Documentation ¶
Index ¶
- func IsAlreadyAssociatedError(err error) bool
- func IsNoSuchHostedZoneError(err error) bool
- func IsNotFoundError(err error) bool
- func IsNotPermittedInZoneError(err error) bool
- func IsRetryableIPv6CIDRError(err error) bool
- func IsThrottlingError(err error) bool
- type Client
- func (c *Client) AddRoleToIAMInstanceProfile(ctx context.Context, profileName, roleName string) error
- func (c *Client) AddVpcDhcpOptionAssociation(vpcId string, dhcpOptionsId *string) error
- func (c *Client) AttachInternetGateway(ctx context.Context, vpcId, internetGatewayId string) error
- func (c *Client) AuthorizeSecurityGroupRules(ctx context.Context, groupId string, rules []*SecurityGroupRule) error
- func (c *Client) CheckSubnetIPv6Cidr(subnetID string) (bool, error)
- func (c *Client) CheckVpcIPv6Cidr(vpcID string) (bool, error)
- func (c *Client) CreateBucketIfNotExists(ctx context.Context, bucket, region string) error
- func (c *Client) CreateDNSHostedZone(ctx context.Context, name, comment string) (string, error)
- func (c *Client) CreateEC2Tags(ctx context.Context, resources []string, tags Tags) error
- func (c *Client) CreateElasticIP(ctx context.Context, eip *ElasticIP) (*ElasticIP, error)
- func (c *Client) CreateIAMInstanceProfile(ctx context.Context, profile *IAMInstanceProfile) (*IAMInstanceProfile, error)
- func (c *Client) CreateIAMRole(ctx context.Context, role *IAMRole) (*IAMRole, error)
- func (c *Client) CreateInternetGateway(ctx context.Context, gateway *InternetGateway) (*InternetGateway, error)
- func (c *Client) CreateNATGateway(ctx context.Context, gateway *NATGateway) (*NATGateway, error)
- func (c *Client) CreateOrUpdateDNSRecordSet(ctx context.Context, zoneId, name, recordType string, values []string, ...) error
- func (c *Client) CreateRoute(ctx context.Context, routeTableId string, route *Route) error
- func (c *Client) CreateRouteTable(ctx context.Context, routeTable *RouteTable) (*RouteTable, error)
- func (c *Client) CreateRouteTableAssociation(ctx context.Context, routeTableId, subnetId string) (*string, error)
- func (c *Client) CreateSecurityGroup(ctx context.Context, sg *SecurityGroup) (*SecurityGroup, error)
- func (c *Client) CreateSubnet(ctx context.Context, subnet *Subnet) (*Subnet, error)
- func (c *Client) CreateVpc(ctx context.Context, desired *VPC) (*VPC, error)
- func (c *Client) CreateVpcDhcpOptions(ctx context.Context, options *DhcpOptions) (*DhcpOptions, error)
- func (c *Client) CreateVpcEndpoint(ctx context.Context, endpoint *VpcEndpoint) (*VpcEndpoint, error)
- func (c *Client) CreateVpcEndpointRouteTableAssociation(ctx context.Context, routeTableId, vpcEndpointId string) error
- func (c *Client) DeleteBucketIfExists(ctx context.Context, bucket string) error
- func (c *Client) DeleteDNSHostedZone(ctx context.Context, zoneId string) error
- func (c *Client) DeleteDNSRecordSet(ctx context.Context, zoneId, name, recordType string, values []string, ...) error
- func (c *Client) DeleteEC2Tags(ctx context.Context, resources []string, tags Tags) error
- func (c *Client) DeleteELB(ctx context.Context, name string) error
- func (c *Client) DeleteELBV2(ctx context.Context, arn string) error
- func (c *Client) DeleteElasticIP(ctx context.Context, id string) error
- func (c *Client) DeleteIAMInstanceProfile(ctx context.Context, profileName string) error
- func (c *Client) DeleteIAMRole(ctx context.Context, roleName string) error
- func (c *Client) DeleteIAMRolePolicy(ctx context.Context, policyName, roleName string) error
- func (c *Client) DeleteInternetGateway(ctx context.Context, id string) error
- func (c *Client) DeleteKeyPair(ctx context.Context, keyName string) error
- func (c *Client) DeleteNATGateway(ctx context.Context, id string) error
- func (c *Client) DeleteObjectsWithPrefix(ctx context.Context, bucket, prefix string) error
- func (c *Client) DeleteRoute(ctx context.Context, routeTableId string, route *Route) error
- func (c *Client) DeleteRouteTable(ctx context.Context, id string) error
- func (c *Client) DeleteRouteTableAssociation(ctx context.Context, associationId string) error
- func (c *Client) DeleteSecurityGroup(ctx context.Context, id string) error
- func (c *Client) DeleteSubnet(ctx context.Context, id string) error
- func (c *Client) DeleteVpc(ctx context.Context, id string) error
- func (c *Client) DeleteVpcDhcpOptions(ctx context.Context, id string) error
- func (c *Client) DeleteVpcEndpoint(ctx context.Context, id string) error
- func (c *Client) DeleteVpcEndpointRouteTableAssociation(ctx context.Context, routeTableId, vpcEndpointId string) error
- func (c *Client) DetachInternetGateway(ctx context.Context, vpcId, internetGatewayId string) error
- func (c *Client) FindDefaultSecurityGroupByVpcId(ctx context.Context, vpcId string) (*SecurityGroup, error)
- func (c *Client) FindElasticIPsByTags(ctx context.Context, tags Tags) ([]*ElasticIP, error)
- func (c *Client) FindInternetGatewayByVPC(ctx context.Context, vpcId string) (*InternetGateway, error)
- func (c *Client) FindInternetGatewaysByTags(ctx context.Context, tags Tags) ([]*InternetGateway, error)
- func (c *Client) FindKeyPairsByTags(ctx context.Context, tags Tags) ([]*KeyPairInfo, error)
- func (c *Client) FindNATGatewaysByTags(ctx context.Context, tags Tags) ([]*NATGateway, error)
- func (c *Client) FindRouteTablesByTags(ctx context.Context, tags Tags) ([]*RouteTable, error)
- func (c *Client) FindSecurityGroupsByTags(ctx context.Context, tags Tags) ([]*SecurityGroup, error)
- func (c *Client) FindSubnetsByTags(ctx context.Context, tags Tags) ([]*Subnet, error)
- func (c *Client) FindVpcDhcpOptionsByTags(ctx context.Context, tags Tags) ([]*DhcpOptions, error)
- func (c *Client) FindVpcEndpointsByTags(ctx context.Context, tags Tags) ([]*VpcEndpoint, error)
- func (c *Client) FindVpcsByTags(ctx context.Context, tags Tags) ([]*VPC, error)
- func (c *Client) GetAccountID(ctx context.Context) (string, error)
- func (c *Client) GetDHCPOptions(ctx context.Context, vpcID string) (map[string]string, error)
- func (c *Client) GetDNSHostedZones(ctx context.Context) (map[string]string, error)
- func (c *Client) GetDNSRecordSet(ctx context.Context, zoneId, name, recordType string) (*route53.ResourceRecordSet, error)
- func (c *Client) GetElasticIP(ctx context.Context, id string) (*ElasticIP, error)
- func (c *Client) GetElasticIPsAssociationIDForAllocationIDs(ctx context.Context, allocationIDs []string) (map[string]*string, error)
- func (c *Client) GetIAMInstanceProfile(ctx context.Context, profileName string) (*IAMInstanceProfile, error)
- func (c *Client) GetIAMRole(ctx context.Context, roleName string) (*IAMRole, error)
- func (c *Client) GetIAMRolePolicy(ctx context.Context, policyName, roleName string) (*IAMRolePolicy, error)
- func (c *Client) GetIPv6Cidr(ctx context.Context, vpcID string) (string, error)
- func (c *Client) GetInternetGateway(ctx context.Context, id string) (*InternetGateway, error)
- func (c *Client) GetKeyPair(ctx context.Context, keyName string) (*KeyPairInfo, error)
- func (c *Client) GetNATGateway(ctx context.Context, id string) (*NATGateway, error)
- func (c *Client) GetNATGatewayAddressAllocations(ctx context.Context, shootNamespace string) (sets.Set[string], error)
- func (c *Client) GetRouteTable(ctx context.Context, id string) (*RouteTable, error)
- func (c *Client) GetSecurityGroup(ctx context.Context, id string) (*SecurityGroup, error)
- func (c *Client) GetSubnets(ctx context.Context, ids []string) ([]*Subnet, error)
- func (c *Client) GetVPCAttribute(ctx context.Context, vpcID string, attribute string) (bool, error)
- func (c *Client) GetVPCInternetGateway(ctx context.Context, vpcID string) (string, error)
- func (c *Client) GetVpc(ctx context.Context, id string) (*VPC, error)
- func (c *Client) GetVpcDhcpOptions(ctx context.Context, id string) (*DhcpOptions, error)
- func (c *Client) GetVpcEndpoints(ctx context.Context, ids []string) ([]*VpcEndpoint, error)
- func (c *Client) ImportKeyPair(ctx context.Context, keyName string, publicKey []byte, tags Tags) (*KeyPairInfo, error)
- func (c *Client) ListKubernetesELBs(ctx context.Context, vpcID, clusterName string) ([]string, error)
- func (c *Client) ListKubernetesELBsV2(ctx context.Context, vpcID, clusterName string) ([]string, error)
- func (c *Client) ListKubernetesSecurityGroups(ctx context.Context, vpcID, clusterName string) ([]string, error)
- func (c *Client) PollImmediateUntil(ctx context.Context, condition wait.ConditionWithContextFunc) error
- func (c *Client) PollUntil(ctx context.Context, condition wait.ConditionWithContextFunc) error
- func (c *Client) PutIAMRolePolicy(ctx context.Context, policy *IAMRolePolicy) error
- func (c *Client) RemoveRoleFromIAMInstanceProfile(ctx context.Context, profileName, roleName string) error
- func (c *Client) RevokeSecurityGroupRules(ctx context.Context, groupId string, rules []*SecurityGroupRule) error
- func (c *Client) UpdateAmazonProvidedIPv6CidrBlock(ctx context.Context, desired *VPC, current *VPC) (bool, error)
- func (c *Client) UpdateAssumeRolePolicy(ctx context.Context, roleName, assumeRolePolicy string) error
- func (c *Client) UpdateSubnetAttributes(ctx context.Context, desired, current *Subnet) (bool, error)
- func (c *Client) UpdateVpcAttribute(ctx context.Context, vpcId, attributeName string, value bool) error
- func (c *Client) WaitForIPv6Cidr(ctx context.Context, vpcID string) (string, error)
- func (c *Client) WaitForNATGatewayAvailable(ctx context.Context, id string) error
- type DhcpOptions
- type ElasticIP
- type Factory
- type FactoryFunc
- type IAMInstanceProfile
- type IAMRole
- type IAMRolePolicy
- type Interface
- type InternetGateway
- type KeyPairInfo
- type NATGateway
- type RetryableIPv6CIDRError
- type Route
- type Route53RateLimiterWaitError
- type RouteTable
- type RouteTableAssociation
- type SecurityGroup
- type SecurityGroupRule
- type SecurityGroupRuleType
- type Subnet
- type Tags
- type Updater
- type VPC
- type VpcEndpoint
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func IsAlreadyAssociatedError ¶ added in v1.44.0
IsAlreadyAssociatedError returns true if the given error is a awserr.Error indicating that an AWS resource was already associated.
func IsNoSuchHostedZoneError ¶ added in v1.28.0
IsNoSuchHostedZoneError returns true if the error indicates a non-existing route53 hosted zone.
func IsNotFoundError ¶ added in v1.29.0
IsNotFoundError returns true if the given error is a awserr.Error indicating that an AWS resource was not found.
func IsNotPermittedInZoneError ¶ added in v1.28.0
IsNotPermittedInZoneError returns true if the error indicates that the DNS name is not permitted in the route53 hosted zone.
func IsRetryableIPv6CIDRError ¶ added in v1.52.0
RetryableIPv6CIDRError returns true if the error indicates that getting the IPv6 CIDR can be retried.
func IsThrottlingError ¶ added in v1.33.0
IsThrottlingError returns true if the error is a throttling error.
Types ¶
type Client ¶
type Client struct { EC2 ec2iface.EC2API STS stsiface.STSAPI IAM iamiface.IAMAPI S3 s3iface.S3API ELB elbiface.ELBAPI ELBv2 elbv2iface.ELBV2API Route53 route53iface.Route53API Route53RateLimiter *rate.Limiter Route53RateLimiterWaitTimeout time.Duration Logger logr.Logger PollInterval time.Duration }
Client is a struct containing several clients for the different AWS services it needs to interact with. * EC2 is the standard client for the EC2 service. * STS is the standard client for the STS service. * IAM is the standard client for the IAM service. * S3 is the standard client for the S3 service. * ELB is the standard client for the ELB service. * ELBv2 is the standard client for the ELBv2 service. * Route53 is the standard client for the Route53 service.
func NewClient ¶
NewClient creates a new Client for the given AWS credentials <accessKeyID>, <secretAccessKey>, and the AWS region <region>. It initializes the clients for the various services like EC2, ELB, etc.
func (*Client) AddRoleToIAMInstanceProfile ¶ added in v1.44.0
func (c *Client) AddRoleToIAMInstanceProfile(ctx context.Context, profileName, roleName string) error
AddRoleToIAMInstanceProfile adds a role to an instance profile.
func (*Client) AddVpcDhcpOptionAssociation ¶ added in v1.44.0
AddVpcDhcpOptionAssociation associates existing DHCP options resource to VPC resource, both identified by id.
func (*Client) AttachInternetGateway ¶ added in v1.44.0
AttachInternetGateway attaches an internet gateway to a VPC. Returns no error, if the internet gateway is already attached to the VPC.
func (*Client) AuthorizeSecurityGroupRules ¶ added in v1.44.0
func (c *Client) AuthorizeSecurityGroupRules(ctx context.Context, groupId string, rules []*SecurityGroupRule) error
AuthorizeSecurityGroupRules adds security group rules for the security group identified by the groupId.
func (*Client) CheckSubnetIPv6Cidr ¶ added in v1.46.0
CheckSubnetIPv6Cidr checks if the subnet has an IPv6 CIDR block assigned
func (*Client) CheckVpcIPv6Cidr ¶ added in v1.46.0
CheckVpcIPv6Cidr checks if the vpc has an IPv6 CIDR block assigned
func (*Client) CreateBucketIfNotExists ¶
CreateBucketIfNotExists creates the s3 bucket with name <bucket> in <region>. If it already exists, no error is returned.
func (*Client) CreateDNSHostedZone ¶ added in v1.27.0
CreateDNSHostedZone creates the DNS hosted zone with the given name and comment, and returns the ID of the newly created zone.
func (*Client) CreateEC2Tags ¶ added in v1.44.0
CreateEC2Tags creates the tags for the given EC2 resource identifiers
func (*Client) CreateElasticIP ¶ added in v1.44.0
CreateElasticIP creates an EC2 elastip IP resource.
func (*Client) CreateIAMInstanceProfile ¶ added in v1.44.0
func (c *Client) CreateIAMInstanceProfile(ctx context.Context, profile *IAMInstanceProfile) (*IAMInstanceProfile, error)
CreateIAMInstanceProfile creates an IAM instance profile.
func (*Client) CreateIAMRole ¶ added in v1.44.0
CreateIAMRole creates an IAM role resource.
func (*Client) CreateInternetGateway ¶ added in v1.44.0
func (c *Client) CreateInternetGateway(ctx context.Context, gateway *InternetGateway) (*InternetGateway, error)
CreateInternetGateway creates an internet gateway.
func (*Client) CreateNATGateway ¶ added in v1.44.0
func (c *Client) CreateNATGateway(ctx context.Context, gateway *NATGateway) (*NATGateway, error)
CreateNATGateway creates an EC2 NAT gateway resource. The method does NOT wait until the NAT gateway is available.
func (*Client) CreateOrUpdateDNSRecordSet ¶ added in v1.27.0
func (c *Client) CreateOrUpdateDNSRecordSet(ctx context.Context, zoneId, name, recordType string, values []string, ttl int64) error
CreateOrUpdateDNSRecordSet creates or updates the DNS recordset in the DNS hosted zone with the given zone ID, with the given name, type, values, and TTL.
func (*Client) CreateRoute ¶ added in v1.44.0
CreateRoute creates a route for the given route table.
func (*Client) CreateRouteTable ¶ added in v1.44.0
func (c *Client) CreateRouteTable(ctx context.Context, routeTable *RouteTable) (*RouteTable, error)
CreateRouteTable creates an EC2 route table resource. Routes specified in the input object are ignored.
func (*Client) CreateRouteTableAssociation ¶ added in v1.44.0
func (c *Client) CreateRouteTableAssociation(ctx context.Context, routeTableId, subnetId string) (*string, error)
CreateRouteTableAssociation associates a route table with a subnet. Returns association id and error.
func (*Client) CreateSecurityGroup ¶ added in v1.44.0
func (c *Client) CreateSecurityGroup(ctx context.Context, sg *SecurityGroup) (*SecurityGroup, error)
CreateSecurityGroup creates a security group. Note that the rules of the input object are ignored. Use the AuthorizeSecurityGroupRules method to add rules.
func (*Client) CreateSubnet ¶ added in v1.44.0
CreateSubnet creates an EC2 subnet resource.
func (*Client) CreateVpcDhcpOptions ¶ added in v1.44.0
func (c *Client) CreateVpcDhcpOptions(ctx context.Context, options *DhcpOptions) (*DhcpOptions, error)
CreateVpcDhcpOptions creates a DHCP option resource.
func (*Client) CreateVpcEndpoint ¶ added in v1.44.0
func (c *Client) CreateVpcEndpoint(ctx context.Context, endpoint *VpcEndpoint) (*VpcEndpoint, error)
CreateVpcEndpoint creates an EC2 VPC endpoint resource.
func (*Client) CreateVpcEndpointRouteTableAssociation ¶ added in v1.44.0
func (c *Client) CreateVpcEndpointRouteTableAssociation(ctx context.Context, routeTableId, vpcEndpointId string) error
CreateVpcEndpointRouteTableAssociation creates a route for a VPC endpoint. Itempotent, i.e. does nothing if the route is already existing.
func (*Client) DeleteBucketIfExists ¶
DeleteBucketIfExists deletes the s3 bucket with name <bucket>. If it does not exist, no error is returned.
func (*Client) DeleteDNSHostedZone ¶ added in v1.27.0
DeleteDNSHostedZone deletes the DNS hosted zone with the given ID.
func (*Client) DeleteDNSRecordSet ¶ added in v1.27.0
func (c *Client) DeleteDNSRecordSet(ctx context.Context, zoneId, name, recordType string, values []string, ttl int64) error
DeleteDNSRecordSet deletes the DNS recordset in the DNS hosted zone with the given zone ID, with the given name, type, values, and TTL. If values is empty and TTL is 0, the actual state will be determined by reading the recordset from the zone. Otherwise, an attempt will be made to delete the recordset with the given values / TTL. If this results in a "values do not match" error, the actual state will again be determined by reading the recordset from the zone, and a second attempt to delete it will be made. The idea is to ensure a consistent and foolproof behavior while sending as few requests as possible to avoid rate limit issues.
func (*Client) DeleteEC2Tags ¶ added in v1.44.0
DeleteEC2Tags deletes the tags for the given EC2 resource identifiers
func (*Client) DeleteELB ¶
DeleteELB deletes the loadbalancer with the specific <name>. If it does not exist, no error is returned.
func (*Client) DeleteELBV2 ¶
DeleteELBV2 deletes the loadbalancer (NLB or ALB) as well as its target groups with its Amazon Resource Name (ARN). If it does not exist, no error is returned.
func (*Client) DeleteElasticIP ¶ added in v1.44.0
DeleteElasticIP deletes an elastic IP resource by identifier. Returns nil if the resource is not found.
func (*Client) DeleteIAMInstanceProfile ¶ added in v1.44.0
DeleteIAMInstanceProfile deletes an IAM instance profile by profile name. Returns nil if the resource is not found.
func (*Client) DeleteIAMRole ¶ added in v1.44.0
DeleteIAMRole deletes an IAM role by role name. Returns nil if the resource is not found.
func (*Client) DeleteIAMRolePolicy ¶ added in v1.44.0
DeleteIAMRolePolicy deletes an IAM role policy by policy name and role name. Returns nil if the resource is not found.
func (*Client) DeleteInternetGateway ¶ added in v1.44.0
DeleteInternetGateway deletes an internet gateway resource. Returns nil, if the resource is not found.
func (*Client) DeleteKeyPair ¶ added in v1.44.0
DeleteKeyPair deletes an EC2 key pair given by the key name. Returns nil if resource is not found.
func (*Client) DeleteNATGateway ¶ added in v1.44.0
DeleteNATGateway deletes a NAT gateway by identifier. Returns nil if the resource is not found.
func (*Client) DeleteObjectsWithPrefix ¶
DeleteObjectsWithPrefix deletes the s3 objects with the specific <prefix> from <bucket>. If it does not exist, no error is returned.
func (*Client) DeleteRoute ¶ added in v1.44.0
DeleteRoute deletes a route from the given route table.
func (*Client) DeleteRouteTable ¶ added in v1.44.0
DeleteRouteTable delete a route table by identifier. Returns nil if the resource is not found.
func (*Client) DeleteRouteTableAssociation ¶ added in v1.44.0
DeleteRouteTableAssociation deletes the route table association by the assocation identifier. Returns nil if the resource is not found.
func (*Client) DeleteSecurityGroup ¶
DeleteSecurityGroup deletes a security group resource by identifier. Returns nil, if the resource is not found.
func (*Client) DeleteSubnet ¶ added in v1.44.0
DeleteSubnet delete a subnet by identifier. Returns nil if the resource is not found.
func (*Client) DeleteVpc ¶ added in v1.44.0
DeleteVpc deletes a VPC resource by identifier. Returns nil, if the resource is not found.
func (*Client) DeleteVpcDhcpOptions ¶ added in v1.44.0
DeleteVpcDhcpOptions deletes a DHCP option resource by identifier. Returns nil, if the resource is not found.
func (*Client) DeleteVpcEndpoint ¶ added in v1.44.0
DeleteVpcEndpoint deletes a VPC endpoint by id. Returns nil if resource is not found.
func (*Client) DeleteVpcEndpointRouteTableAssociation ¶ added in v1.44.0
func (c *Client) DeleteVpcEndpointRouteTableAssociation(ctx context.Context, routeTableId, vpcEndpointId string) error
DeleteVpcEndpointRouteTableAssociation deletes the route to a VPC endpoint Returns nil not found
func (*Client) DetachInternetGateway ¶ added in v1.44.0
DetachInternetGateway detaches an internet gateway to a VPC. Returns no error, if the internet gateway is already detached.
func (*Client) FindDefaultSecurityGroupByVpcId ¶ added in v1.44.0
func (c *Client) FindDefaultSecurityGroupByVpcId(ctx context.Context, vpcId string) (*SecurityGroup, error)
FindDefaultSecurityGroupByVpcId finds the default security group for the given VPC identifier.
func (*Client) FindElasticIPsByTags ¶ added in v1.44.0
FindElasticIPsByTags finds elastic IP resources matching the given tag map.
func (*Client) FindInternetGatewayByVPC ¶ added in v1.44.0
func (c *Client) FindInternetGatewayByVPC(ctx context.Context, vpcId string) (*InternetGateway, error)
FindInternetGatewayByVPC finds an internet gateway resource attached to the given VPC.
func (*Client) FindInternetGatewaysByTags ¶ added in v1.44.0
func (c *Client) FindInternetGatewaysByTags(ctx context.Context, tags Tags) ([]*InternetGateway, error)
FindInternetGatewaysByTags finds internet gateway resources matching the given tag map.
func (*Client) FindKeyPairsByTags ¶ added in v1.44.0
FindKeyPairsByTags finds EC key pair resources matching the given tag map.
func (*Client) FindNATGatewaysByTags ¶ added in v1.44.0
FindNATGatewaysByTags finds NAT gateway resources matching the given tag map.
func (*Client) FindRouteTablesByTags ¶ added in v1.44.0
FindRouteTablesByTags finds routing table resources matching the given tag map.
func (*Client) FindSecurityGroupsByTags ¶ added in v1.44.0
FindSecurityGroupsByTags finds security group matching the given tag map. Ingress and egress rules are fetched, too.
func (*Client) FindSubnetsByTags ¶ added in v1.44.0
FindSubnetsByTags finds subnet resources matching the given tag map.
func (*Client) FindVpcDhcpOptionsByTags ¶ added in v1.44.0
FindVpcDhcpOptionsByTags finds DHCP option resources matching the given tag map.
func (*Client) FindVpcEndpointsByTags ¶ added in v1.44.0
FindVpcEndpointsByTags finds VPC endpoint resources matching the given tag map.
func (*Client) FindVpcsByTags ¶ added in v1.44.0
FindVpcsByTags finds VPC resources matching the given tag map.
func (*Client) GetAccountID ¶
GetAccountID returns the ID of the AWS account the Client is interacting with.
func (*Client) GetDHCPOptions ¶ added in v1.41.0
GetDHCPOptions returns DHCP options for the specified VPC ID.
func (*Client) GetDNSHostedZones ¶ added in v1.27.0
GetDNSHostedZones returns a map of all DNS hosted zone names mapped to their IDs.
func (*Client) GetDNSRecordSet ¶ added in v1.27.0
func (c *Client) GetDNSRecordSet(ctx context.Context, zoneId, name, recordType string) (*route53.ResourceRecordSet, error)
GetDNSRecordSet returns the DNS recordset in the DNS hosted zone with the given zone ID, and with the given name and type.
func (*Client) GetElasticIP ¶ added in v1.44.0
GetElasticIP gets an elastic IP resource by identifier.
func (*Client) GetElasticIPsAssociationIDForAllocationIDs ¶ added in v1.31.0
func (c *Client) GetElasticIPsAssociationIDForAllocationIDs(ctx context.Context, allocationIDs []string) (map[string]*string, error)
GetElasticIPsAssociationIDForAllocationIDs list existing elastic IP addresses for the given allocationIDs. returns a map[elasticIPAllocationID]elasticIPAssociationID or an error
func (*Client) GetIAMInstanceProfile ¶ added in v1.44.0
func (c *Client) GetIAMInstanceProfile(ctx context.Context, profileName string) (*IAMInstanceProfile, error)
GetIAMInstanceProfile gets an IAM instance profile by profile name.
func (*Client) GetIAMRole ¶ added in v1.44.0
GetIAMRole gets an IAM role by role name.
func (*Client) GetIAMRolePolicy ¶ added in v1.44.0
func (c *Client) GetIAMRolePolicy(ctx context.Context, policyName, roleName string) (*IAMRolePolicy, error)
GetIAMRolePolicy gets an IAM role policy by policy name and role name.
func (*Client) GetIPv6Cidr ¶ added in v1.52.0
func (*Client) GetInternetGateway ¶
GetInternetGateway gets an internet gateway resource by identifier.
func (*Client) GetKeyPair ¶ added in v1.44.0
GetKeyPair gets a EC2 key pair by its key name.
func (*Client) GetNATGateway ¶ added in v1.44.0
GetNATGateway gets an NAT gateway by identifier. If the resource is not found or in state "deleted", nil is returned
func (*Client) GetNATGatewayAddressAllocations ¶ added in v1.31.0
func (c *Client) GetNATGatewayAddressAllocations(ctx context.Context, shootNamespace string) (sets.Set[string], error)
GetNATGatewayAddressAllocations get the allocation IDs for the NAT Gateway addresses for each existing NAT Gateway in the vpc returns a slice of allocation IDs or an error
func (*Client) GetRouteTable ¶ added in v1.44.0
GetRouteTable gets a route table by the identifier.
func (*Client) GetSecurityGroup ¶ added in v1.44.0
GetSecurityGroup gets a security group by identifier. Ingress and egress rules are fetched, too.
func (*Client) GetSubnets ¶ added in v1.44.0
GetSubnets gets subnets for the given identifiers. Non-existing identifiers are ignored silently.
func (*Client) GetVPCAttribute ¶ added in v1.29.0
GetVPCAttribute returns the value of the specified VPC attribute.
func (*Client) GetVPCInternetGateway ¶ added in v1.29.0
GetVPCInternetGateway returns the ID of the internet gateway attached to the given VPC <vpcID>. If there is no internet gateway attached, the returned string will be empty.
func (*Client) GetVpc ¶ added in v1.44.0
GetVpc gets a VPC resource by identifier. Returns nil, if the resource is not found.
func (*Client) GetVpcDhcpOptions ¶ added in v1.44.0
GetVpcDhcpOptions gets a DHCP option resource by identifier.
func (*Client) GetVpcEndpoints ¶ added in v1.44.0
GetVpcEndpoints gets VPC endpoint resources by identifiers. Non-existing identifiers are silently ignored.
func (*Client) ImportKeyPair ¶ added in v1.44.0
func (c *Client) ImportKeyPair(ctx context.Context, keyName string, publicKey []byte, tags Tags) (*KeyPairInfo, error)
ImportKeyPair creates a EC2 key pair.
func (*Client) ListKubernetesELBs ¶
func (c *Client) ListKubernetesELBs(ctx context.Context, vpcID, clusterName string) ([]string, error)
ListKubernetesELBs returns the list of ELB loadbalancers in the given <vpcID> tagged with <clusterName>.
func (*Client) ListKubernetesELBsV2 ¶
func (c *Client) ListKubernetesELBsV2(ctx context.Context, vpcID, clusterName string) ([]string, error)
ListKubernetesELBsV2 returns the list of ELBv2 loadbalancers in the given <vpcID> tagged with <clusterName>.
func (*Client) ListKubernetesSecurityGroups ¶
func (c *Client) ListKubernetesSecurityGroups(ctx context.Context, vpcID, clusterName string) ([]string, error)
ListKubernetesSecurityGroups returns the list of security groups in the given <vpcID> tagged with <clusterName>.
func (*Client) PollImmediateUntil ¶ added in v1.44.0
func (c *Client) PollImmediateUntil(ctx context.Context, condition wait.ConditionWithContextFunc) error
PollImmediateUntil runs the 'condition' before waiting for the interval. 'condition' will always be invoked at least once.
func (*Client) PollUntil ¶ added in v1.44.0
PollUntil tries a condition func until it returns true, an error or the specified context is cancelled or expired.
func (*Client) PutIAMRolePolicy ¶ added in v1.44.0
func (c *Client) PutIAMRolePolicy(ctx context.Context, policy *IAMRolePolicy) error
PutIAMRolePolicy creates or updates an IAM role policy.
func (*Client) RemoveRoleFromIAMInstanceProfile ¶ added in v1.44.0
func (c *Client) RemoveRoleFromIAMInstanceProfile(ctx context.Context, profileName, roleName string) error
RemoveRoleFromIAMInstanceProfile removes a role from an instance profile.
func (*Client) RevokeSecurityGroupRules ¶ added in v1.44.0
func (c *Client) RevokeSecurityGroupRules(ctx context.Context, groupId string, rules []*SecurityGroupRule) error
RevokeSecurityGroupRules removes security group rules for the security group identified by the groupId.
func (*Client) UpdateAmazonProvidedIPv6CidrBlock ¶ added in v1.46.0
func (c *Client) UpdateAmazonProvidedIPv6CidrBlock(ctx context.Context, desired *VPC, current *VPC) (bool, error)
UpdateAmazonProvidedIPv6CidrBlock sets/updates the amazon provided IPv6 blocks.
func (*Client) UpdateAssumeRolePolicy ¶ added in v1.44.0
func (c *Client) UpdateAssumeRolePolicy(ctx context.Context, roleName, assumeRolePolicy string) error
UpdateAssumeRolePolicy updates the assumeRolePolicy of an IAM role.
func (*Client) UpdateSubnetAttributes ¶ added in v1.44.0
func (c *Client) UpdateSubnetAttributes(ctx context.Context, desired, current *Subnet) (bool, error)
UpdateSubnetAttributes updates attributes of the given subnet
func (*Client) UpdateVpcAttribute ¶ added in v1.44.0
func (c *Client) UpdateVpcAttribute(ctx context.Context, vpcId, attributeName string, value bool) error
UpdateVpcAttribute sets/updates a VPC attribute if needed. Supported attribute names are `enableDnsSupport` (const ec2.VpcAttributeNameEnableDnsSupport) and `enableDnsHostnames` (const ec2.VpcAttributeNameEnableDnsHostnames) and
func (*Client) WaitForIPv6Cidr ¶ added in v1.46.0
WaitForIPv6Cidr waits for the ipv6 cidr block association
type DhcpOptions ¶ added in v1.44.0
DhcpOptions contains the relevant fields of a EC2 DHCP options resource.
type ElasticIP ¶ added in v1.44.0
ElasticIP contains the relevant fields for an EC2 elastic IP resource.
type Factory ¶ added in v1.27.0
type Factory interface { // NewClient creates a new instance of Interface for the given AWS credentials and region. NewClient(accessKeyID, secretAccessKey, region string) (Interface, error) }
Factory creates instances of Interface.
type FactoryFunc ¶ added in v1.27.0
FactoryFunc is a function that implements Factory.
type IAMInstanceProfile ¶ added in v1.44.0
type IAMInstanceProfile struct { InstanceProfileId string InstanceProfileName string Path string RoleName string }
IAMInstanceProfile contains the relevant fields for an IAM instance profile resource.
type IAMRole ¶ added in v1.44.0
type IAMRole struct { RoleId string RoleName string Path string AssumeRolePolicyDocument string ARN string }
IAMRole contains the relevant fields for an IAM role resource.
type IAMRolePolicy ¶ added in v1.44.0
IAMRolePolicy contains the relevant fields for an IAM role policy resource.
type Interface ¶
type Interface interface { GetAccountID(ctx context.Context) (string, error) GetVPCInternetGateway(ctx context.Context, vpcID string) (string, error) GetVPCAttribute(ctx context.Context, vpcID string, attribute string) (bool, error) GetDHCPOptions(ctx context.Context, vpcID string) (map[string]string, error) GetElasticIPsAssociationIDForAllocationIDs(ctx context.Context, allocationIDs []string) (map[string]*string, error) GetNATGatewayAddressAllocations(ctx context.Context, shootNamespace string) (sets.Set[string], error) // S3 wrappers DeleteObjectsWithPrefix(ctx context.Context, bucket, prefix string) error CreateBucketIfNotExists(ctx context.Context, bucket, region string) error DeleteBucketIfExists(ctx context.Context, bucket string) error // Route53 wrappers GetDNSHostedZones(ctx context.Context) (map[string]string, error) CreateOrUpdateDNSRecordSet(ctx context.Context, zoneId, name, recordType string, values []string, ttl int64) error DeleteDNSRecordSet(ctx context.Context, zoneId, name, recordType string, values []string, ttl int64) error // The following functions are only temporary needed due to https://github.com/gardener/gardener/issues/129. ListKubernetesELBs(ctx context.Context, vpcID, clusterName string) ([]string, error) ListKubernetesELBsV2(ctx context.Context, vpcID, clusterName string) ([]string, error) ListKubernetesSecurityGroups(ctx context.Context, vpcID, clusterName string) ([]string, error) DeleteELB(ctx context.Context, name string) error DeleteELBV2(ctx context.Context, arn string) error // VPCs CreateVpcDhcpOptions(ctx context.Context, options *DhcpOptions) (*DhcpOptions, error) GetVpcDhcpOptions(ctx context.Context, id string) (*DhcpOptions, error) FindVpcDhcpOptionsByTags(ctx context.Context, tags Tags) ([]*DhcpOptions, error) DeleteVpcDhcpOptions(ctx context.Context, id string) error CreateVpc(ctx context.Context, vpc *VPC) (*VPC, error) GetIPv6Cidr(ctx context.Context, vpcID string) (string, error) WaitForIPv6Cidr(ctx context.Context, vpcID string) (string, error) AddVpcDhcpOptionAssociation(vpcId string, dhcpOptionsId *string) error UpdateVpcAttribute(ctx context.Context, vpcId, attributeName string, value bool) error UpdateAmazonProvidedIPv6CidrBlock(ctx context.Context, desired *VPC, current *VPC) (bool, error) DeleteVpc(ctx context.Context, id string) error GetVpc(ctx context.Context, id string) (*VPC, error) FindVpcsByTags(ctx context.Context, tags Tags) ([]*VPC, error) // Security groups CreateSecurityGroup(ctx context.Context, sg *SecurityGroup) (*SecurityGroup, error) GetSecurityGroup(ctx context.Context, id string) (*SecurityGroup, error) FindSecurityGroupsByTags(ctx context.Context, tags Tags) ([]*SecurityGroup, error) FindDefaultSecurityGroupByVpcId(ctx context.Context, vpcId string) (*SecurityGroup, error) AuthorizeSecurityGroupRules(ctx context.Context, id string, rules []*SecurityGroupRule) error RevokeSecurityGroupRules(ctx context.Context, id string, rules []*SecurityGroupRule) error DeleteSecurityGroup(ctx context.Context, id string) error // Internet gateways CreateInternetGateway(ctx context.Context, gateway *InternetGateway) (*InternetGateway, error) GetInternetGateway(ctx context.Context, id string) (*InternetGateway, error) FindInternetGatewaysByTags(ctx context.Context, tags Tags) ([]*InternetGateway, error) FindInternetGatewayByVPC(ctx context.Context, vpcId string) (*InternetGateway, error) DeleteInternetGateway(ctx context.Context, id string) error AttachInternetGateway(ctx context.Context, vpcId, internetGatewayId string) error DetachInternetGateway(ctx context.Context, vpcId, internetGatewayId string) error // VPC Endpoints CreateVpcEndpoint(ctx context.Context, endpoint *VpcEndpoint) (*VpcEndpoint, error) GetVpcEndpoints(ctx context.Context, ids []string) ([]*VpcEndpoint, error) FindVpcEndpointsByTags(ctx context.Context, tags Tags) ([]*VpcEndpoint, error) DeleteVpcEndpoint(ctx context.Context, id string) error // VPC Endpoints Route table associations CreateVpcEndpointRouteTableAssociation(ctx context.Context, routeTableId, vpcEndpointId string) error DeleteVpcEndpointRouteTableAssociation(ctx context.Context, routeTableId, vpcEndpointId string) error // Route tables CreateRouteTable(ctx context.Context, routeTable *RouteTable) (*RouteTable, error) GetRouteTable(ctx context.Context, id string) (*RouteTable, error) FindRouteTablesByTags(ctx context.Context, tags Tags) ([]*RouteTable, error) DeleteRouteTable(ctx context.Context, id string) error CreateRoute(ctx context.Context, routeTableId string, route *Route) error DeleteRoute(ctx context.Context, routeTableId string, route *Route) error // Subnets CreateSubnet(ctx context.Context, subnet *Subnet) (*Subnet, error) GetSubnets(ctx context.Context, ids []string) ([]*Subnet, error) FindSubnetsByTags(ctx context.Context, tags Tags) ([]*Subnet, error) UpdateSubnetAttributes(ctx context.Context, desired, current *Subnet) (modified bool, err error) DeleteSubnet(ctx context.Context, id string) error // Route table associations CreateRouteTableAssociation(ctx context.Context, routeTableId, subnetId string) (associationId *string, err error) DeleteRouteTableAssociation(ctx context.Context, associationId string) error // Elastic IP CreateElasticIP(ctx context.Context, eip *ElasticIP) (*ElasticIP, error) GetElasticIP(ctx context.Context, id string) (*ElasticIP, error) FindElasticIPsByTags(ctx context.Context, tags Tags) ([]*ElasticIP, error) DeleteElasticIP(ctx context.Context, id string) error // Internet gateways CreateNATGateway(ctx context.Context, gateway *NATGateway) (*NATGateway, error) WaitForNATGatewayAvailable(ctx context.Context, id string) error GetNATGateway(ctx context.Context, id string) (*NATGateway, error) FindNATGatewaysByTags(ctx context.Context, tags Tags) ([]*NATGateway, error) DeleteNATGateway(ctx context.Context, id string) error // Key pairs ImportKeyPair(ctx context.Context, keyName string, publicKey []byte, tags Tags) (*KeyPairInfo, error) GetKeyPair(ctx context.Context, keyName string) (*KeyPairInfo, error) FindKeyPairsByTags(ctx context.Context, tags Tags) ([]*KeyPairInfo, error) DeleteKeyPair(ctx context.Context, keyName string) error // IAM Role CreateIAMRole(ctx context.Context, role *IAMRole) (*IAMRole, error) GetIAMRole(ctx context.Context, roleName string) (*IAMRole, error) DeleteIAMRole(ctx context.Context, roleName string) error UpdateAssumeRolePolicy(ctx context.Context, roleName, assumeRolePolicy string) error // IAM Instance Profile CreateIAMInstanceProfile(ctx context.Context, profile *IAMInstanceProfile) (*IAMInstanceProfile, error) GetIAMInstanceProfile(ctx context.Context, profileName string) (*IAMInstanceProfile, error) DeleteIAMInstanceProfile(ctx context.Context, profileName string) error AddRoleToIAMInstanceProfile(ctx context.Context, profileName, roleName string) error RemoveRoleFromIAMInstanceProfile(ctx context.Context, profileName, roleName string) error // IAM Role Policy PutIAMRolePolicy(ctx context.Context, policy *IAMRolePolicy) error GetIAMRolePolicy(ctx context.Context, policyName, roleName string) (*IAMRolePolicy, error) DeleteIAMRolePolicy(ctx context.Context, policyName, roleName string) error // EC2 tags CreateEC2Tags(ctx context.Context, resources []string, tags Tags) error DeleteEC2Tags(ctx context.Context, resources []string, tags Tags) error }
Interface is an interface which must be implemented by AWS clients.
func NewInterface ¶ added in v1.27.0
NewInterface creates a new instance of Interface for the given AWS credentials and region.
type InternetGateway ¶ added in v1.44.0
InternetGateway contains the relevant fields for an EC2 internet gateway resource.
type KeyPairInfo ¶ added in v1.44.0
KeyPairInfo contains the relevant fields for an EC2 key pair.
type NATGateway ¶ added in v1.44.0
type NATGateway struct { Tags NATGatewayId string EIPAllocationId string PublicIP string SubnetId string State string }
NATGateway contains the relevant fields for an EC2 NAT gateway resource.
type RetryableIPv6CIDRError ¶ added in v1.52.0
type RetryableIPv6CIDRError struct{}
RetryableIPv6CIDRError is a custom error type.
