account_managers

Documentation

Index

• func FixedRoleBindComputedVariables(role string) []varcontext.DefaultVariable
• func RoleWhitelistProperty(serviceName string) string
• func ServiceAccountBindComputedVariables() []varcontext.DefaultVariable
• func ServiceAccountBindInputVariables(serviceName string, defaultWhitelist []string, defaultRole string) []broker.BrokerVariable
• func ServiceAccountBindOutputVariables() []broker.BrokerVariable
• func ServiceAccountWhitelistWithDefault(whitelist []string, defaultValue string) []broker.BrokerVariable
• type ServiceAccountInfo
• type ServiceAccountManager
  • func (sam *ServiceAccountManager) CreateCredentials(ctx context.Context, vc *varcontext.VarContext) (map[string]interface{}, error)
  • func (sam *ServiceAccountManager) DeleteCredentials(ctx context.Context, binding models.ServiceBindingCredentials) error

Examples

• RoleWhitelistProperty

Functions

func FixedRoleBindComputedVariables

func FixedRoleBindComputedVariables(role string) []varcontext.DefaultVariable

FixedRoleBindComputedVariables allows you to create a service account with a fixed role.

func RoleWhitelistProperty

func RoleWhitelistProperty(serviceName string) string

RoleWhitelistProperty computes the Viper property name for the boolean the user can set to enable or disable the role whitelist.

Example

serviceName := "left-handed-smoke-sifter"

fmt.Println(RoleWhitelistProperty(serviceName))

Output:

service.left-handed-smoke-sifter.whitelist

func ServiceAccountBindComputedVariables

func ServiceAccountBindComputedVariables() []varcontext.DefaultVariable

ServiceAccountBindComputedVariables holds computed variables required to provision service accounts, label them and ensure they are unique.

func ServiceAccountBindInputVariables

func ServiceAccountBindInputVariables(serviceName string, defaultWhitelist []string, defaultRole string) []broker.BrokerVariable

ServiceAccountBindInputVariables holds overridable whitelists with default values. This function SHOULD NOT be used for new services.

func ServiceAccountBindOutputVariables

func ServiceAccountBindOutputVariables() []broker.BrokerVariable

Variables output by all brokers that return service account info

func ServiceAccountWhitelistWithDefault

func ServiceAccountWhitelistWithDefault(whitelist []string, defaultValue string) []broker.BrokerVariable

ServiceAccountWhitelistWithDefault holds non-overridable whitelists with default values. This function SHOULD be used for new services over ServiceAccountBindInputVariables.

Types

type ServiceAccountInfo

type ServiceAccountInfo struct {
	// the bits to save
	Name      string `json:"Name"`
	Email     string `json:"Email"`
	UniqueId  string `json:"UniqueId"`
	ProjectId string `json:"ProjectId"`

	// the bit to return
	PrivateKeyData string `json:"PrivateKeyData"`
}

type ServiceAccountManager

type ServiceAccountManager struct {
	ProjectId  string
	HttpConfig *jwt.Config
	Logger     lager.Logger
}

func (*ServiceAccountManager) CreateCredentials

func (sam *ServiceAccountManager) CreateCredentials(ctx context.Context, vc *varcontext.VarContext) (map[string]interface{}, error)

If roleWhitelist is specified, then the extracted role is validated against it and an error is returned if the role is not contained within the whitelist

func (*ServiceAccountManager) DeleteCredentials

func (sam *ServiceAccountManager) DeleteCredentials(ctx context.Context, binding models.ServiceBindingCredentials) error

deletes the given service account from Google