account_managers

package

v4.2.0-rc+incompatible Latest Latest Go to latest Published: Dec 28, 2018 License: Apache-2.0 Imports: 17 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/googlecloudplatform/gcp-service-broker

Documentation ¶

Index ¶

func FixedRoleBindComputedVariables(role string) []varcontext.DefaultVariable
func RoleWhitelistProperty(serviceName string) string
func ServiceAccountBindComputedVariables() []varcontext.DefaultVariable
func ServiceAccountBindInputVariables(serviceName string, defaultWhitelist []string, defaultRole string) []broker.BrokerVariable
func ServiceAccountBindOutputVariables() []broker.BrokerVariable
func ServiceAccountWhitelistWithDefault(whitelist []string, defaultValue string) []broker.BrokerVariable
type ServiceAccountInfo
type ServiceAccountManager
- func (sam *ServiceAccountManager) CreateCredentials(ctx context.Context, vc *varcontext.VarContext) (map[string]interface{}, error)
- func (sam *ServiceAccountManager) DeleteCredentials(ctx context.Context, binding models.ServiceBindingCredentials) error

Examples ¶

RoleWhitelistProperty

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func FixedRoleBindComputedVariables ¶

func FixedRoleBindComputedVariables(role string) []varcontext.DefaultVariable

FixedRoleBindComputedVariables allows you to create a service account with a fixed role.

func RoleWhitelistProperty ¶

func RoleWhitelistProperty(serviceName string) string

RoleWhitelistProperty computes the Viper property name for the boolean the user can set to enable or disable the role whitelist.

Example ¶

serviceName := "left-handed-smoke-sifter"

fmt.Println(RoleWhitelistProperty(serviceName))

Output:

service.left-handed-smoke-sifter.whitelist

func ServiceAccountBindComputedVariables ¶

func ServiceAccountBindComputedVariables() []varcontext.DefaultVariable

ServiceAccountBindComputedVariables holds computed variables required to provision service accounts, label them and ensure they are unique.

func ServiceAccountBindInputVariables ¶

func ServiceAccountBindInputVariables(serviceName string, defaultWhitelist []string, defaultRole string) []broker.BrokerVariable

ServiceAccountBindInputVariables holds overridable whitelists with default values. This function SHOULD NOT be used for new services.

func ServiceAccountBindOutputVariables ¶

func ServiceAccountBindOutputVariables() []broker.BrokerVariable

Variables output by all brokers that return service account info

func ServiceAccountWhitelistWithDefault ¶

func ServiceAccountWhitelistWithDefault(whitelist []string, defaultValue string) []broker.BrokerVariable

ServiceAccountWhitelistWithDefault holds non-overridable whitelists with default values. This function SHOULD be used for new services over ServiceAccountBindInputVariables.

Types ¶

type ServiceAccountInfo ¶

type ServiceAccountInfo struct {
	// the bits to save
	Name      string `json:"Name"`
	Email     string `json:"Email"`
	UniqueId  string `json:"UniqueId"`
	ProjectId string `json:"ProjectId"`

	// the bit to return
	PrivateKeyData string `json:"PrivateKeyData"`
}

type ServiceAccountManager ¶

type ServiceAccountManager struct {
	ProjectId  string
	HttpConfig *jwt.Config
	Logger     lager.Logger
}

func (*ServiceAccountManager) CreateCredentials ¶

func (sam *ServiceAccountManager) CreateCredentials(ctx context.Context, vc *varcontext.VarContext) (map[string]interface{}, error)

If roleWhitelist is specified, then the extracted role is validated against it and an error is returned if the role is not contained within the whitelist

func (*ServiceAccountManager) DeleteCredentials ¶

func (sam *ServiceAccountManager) DeleteCredentials(ctx context.Context, binding models.ServiceBindingCredentials) error

deletes the given service account from Google

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL