ec2util

package

v0.0.1-really Latest Latest Go to latest Published: Sep 6, 2019 License: Apache-2.0 Imports: 11 Imported by: 2

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/grailbio/base

Documentation ¶

Index ¶

func DecodePEMAndParseCertificate(certificate string) (*x509.Certificate, error)
func GetIamInstanceProfileARN(output *ec2.DescribeInstancesOutput) (string, error)
func GetPublicIPAddress(output *ec2.DescribeInstancesOutput) (string, error)
func ValidateInstance(output *ec2.DescribeInstancesOutput, doc IdentityDocument, remoteAddr string) (role string, err error)
type IdentityDocument
- func ParseAndVerifyIdentityDocument(pkcs7b64 string) (*IdentityDocument, string, error)

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func DecodePEMAndParseCertificate ¶

func DecodePEMAndParseCertificate(certificate string) (*x509.Certificate, error)

DecodePEMAndParseCertificate decodes the PEM encoded certificate and parses it into a x509 cert.

func GetIamInstanceProfileARN ¶

func GetIamInstanceProfileARN(output *ec2.DescribeInstancesOutput) (string, error)

GetIamInstanceProfileARN extracts the ARN from the output of a call to DescribeInstances. The ARN is expected to be non-empty.

func GetPublicIPAddress ¶

func GetPublicIPAddress(output *ec2.DescribeInstancesOutput) (string, error)

GetPublicIPAddress extracts the public IP address from the output of a call to DescribeInstances. The response is expected to be non-empty if the instance has a public IP and empty ("") if the instance is private.

func ValidateInstance ¶

func ValidateInstance(output *ec2.DescribeInstancesOutput, doc IdentityDocument, remoteAddr string) (role string, err error)

ValidateInstance checks if an EC2 instance exists and it has the expected IP. It returns the name of the instance profile (the IAM role).

Note that this validation will not work for NATed VMs.

Types ¶

type IdentityDocument ¶

type IdentityDocument struct {
	InstanceID  string    `json:"instanceId,omitempty"`
	AccountID   string    `json:"accountId,omitempty"`
	Region      string    `json:"region,omitempty"`
	PendingTime time.Time `json:"pendingTime,omitempty"`
}

func ParseAndVerifyIdentityDocument ¶

func ParseAndVerifyIdentityDocument(pkcs7b64 string) (*IdentityDocument, string, error)

ParseAndVerifyIdentityDocument parses and checks and identity document in PKCS#7 format. Only some relevant fields are returned.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL