, error)

CreateSubnet creates an EC2 subnet resource.

func (*Client) CreateVpc added in v1.44.0 

func (c *Client) CreateVpc(ctx context.Context, desired *VPC) (*VPC, error)

CreateVpc creates a VPC resource.

func (*Client) CreateVpcDhcpOptions added in v1.44.0 

func (c *Client) CreateVpcDhcpOptions(ctx context.Context, options *DhcpOptions) (*DhcpOptions, error)

CreateVpcDhcpOptions creates a DHCP option resource.

func (*Client) CreateVpcEndpoint added in v1.44.0 

func (c *Client) CreateVpcEndpoint(ctx context.Context, endpoint *VpcEndpoint) (*VpcEndpoint, error)

CreateVpcEndpoint creates an EC2 VPC endpoint resource.

func (*Client) CreateVpcEndpointRouteTableAssociation added in v1.44.0 

func (c *Client) CreateVpcEndpointRouteTableAssociation(ctx context.Context, routeTableId, vpcEndpointId string) error

CreateVpcEndpointRouteTableAssociation creates a route for a VPC endpoint. Itempotent, i.e. does nothing if the route is already existing.

func (*Client) DeleteBucketIfExists 

func (c *Client) DeleteBucketIfExists(ctx context.Context, bucket string) error

DeleteBucketIfExists deletes the s3 bucket with name <bucket>. If it does not exist, no error is returned.

func (*Client) DeleteDNSHostedZone added in v1.27.0 

func (c *Client) DeleteDNSHostedZone(ctx context.Context, zoneId string) error

DeleteDNSHostedZone deletes the DNS hosted zone with the given ID.

func (*Client) DeleteDNSRecordSet added in v1.27.0 

func (c *Client) DeleteDNSRecordSet(ctx context.Context, zoneId, name, recordType string, values []string, ttl int64) error

DeleteDNSRecordSet deletes the DNS recordset in the DNS hosted zone with the given zone ID, with the given name, type, values, and TTL. If values is empty and TTL is 0, the actual state will be determined by reading the recordset from the zone. Otherwise, an attempt will be made to delete the recordset with the given values / TTL. If this results in a "values do not match" error, the actual state will again be determined by reading the recordset from the zone, and a second attempt to delete it will be made. The idea is to ensure a consistent and foolproof behavior while sending as few requests as possible to avoid rate limit issues.

func (*Client) DeleteEC2Tags added in v1.44.0 

func (c *Client) DeleteEC2Tags(ctx context.Context, resources []string, tags Tags) error

DeleteEC2Tags deletes the tags for the given EC2 resource identifiers

func (*Client) DeleteELB 

func (c *Client) DeleteELB(ctx context.Context, name string) error

DeleteELB deletes the loadbalancer with the specific <name>. If it does not exist, no error is returned.

func (*Client) DeleteELBV2 

func (c *Client) DeleteELBV2(ctx context.Context, arn string) error

DeleteELBV2 deletes the loadbalancer (NLB or ALB) as well as its target groups with its Amazon Resource Name (ARN). If it does not exist, no error is returned.

func (*Client) DeleteElasticIP added in v1.44.0 

func (c *Client) DeleteElasticIP(ctx context.Context, id string) error

DeleteElasticIP deletes an elastic IP resource by identifier. Returns nil if the resource is not found.

func (*Client) DeleteIAMInstanceProfile added in v1.44.0 

func (c *Client) DeleteIAMInstanceProfile(ctx context.Context, profileName string) error

DeleteIAMInstanceProfile deletes an IAM instance profile by profile name. Returns nil if the resource is not found.

func (*Client) DeleteIAMRole added in v1.44.0 

func (c *Client) DeleteIAMRole(ctx context.Context, roleName string) error

DeleteIAMRole deletes an IAM role by role name. Returns nil if the resource is not found.

func (*Client) DeleteIAMRolePolicy added in v1.44.0 

func (c *Client) DeleteIAMRolePolicy(ctx context.Context, policyName, roleName string) error

DeleteIAMRolePolicy deletes an IAM role policy by policy name and role name. Returns nil if the resource is not found.

func (*Client) DeleteInternetGateway added in v1.44.0 

func (c *Client) DeleteInternetGateway(ctx context.Context, id string) error

DeleteInternetGateway deletes an internet gateway resource. Returns nil, if the resource is not found.

func (*Client) DeleteKeyPair added in v1.44.0 

func (c *Client) DeleteKeyPair(ctx context.Context, keyName string) error

DeleteKeyPair deletes an EC2 key pair given by the key name. Returns nil if resource is not found.

func (*Client) DeleteNATGateway added in v1.44.0 

func (c *Client) DeleteNATGateway(ctx context.Context, id string) error

DeleteNATGateway deletes a NAT gateway by identifier. Returns nil if the resource is not found.

func (*Client) DeleteObjectsWithPrefix 

func (c *Client) DeleteObjectsWithPrefix(ctx context.Context, bucket, prefix string) error

DeleteObjectsWithPrefix deletes the s3 objects with the specific <prefix> from <bucket>. If it does not exist, no error is returned.

func (*Client) DeleteRoute added in v1.44.0 

func (c *Client) DeleteRoute(ctx context.Context, routeTableId string, route *Route) error

DeleteRoute deletes a route from the given route table.

func (*Client) DeleteRouteTable added in v1.44.0 

func (c *Client) DeleteRouteTable(ctx context.Context, id string) error

DeleteRouteTable delete a route table by identifier. Returns nil if the resource is not found.

func (*Client) DeleteRouteTableAssociation added in v1.44.0 

func (c *Client) DeleteRouteTableAssociation(ctx context.Context, associationId string) error

DeleteRouteTableAssociation deletes the route table association by the assocation identifier. Returns nil if the resource is not found.

func (*Client) DeleteSecurityGroup 

func (c *Client) DeleteSecurityGroup(ctx context.Context, id string) error

DeleteSecurityGroup deletes a security group resource by identifier. Returns nil, if the resource is not found.

func (*Client) DeleteSubnet added in v1.44.0 

func (c *Client) DeleteSubnet(ctx context.Context, id string) error

DeleteSubnet delete a subnet by identifier. Returns nil if the resource is not found.

func (*Client) DeleteVpc added in v1.44.0 

func (c *Client) DeleteVpc(ctx context.Context, id string) error

DeleteVpc deletes a VPC resource by identifier. Returns nil, if the resource is not found.

func (*Client) DeleteVpcDhcpOptions added in v1.44.0 

func (c *Client) DeleteVpcDhcpOptions(ctx context.Context, id string) error

DeleteVpcDhcpOptions deletes a DHCP option resource by identifier. Returns nil, if the resource is not found.

func (*Client) DeleteVpcEndpoint added in v1.44.0 

func (c *Client) DeleteVpcEndpoint(ctx context.Context, id string) error

DeleteVpcEndpoint deletes a VPC endpoint by id. Returns nil if resource is not found.

func (*Client) DeleteVpcEndpointRouteTableAssociation added in v1.44.0 

func (c *Client) DeleteVpcEndpointRouteTableAssociation(ctx context.Context, routeTableId, vpcEndpointId string) error

DeleteVpcEndpointRouteTableAssociation deletes the route to a VPC endpoint Returns nil not found

func (*Client) DetachInternetGateway added in v1.44.0 

func (c *Client) DetachInternetGateway(ctx context.Context, vpcId, internetGatewayId string) error

DetachInternetGateway detaches an internet gateway to a VPC. Returns no error, if the internet gateway is already detached.

func (*Client) FindDefaultSecurityGroupByVpcId added in v1.44.0 

func (c *Client) FindDefaultSecurityGroupByVpcId(ctx context.Context, vpcId string) (*SecurityGroup, error)

FindDefaultSecurityGroupByVpcId finds the default security group for the given VPC identifier.

func (*Client) FindElasticIPsByTags added in v1.44.0 

func (c *Client) FindElasticIPsByTags(ctx context.Context, tags Tags) ([]*ElasticIP, error)

FindElasticIPsByTags finds elastic IP resources matching the given tag map.

func (*Client) FindInternetGatewayByVPC added in v1.44.0 

func (c *Client) FindInternetGatewayByVPC(ctx context.Context, vpcId string) (*InternetGateway, error)

FindInternetGatewayByVPC finds an internet gateway resource attached to the given VPC.

func (*Client) FindInternetGatewaysByTags added in v1.44.0 

func (c *Client) FindInternetGatewaysByTags(ctx context.Context, tags Tags) ([]*InternetGateway, error)

FindInternetGatewaysByTags finds internet gateway resources matching the given tag map.

func (*Client) FindKeyPairsByTags added in v1.44.0 

func (c *Client) FindKeyPairsByTags(ctx context.Context, tags Tags) ([]*KeyPairInfo, error)

FindKeyPairsByTags finds EC key pair resources matching the given tag map.

func (*Client) FindNATGatewaysByTags added in v1.44.0 

func (c *Client) FindNATGatewaysByTags(ctx context.Context, tags Tags) ([]*NATGateway, error)

FindNATGatewaysByTags finds NAT gateway resources matching the given tag map.

func (*Client) FindRouteTablesByTags added in v1.44.0 

func (c *Client) FindRouteTablesByTags(ctx context.Context, tags Tags) ([]*RouteTable, error)

FindRouteTablesByTags finds routing table resources matching the given tag map.

func (*Client) FindSecurityGroupsByTags added in v1.44.0 

func (c *Client) FindSecurityGroupsByTags(ctx context.Context, tags Tags) ([]*SecurityGroup, error)

FindSecurityGroupsByTags finds security group matching the given tag map. Ingress and egress rules are fetched, too.

func (*Client) FindSubnetsByTags added in v1.44.0 

func (c *Client) FindSubnetsByTags(ctx context.Context, tags Tags) ([]*Subnet, error)

FindSubnetsByTags finds subnet resources matching the given tag map.

func (*Client) FindVpcDhcpOptionsByTags added in v1.44.0 

func (c *Client) FindVpcDhcpOptionsByTags(ctx context.Context, tags Tags) ([]*DhcpOptions, error)

FindVpcDhcpOptionsByTags finds DHCP option resources matching the given tag map.

func (*Client) FindVpcEndpointsByTags added in v1.44.0 

func (c *Client) FindVpcEndpointsByTags(ctx context.Context, tags Tags) ([]*VpcEndpoint, error)

FindVpcEndpointsByTags finds VPC endpoint resources matching the given tag map.

func (*Client) FindVpcsByTags added in v1.44.0 

func (c *Client) FindVpcsByTags(ctx context.Context, tags Tags) ([]*VPC, error)

FindVpcsByTags finds VPC resources matching the given tag map.

func (*Client) GetAccountID 

func (c *Client) GetAccountID(ctx context.Context) (string, error)

GetAccountID returns the ID of the AWS account the Client is interacting with.

func (*Client) GetDHCPOptions added in v1.41.0 

func (c *Client) GetDHCPOptions(ctx context.Context, vpcID string) (map[string]string, error)

GetDHCPOptions returns DHCP options for the specified VPC ID.

func (*Client) GetDNSHostedZones added in v1.27.0 

func (c *Client) GetDNSHostedZones(ctx context.Context) (map[string]string, error)

GetDNSHostedZones returns a map of all DNS hosted zone names mapped to their IDs.

func (*Client) GetDNSRecordSet added in v1.27.0 

func (c *Client) GetDNSRecordSet(ctx context.Context, zoneId, name, recordType string) (*route53.ResourceRecordSet, error)

GetDNSRecordSet returns the DNS recordset in the DNS hosted zone with the given zone ID, and with the given name and type.

func (*Client) GetElasticIP added in v1.44.0 

func (c *Client) GetElasticIP(ctx context.Context, id string) (*ElasticIP, error)

GetElasticIP gets an elastic IP resource by identifier.

func (*Client) GetElasticIPsAssociationIDForAllocationIDs added in v1.31.0 

func (c *Client) GetElasticIPsAssociationIDForAllocationIDs(ctx context.Context, allocationIDs []string) (map[string]*string, error)

GetElasticIPsAssociationIDForAllocationIDs list existing elastic IP addresses for the given allocationIDs. returns a map[elasticIPAllocationID]elasticIPAssociationID or an error

func (*Client) GetIAMInstanceProfile added in v1.44.0 

func (c *Client) GetIAMInstanceProfile(ctx context.Context, profileName string) (*IAMInstanceProfile, error)

GetIAMInstanceProfile gets an IAM instance profile by profile name.

func (*Client) GetIAMRole added in v1.44.0 

func (c *Client) GetIAMRole(ctx context.Context, roleName string) (*IAMRole, error)

GetIAMRole gets an IAM role by role name.

func (*Client) GetIAMRolePolicy added in v1.44.0 

func (c *Client) GetIAMRolePolicy(ctx context.Context, policyName, roleName string) (*IAMRolePolicy, error)

GetIAMRolePolicy gets an IAM role policy by policy name and role name.

func (*Client) GetInternetGateway 

func (c *Client) GetInternetGateway(ctx context.Context, id string) (*InternetGateway, error)

GetInternetGateway gets an internet gateway resource by identifier.

func (*Client) GetKeyPair added in v1.44.0 

func (c *Client) GetKeyPair(ctx context.Context, keyName string) (*KeyPairInfo, error)

GetKeyPair gets a EC2 key pair by its key name.

func (*Client) GetNATGateway added in v1.44.0 

func (c *Client) GetNATGateway(ctx context.Context, id string) (*NATGateway, error)

GetNATGateway gets an NAT gateway by identifier. If the resource is not found or in state "deleted", nil is returned

func (*Client) GetNATGatewayAddressAllocations added in v1.31.0 

func (c *Client) GetNATGatewayAddressAllocations(ctx context.Context, shootNamespace string) (sets.Set[string], error)

GetNATGatewayAddressAllocations get the allocation IDs for the NAT Gateway addresses for each existing NAT Gateway in the vpc returns a slice of allocation IDs or an error

func (*Client) GetRouteTable added in v1.44.0 

func (c *Client) GetRouteTable(ctx context.Context, id string) (*RouteTable, error)

GetRouteTable gets a route table by the identifier.

func (*Client) GetSecurityGroup added in v1.44.0 

func (c *Client) GetSecurityGroup(ctx context.Context, id string) (*SecurityGroup, error)

GetSecurityGroup gets a security group by identifier. Ingress and egress rules are fetched, too.

func (*Client) GetSubnets added in v1.44.0 

func (c *Client) GetSubnets(ctx context.Context, ids []string) ([]*Subnet, error)

GetSubnets gets subnets for the given identifiers. Non-existing identifiers are ignored silently.

func (*Client) GetVPCAttribute added in v1.29.0 

func (c *Client) GetVPCAttribute(ctx context.Context, vpcID string, attribute string) (bool, error)

GetVPCAttribute returns the value of the specified VPC attribute.

func (*Client) GetVPCInternetGateway added in v1.29.0 

func (c *Client) GetVPCInternetGateway(ctx context.Context, vpcID string) (string, error)

GetVPCInternetGateway returns the ID of the internet gateway attached to the given VPC <vpcID>. If there is no internet gateway attached, the returned string will be empty.

func (*Client) GetVpc added in v1.44.0 

func (c *Client) GetVpc(ctx context.Context, id string) (*VPC, error)

GetVpc gets a VPC resource by identifier. Returns nil, if the resource is not found.

func (*Client) GetVpcDhcpOptions added in v1.44.0 

func (c *Client) GetVpcDhcpOptions(ctx context.Context, id string) (*DhcpOptions, error)

GetVpcDhcpOptions gets a DHCP option resource by identifier.

func (*Client) GetVpcEndpoints added in v1.44.0 

func (c *Client) GetVpcEndpoints(ctx context.Context, ids []string) ([]*VpcEndpoint, error)

GetVpcEndpoints gets VPC endpoint resources by identifiers. Non-existing identifiers are silently ignored.

func (*Client) ImportKeyPair added in v1.44.0 

func (c *Client) ImportKeyPair(ctx context.Context, keyName string, publicKey []byte, tags Tags) (*KeyPairInfo, error)

ImportKeyPair creates a EC2 key pair.

func (*Client) ListKubernetesELBs 

func (c *Client) ListKubernetesELBs(ctx context.Context, vpcID, clusterName string) ([]string, error)

ListKubernetesELBs returns the list of ELB loadbalancers in the given <vpcID> tagged with <clusterName>.

func (*Client) ListKubernetesELBsV2 

func (c *Client) ListKubernetesELBsV2(ctx context.Context, vpcID, clusterName string) ([]string, error)

ListKubernetesELBsV2 returns the list of ELBv2 loadbalancers in the given <vpcID> tagged with <clusterName>.

func (*Client) ListKubernetesSecurityGroups 

func (c *Client) ListKubernetesSecurityGroups(ctx context.Context, vpcID, clusterName string) ([]string, error)

ListKubernetesSecurityGroups returns the list of security groups in the given <vpcID> tagged with <clusterName>.

func (*Client) PollImmediateUntil added in v1.44.0 

func (c *Client) PollImmediateUntil(ctx context.Context, condition wait.ConditionWithContextFunc) error

PollImmediateUntil runs the 'condition' before waiting for the interval. 'condition' will always be invoked at least once.

func (*Client) PollUntil added in v1.44.0 

func (c *Client) PollUntil(ctx context.Context, condition wait.ConditionWithContextFunc) error

PollUntil tries a condition func until it returns true, an error or the specified context is cancelled or expired.

func (*Client) PutIAMRolePolicy added in v1.44.0 

func (c *Client) PutIAMRolePolicy(ctx context.Context, policy *IAMRolePolicy) error

PutIAMRolePolicy creates or updates an IAM role policy.

func (*Client) RemoveRoleFromIAMInstanceProfile added in v1.44.0 

func (c *Client) RemoveRoleFromIAMInstanceProfile(ctx context.Context, profileName, roleName string) error

RemoveRoleFromIAMInstanceProfile removes a role from an instance profile.

func (*Client) RevokeSecurityGroupRules added in v1.44.0 

func (c *Client) RevokeSecurityGroupRules(ctx context.Context, groupId string, rules []*SecurityGroupRule) error

RevokeSecurityGroupRules removes security group rules for the security group identified by the groupId.

func (*Client) UpdateAmazonProvidedIPv6CidrBlock added in v1.46.0 

func (c *Client) UpdateAmazonProvidedIPv6CidrBlock(ctx context.Context, desired *VPC, current *VPC) (bool, error)

UpdateAmazonProvidedIPv6CidrBlock sets/updates the amazon provided IPv6 blocks.

func (*Client) UpdateAssumeRolePolicy added in v1.44.0 

func (c *Client) UpdateAssumeRolePolicy(ctx context.Context, roleName, assumeRolePolicy string) error

UpdateAssumeRolePolicy updates the assumeRolePolicy of an IAM role.

func (*Client) UpdateSubnetAttributes added in v1.44.0 

func (c *Client) UpdateSubnetAttributes(ctx context.Context, desired, current *Subnet) (bool, error)

UpdateSubnetAttributes updates attributes of the given subnet

func (*Client) UpdateVpcAttribute added in v1.44.0 

func (c *Client) UpdateVpcAttribute(ctx context.Context, vpcId, attributeName string, value bool) error

UpdateVpcAttribute sets/updates a VPC attribute if needed. Supported attribute names are `enableDnsSupport` (const ec2.VpcAttributeNameEnableDnsSupport) and `enableDnsHostnames` (const ec2.VpcAttributeNameEnableDnsHostnames) and

func (*Client) WaitForIPv6Cidr added in v1.46.0 

func (c *Client) WaitForIPv6Cidr(ctx context.Context, vpcID string) (string, error)

WaitForIPv6Cidr waits for the ipv6 cidr block association

func (*Client) WaitForNATGatewayAvailable added in v1.44.0 

func (c *Client) WaitForNATGatewayAvailable(ctx context.Context, id string) error

WaitForNATGatewayAvailable waits until the NAT gateway has state "available" or the context is cancelled.

type DhcpOptions added in v1.44.0 

type DhcpOptions struct {
	Tags
	DhcpOptionsId      string
	DhcpConfigurations map[string][]string
}

DhcpOptions contains the relevant fields of a EC2 DHCP options resource.

type ElasticIP added in v1.44.0 

type ElasticIP struct {
	Tags
	AllocationId string
	PublicIp     string
	Vpc          bool
}

ElasticIP contains the relevant fields for an EC2 elastic IP resource.

type Factory added in v1.27.0 

type Factory interface {
	// NewClient creates a new instance of Interface for the given AWS credentials and region.
	NewClient(accessKeyID, secretAccessKey, region string) (Interface, error)
}

Factory creates instances of Interface.

func NewRoute53Factory added in v1.30.0 

func NewRoute53Factory(limit rate.Limit, burst int, waitTimeout time.Duration) Factory

NewRoute53Factory creates a new Factory that initializes a route53 rate limiter with the given limit and burst when creating new clients.

type FactoryFunc added in v1.27.0 

type FactoryFunc func(accessKeyID, secretAccessKey, region string) (Interface, error)

FactoryFunc is a function that implements Factory.

func (FactoryFunc) NewClient added in v1.27.0 

func (f FactoryFunc) NewClient(accessKeyID, secretAccessKey, region string) (Interface, error)

NewClient creates a new instance of Interface for the given AWS credentials and region.

type IAMInstanceProfile added in v1.44.0 

type IAMInstanceProfile struct {
	InstanceProfileId   string
	InstanceProfileName string
	Path                string
	RoleName            string
}

IAMInstanceProfile contains the relevant fields for an IAM instance profile resource.

type IAMRole added in v1.44.0 

type IAMRole struct {
	RoleId                   string
	RoleName                 string
	Path                     string
	AssumeRolePolicyDocument string
	ARN                      string
}

IAMRole contains the relevant fields for an IAM role resource.

type IAMRolePolicy added in v1.44.0 

type IAMRolePolicy struct {
	PolicyName     string
	RoleName       string
	PolicyDocument string
}

IAMRolePolicy contains the relevant fields for an IAM role policy resource.

type Interface 

type Interface interface {
	GetAccountID(ctx context.Context) (string, error)
	GetVPCInternetGateway(ctx context.Context, vpcID string) (string, error)
	GetVPCAttribute(ctx context.Context, vpcID string, attribute string) (bool, error)
	GetDHCPOptions(ctx context.Context, vpcID string) (map[string]string, error)
	GetElasticIPsAssociationIDForAllocationIDs(ctx context.Context, allocationIDs []string) (map[string]*string, error)
	GetNATGatewayAddressAllocations(ctx context.Context, shootNamespace string) (sets.Set[string], error)

	// S3 wrappers
	DeleteObjectsWithPrefix(ctx context.Context, bucket, prefix string) error
	CreateBucketIfNotExists(ctx context.Context, bucket, region string) error
	DeleteBucketIfExists(ctx context.Context, bucket string) error

	// Route53 wrappers
	GetDNSHostedZones(ctx context.Context) (map[string]string, error)
	CreateOrUpdateDNSRecordSet(ctx context.Context, zoneId, name, recordType string, values []string, ttl int64) error
	DeleteDNSRecordSet(ctx context.Context, zoneId, name, recordType string, values []string, ttl int64) error

	// The following functions are only temporary needed due to https://github.com/gardener/gardener/issues/129.
	ListKubernetesELBs(ctx context.Context, vpcID, clusterName string) ([]string, error)
	ListKubernetesELBsV2(ctx context.Context, vpcID, clusterName string) ([]string, error)
	ListKubernetesSecurityGroups(ctx context.Context, vpcID, clusterName string) ([]string, error)
	DeleteELB(ctx context.Context, name string) error
	DeleteELBV2(ctx context.Context, arn string) error

	// VPCs
	CreateVpcDhcpOptions(ctx context.Context, options *DhcpOptions) (*DhcpOptions, error)
	GetVpcDhcpOptions(ctx context.Context, id string) (*DhcpOptions, error)
	FindVpcDhcpOptionsByTags(ctx context.Context, tags Tags) ([]*DhcpOptions, error)
	DeleteVpcDhcpOptions(ctx context.Context, id string) error
	CreateVpc(ctx context.Context, vpc *VPC) (*VPC, error)
	WaitForIPv6Cidr(ctx context.Context, vpcID string) (string, error)
	AddVpcDhcpOptionAssociation(vpcId string, dhcpOptionsId *string) error
	UpdateVpcAttribute(ctx context.Context, vpcId, attributeName string, value bool) error
	UpdateAmazonProvidedIPv6CidrBlock(ctx context.Context, desired *VPC, current *VPC) (bool, error)
	DeleteVpc(ctx context.Context, id string) error
	GetVpc(ctx context.Context, id string) (*VPC, error)
	FindVpcsByTags(ctx context.Context, tags Tags) ([]*VPC, error)

	// Security groups
	CreateSecurityGroup(ctx context.Context, sg *SecurityGroup) (*SecurityGroup, error)
	GetSecurityGroup(ctx context.Context, id string) (*SecurityGroup, error)
	FindSecurityGroupsByTags(ctx context.Context, tags Tags) ([]*SecurityGroup, error)
	FindDefaultSecurityGroupByVpcId(ctx context.Context, vpcId string) (*SecurityGroup, error)
	AuthorizeSecurityGroupRules(ctx context.Context, id string, rules []*SecurityGroupRule) error
	RevokeSecurityGroupRules(ctx context.Context, id string, rules []*SecurityGroupRule) error
	DeleteSecurityGroup(ctx context.Context, id string) error

	// Internet gateways
	CreateInternetGateway(ctx context.Context, gateway *InternetGateway) (*InternetGateway, error)
	GetInternetGateway(ctx context.Context, id string) (*InternetGateway, error)
	FindInternetGatewaysByTags(ctx context.Context, tags Tags) ([]*InternetGateway, error)
	FindInternetGatewayByVPC(ctx context.Context, vpcId string) (*InternetGateway, error)
	DeleteInternetGateway(ctx context.Context, id string) error
	AttachInternetGateway(ctx context.Context, vpcId, internetGatewayId string) error
	DetachInternetGateway(ctx context.Context, vpcId, internetGatewayId string) error

	// VPC Endpoints
	CreateVpcEndpoint(ctx context.Context, endpoint *VpcEndpoint) (*VpcEndpoint, error)
	GetVpcEndpoints(ctx context.Context, ids []string) ([]*VpcEndpoint, error)
	FindVpcEndpointsByTags(ctx context.Context, tags Tags) ([]*VpcEndpoint, error)
	DeleteVpcEndpoint(ctx context.Context, id string) error

	// VPC Endpoints Route table associations
	CreateVpcEndpointRouteTableAssociation(ctx context.Context, routeTableId, vpcEndpointId string) error
	DeleteVpcEndpointRouteTableAssociation(ctx context.Context, routeTableId, vpcEndpointId string) error

	// Route tables
	CreateRouteTable(ctx context.Context, routeTable *RouteTable) (*RouteTable, error)
	GetRouteTable(ctx context.Context, id string) (*RouteTable, error)
	FindRouteTablesByTags(ctx context.Context, tags Tags) ([]*RouteTable, error)
	DeleteRouteTable(ctx context.Context, id string) error
	CreateRoute(ctx context.Context, routeTableId string, route *Route) error
	DeleteRoute(ctx context.Context, routeTableId string, route *Route) error

	// Subnets
	CreateSubnet(ctx context.Context, subnet *Subnet) (*Subnet, error)
	GetSubnets(ctx context.Context, ids []string) ([]*Subnet, error)
	FindSubnetsByTags(ctx context.Context, tags Tags) ([]*Subnet, error)
	UpdateSubnetAttributes(ctx context.Context, desired, current *Subnet) (modified bool, err error)
	DeleteSubnet(ctx context.Context, id string) error

	// Route table associations
	CreateRouteTableAssociation(ctx context.Context, routeTableId, subnetId string) (associationId *string, err error)
	DeleteRouteTableAssociation(ctx context.Context, associationId string) error

	// Elastic IP
	CreateElasticIP(ctx context.Context, eip *ElasticIP) (*ElasticIP, error)
	GetElasticIP(ctx context.Context, id string) (*ElasticIP, error)
	FindElasticIPsByTags(ctx context.Context, tags Tags) ([]*ElasticIP, error)
	DeleteElasticIP(ctx context.Context, id string) error

	// Internet gateways
	CreateNATGateway(ctx context.Context, gateway *NATGateway) (*NATGateway, error)
	WaitForNATGatewayAvailable(ctx context.Context, id string) error
	GetNATGateway(ctx context.Context, id string) (*NATGateway, error)
	FindNATGatewaysByTags(ctx context.Context, tags Tags) ([]*NATGateway, error)
	DeleteNATGateway(ctx context.Context, id string) error

	// Key pairs
	ImportKeyPair(ctx context.Context, keyName string, publicKey []byte, tags Tags) (*KeyPairInfo, error)
	GetKeyPair(ctx context.Context, keyName string) (*KeyPairInfo, error)
	FindKeyPairsByTags(ctx context.Context, tags Tags) ([]*KeyPairInfo, error)
	DeleteKeyPair(ctx context.Context, keyName string) error

	// IAM Role
	CreateIAMRole(ctx context.Context, role *IAMRole) (*IAMRole, error)
	GetIAMRole(ctx context.Context, roleName string) (*IAMRole, error)
	DeleteIAMRole(ctx context.Context, roleName string) error
	UpdateAssumeRolePolicy(ctx context.Context, roleName, assumeRolePolicy string) error