func (*RetryableIPv6CIDRError) Error ¶ added in v1.52.0
func (e *RetryableIPv6CIDRError) Error() string
Error prints the error message of the RetryableIPv6CIDRError error.
type Route ¶ added in v1.44.0
type Route struct { DestinationCidrBlock *string DestinationIpv6CidrBlock *string GatewayId *string NatGatewayId *string DestinationPrefixListId *string }
Route contains the relevant fields for a route of an EC2 route table resource.
type Route53RateLimiterWaitError ¶ added in v1.33.0
type Route53RateLimiterWaitError struct {
Cause error
}
Route53RateLimiterWaitError is an error to be reported if waiting for a route53 rate limiter fails. This can only happen if the wait time would exceed the configured wait timeout.
func (*Route53RateLimiterWaitError) Error ¶ added in v1.33.0
func (e *Route53RateLimiterWaitError) Error() string
type RouteTable ¶ added in v1.44.0
type RouteTable struct { Tags RouteTableId string VpcId *string Routes []*Route Associations []*RouteTableAssociation }
RouteTable contains the relevant fields for an EC2 route table resource. Routes and Associations are filled for returned values, but ignored on creation.
type RouteTableAssociation ¶ added in v1.44.0
type RouteTableAssociation struct { RouteTableAssociationId string Main bool GatewayId *string SubnetId *string }
RouteTableAssociation contains the relevant fields for a route association of an EC2 route table resource.
type SecurityGroup ¶ added in v1.44.0
type SecurityGroup struct { Tags GroupId string GroupName string VpcId *string Description *string Rules []*SecurityGroupRule }
SecurityGroup contains the relevant fields of a EC2 security group resource.
func (*SecurityGroup) Clone ¶ added in v1.44.0
func (sg *SecurityGroup) Clone() *SecurityGroup
Clone creates a copy.
func (*SecurityGroup) DiffRules ¶ added in v1.44.0
func (sg *SecurityGroup) DiffRules(other *SecurityGroup) (addedRules, removedRules []*SecurityGroupRule)
DiffRules calculates the different rules to another security group.
func (*SecurityGroup) EquivalentRulesTo ¶ added in v1.44.0
func (sg *SecurityGroup) EquivalentRulesTo(other *SecurityGroup) bool
EquivalentRulesTo returns true if the security rules are equivalent to the rules of another security group.
func (*SecurityGroup) SortedClone ¶ added in v1.44.0
func (sg *SecurityGroup) SortedClone() *SecurityGroup
SortedClone creates a copy with sorted rules.
type SecurityGroupRule ¶ added in v1.44.0
type SecurityGroupRule struct { Type SecurityGroupRuleType FromPort int ToPort int Protocol string CidrBlocks []string Self bool Foreign *string }
SecurityGroupRule contains the relevant fields of a EC2 security group rule resource.
func (*SecurityGroupRule) Clone ¶ added in v1.44.0
func (sgr *SecurityGroupRule) Clone() *SecurityGroupRule
Clone creates a copy.
func (*SecurityGroupRule) LessThan ¶ added in v1.44.0
func (sgr *SecurityGroupRule) LessThan(other *SecurityGroupRule) bool
LessThan compares to another securitry group role for ordering.
func (*SecurityGroupRule) SortedClone ¶ added in v1.44.0
func (sgr *SecurityGroupRule) SortedClone() *SecurityGroupRule
SortedClone creates a copy with sorted CidrBlocks array for comparing and sorting.
type SecurityGroupRuleType ¶ added in v1.44.0
type SecurityGroupRuleType string
SecurityGroupRuleType is type for security group rule types
const ( // SecurityGroupRuleTypeIngress is the type for ingress rules SecurityGroupRuleTypeIngress SecurityGroupRuleType = "ingress" // SecurityGroupRuleTypeEgress is the type for egress rules SecurityGroupRuleTypeEgress SecurityGroupRuleType = "egress" )
type Subnet ¶ added in v1.44.0
type Subnet struct { Tags SubnetId string VpcId *string CidrBlock string AvailabilityZone string AssignIpv6AddressOnCreation *bool CustomerOwnedIpv4Pool *string EnableDns64 *bool EnableResourceNameDnsAAAARecordOnLaunch *bool EnableResourceNameDnsARecordOnLaunch *bool Ipv6CidrBlocks []string Ipv6Native *bool MapPublicIpOnLaunch *bool MapCustomerOwnedIpOnLaunch *bool OutpostArn *string PrivateDnsHostnameTypeOnLaunch *string }
Subnet contains the relevant fields for an EC2 subnet resource.
type Tags ¶ added in v1.44.0
Tags is map of string key to string values. Duplicate keys are not supported in AWS.
func (Tags) ToTagSpecification ¶ added in v1.44.0
func (tags Tags) ToTagSpecification(resourceType string) *ec2.TagSpecification
ToTagSpecification exports the tags map as a EC2 TagSpecification for the given resource type.
func (Tags) ToTagSpecifications ¶ added in v1.44.0
func (tags Tags) ToTagSpecifications(resourceType string) []*ec2.TagSpecification
ToTagSpecifications exports the tags map as a EC2 TagSpecification array for the given resource type.
type Updater ¶ added in v1.44.0
type Updater interface { UpdateVpc(ctx context.Context, desired, current *VPC) (modified bool, err error) UpdateSecurityGroup(ctx context.Context, desired, current *SecurityGroup) (modified bool, err error) UpdateRouteTable(ctx context.Context, log logr.Logger, desired, current *RouteTable, controlledCidrBlocks ...string) (modified bool, err error) UpdateSubnet(ctx context.Context, desired, current *Subnet) (modified bool, err error) UpdateIAMInstanceProfile(ctx context.Context, desired, current *IAMInstanceProfile) (modified bool, err error) UpdateIAMRole(ctx context.Context, desired, current *IAMRole) (modified bool, err error) UpdateEC2Tags(ctx context.Context, id string, desired, current Tags) (modified bool, err error) }
Updater provides methods to update selected AWS client objects.
func NewUpdater ¶ added in v1.44.0
func NewUpdater(client Interface, ignoreTags *awsapi.IgnoreTags) Updater
NewUpdater creates a new updater instance.