	// IAM Instance Profile
	CreateIAMInstanceProfile(ctx context.Context, profile *IAMInstanceProfile) (*IAMInstanceProfile, error)
	GetIAMInstanceProfile(ctx context.Context, profileName string) (*IAMInstanceProfile, error)
	DeleteIAMInstanceProfile(ctx context.Context, profileName string) error
	AddRoleToIAMInstanceProfile(ctx context.Context, profileName, roleName string) error
	RemoveRoleFromIAMInstanceProfile(ctx context.Context, profileName, roleName string) error

	// IAM Role Policy
	PutIAMRolePolicy(ctx context.Context, policy *IAMRolePolicy) error
	GetIAMRolePolicy(ctx context.Context, policyName, roleName string) (*IAMRolePolicy, error)
	DeleteIAMRolePolicy(ctx context.Context, policyName, roleName string) error

	// EC2 tags
	CreateEC2Tags(ctx context.Context, resources []string, tags Tags) error
	DeleteEC2Tags(ctx context.Context, resources []string, tags Tags) error
}

Interface is an interface which must be implemented by AWS clients.

func NewInterface added in v1.27.0 

func NewInterface(accessKeyID, secretAccessKey, region string) (Interface, error)

NewInterface creates a new instance of Interface for the given AWS credentials and region.

type InternetGateway added in v1.44.0 

type InternetGateway struct {
	Tags
	InternetGatewayId string
	VpcId             *string
}

InternetGateway contains the relevant fields for an EC2 internet gateway resource.

type KeyPairInfo added in v1.44.0 

type KeyPairInfo struct {
	Tags
	KeyName        string
	KeyFingerprint string
}

KeyPairInfo contains the relevant fields for an EC2 key pair.

type NATGateway added in v1.44.0 

type NATGateway struct {
	Tags
	NATGatewayId    string
	EIPAllocationId string
	PublicIP        string
	SubnetId        string
	State           string
}

NATGateway contains the relevant fields for an EC2 NAT gateway resource.

type Route added in v1.44.0 

type Route struct {
	DestinationCidrBlock     *string
	DestinationIpv6CidrBlock *string
	GatewayId                *string
	NatGatewayId             *string
	DestinationPrefixListId  *string
}

Route contains the relevant fields for a route of an EC2 route table resource.

type Route53RateLimiterWaitError added in v1.33.0 

type Route53RateLimiterWaitError struct {
	Cause error
}

Route53RateLimiterWaitError is an error to be reported if waiting for a route53 rate limiter fails. This can only happen if the wait time would exceed the configured wait timeout.

func (*Route53RateLimiterWaitError) Error added in v1.33.0 

func (e *Route53RateLimiterWaitError) Error() string

type RouteTable added in v1.44.0 

type RouteTable struct {
	Tags
	RouteTableId string
	VpcId        *string
	Routes       []*Route
	Associations []*RouteTableAssociation
}

RouteTable contains the relevant fields for an EC2 route table resource. Routes and Associations are filled for returned values, but ignored on creation.

type RouteTableAssociation added in v1.44.0 

type RouteTableAssociation struct {
	RouteTableAssociationId string
	Main                    bool
	GatewayId               *string
	SubnetId                *string
}

RouteTableAssociation contains the relevant fields for a route association of an EC2 route table resource.

type SecurityGroup added in v1.44.0 

type SecurityGroup struct {
	Tags
	GroupId     string
	GroupName   string
	VpcId       *string
	Description *string
	Rules       []*SecurityGroupRule
}

SecurityGroup contains the relevant fields of a EC2 security group resource.

func (*SecurityGroup) Clone added in v1.44.0 

func (sg *SecurityGroup) Clone() *SecurityGroup

Clone creates a copy.

func (*SecurityGroup) DiffRules added in v1.44.0 

func (sg *SecurityGroup) DiffRules(other *SecurityGroup) (addedRules, removedRules []*SecurityGroupRule)

DiffRules calculates the different rules to another security group.

func (*SecurityGroup) EquivalentRulesTo added in v1.44.0 

func (sg *SecurityGroup) EquivalentRulesTo(other *SecurityGroup) bool

EquivalentRulesTo returns true if the security rules are equivalent to the rules of another security group.

func (*SecurityGroup) SortedClone added in v1.44.0 

func (sg *SecurityGroup) SortedClone() *SecurityGroup

SortedClone creates a copy with sorted rules.

type SecurityGroupRule added in v1.44.0 

type SecurityGroupRule struct {
	Type       SecurityGroupRuleType
	FromPort   int
	ToPort     int
	Protocol   string
	CidrBlocks []string
	Self       bool
	Foreign    *string
}

SecurityGroupRule contains the relevant fields of a EC2 security group rule resource.

func (*SecurityGroupRule) Clone added in v1.44.0 

func (sgr *SecurityGroupRule) Clone() *SecurityGroupRule

Clone creates a copy.

func (*SecurityGroupRule) LessThan added in v1.44.0 

func (sgr *SecurityGroupRule) LessThan(other *SecurityGroupRule) bool

LessThan compares to another securitry group role for ordering.

func (*SecurityGroupRule) SortedClone added in v1.44.0 

func (sgr *SecurityGroupRule) SortedClone() *SecurityGroupRule

SortedClone creates a copy with sorted CidrBlocks array for comparing and sorting.

type SecurityGroupRuleType added in v1.44.0 

type SecurityGroupRuleType string

SecurityGroupRuleType is type for security group rule types 

const (
	// SecurityGroupRuleTypeIngress is the type for ingress rules
	SecurityGroupRuleTypeIngress SecurityGroupRuleType = "ingress"
	// SecurityGroupRuleTypeEgress is the type for egress rules
	SecurityGroupRuleTypeEgress SecurityGroupRuleType = "egress"
)

type Subnet added in v1.44.0 

type Subnet struct {
	Tags
	SubnetId         string
	VpcId            *string
	CidrBlock        string
	AvailabilityZone string

	AssignIpv6AddressOnCreation             *bool
	CustomerOwnedIpv4Pool                   *string
	EnableDns64                             *bool
	EnableResourceNameDnsAAAARecordOnLaunch *bool
	EnableResourceNameDnsARecordOnLaunch    *bool
	Ipv6CidrBlocks                          []string
	Ipv6Native                              *bool
	MapPublicIpOnLaunch                     *bool
	MapCustomerOwnedIpOnLaunch              *bool
	OutpostArn                              *string
	PrivateDnsHostnameTypeOnLaunch          *string
}

Subnet contains the relevant fields for an EC2 subnet resource.

func (*Subnet) Clone added in v1.44.0 

func (s *Subnet) Clone() *Subnet

Clone creates a copy.

type Tags added in v1.44.0 

type Tags map[string]string

Tags is map of string key to string values. Duplicate keys are not supported in AWS.

func FromTags added in v1.44.0 

func FromTags(ec2Tags []*ec2.Tag) Tags

FromTags creates a Tags map from the given EC2 tag array.

func (Tags) Clone added in v1.44.0 

func (tags Tags) Clone() Tags

Clone creates a copy of the tags aps

func (Tags) ToEC2Tags added in v1.44.0 

func (tags Tags) ToEC2Tags() []*ec2.Tag

ToEC2Tags exports the tags map as a EC2 Tag array.

func (Tags) ToFilters added in v1.44.0 

func (tags Tags) ToFilters() []*ec2.Filter

ToFilters exports the tags map as a EC2 Filter array.

func (Tags) ToTagSpecification added in v1.44.0 

func (tags Tags) ToTagSpecification(resourceType string) *ec2.TagSpecification

ToTagSpecification exports the tags map as a EC2 TagSpecification for the given resource type.

func (Tags) ToTagSpecifications added in v1.44.0 

func (tags Tags) ToTagSpecifications(resourceType string) []*ec2.TagSpecification

ToTagSpecifications exports the tags map as a EC2 TagSpecification array for the given resource type.

type Updater added in v1.44.0 

type Updater interface {
	UpdateVpc(ctx context.Context, desired, current *VPC) (modified bool, err error)
	UpdateSecurityGroup(ctx context.Context, desired, current *SecurityGroup) (modified bool, err error)
	UpdateRouteTable(ctx context.Context, log logr.Logger, desired, current *RouteTable, controlledCidrBlocks ...string) (modified bool, err error)
	UpdateSubnet(ctx context.Context, desired, current *Subnet) (modified bool, err error)
	UpdateIAMInstanceProfile(ctx context.Context, desired, current *IAMInstanceProfile) (modified bool, err error)
	UpdateIAMRole(ctx context.Context, desired, current *IAMRole) (modified bool, err error)
	UpdateEC2Tags(ctx context.Context, id string, desired, current Tags) (modified bool, err error)
}

Updater provides methods to update selected AWS client objects.

func NewUpdater added in v1.44.0 

func NewUpdater(client Interface, ignoreTags *awsapi.IgnoreTags) Updater

NewUpdater creates a new updater instance.

type VPC added in v1.44.0 

type VPC struct {
	Tags
	VpcId                        string
	CidrBlock                    string
	IPv6CidrBlock                string
	EnableDnsSupport             bool
	EnableDnsHostnames           bool
	AssignGeneratedIPv6CidrBlock bool
	DhcpOptionsId                *string
	InstanceTenancy              *string
	State                        *string
}

VPC contains the relevant fields of a EC2 VPC resource.

type VpcEndpoint added in v1.44.0 

type VpcEndpoint struct {
	Tags
	VpcEndpointId string
	VpcId         *string
	ServiceName   string
}

VpcEndpoint contains the relevant fields for an EC2 VPC endpoint resource.

Source Files

View all Source files

Directories

Path Synopsis
Package client is a generated GoMock package.
 Package client is a generated GoMock package.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.