aws

package
v0.0.0-...-477458c Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Nov 22, 2024 License: Apache-2.0 Imports: 8 Imported by: 18

Documentation

Index

Constants

View Source
const (
	// DocumentDBServiceName is the service name for AWS DocumentDB.
	//
	// TODO(greedy52) support DocumentDB Elastic clusters when IAM Auth support
	// is added. Note that Elastic clusters use "docdb-elastic" as the service
	// name in the endpoint.
	DocumentDBServiceName = "docdb"

	// DocumentDBClusterEndpoint specifies a DocumentDB primary/cluster
	// endpoint.
	DocumentDBClusterEndpoint = "cluster"
	// DocumentDBReaderEndpoint specifies a DocumentDB reader endpoint.
	DocumentDBClusterReaderEndpoint = "reader"
	// DocumentDBInstanceEndpoint specifies a DocumentDB instance endpoint.
	DocumentDBInstanceEndpoint = "instance"
)
View Source
const (
	// ElastiCacheConfigurationEndpoint is the configuration endpoint that used
	// for cluster mode connection.
	ElastiCacheConfigurationEndpoint = "configuration"
	// ElastiCachePrimaryEndpoint is the endpoint of the primary node in the
	// node group.
	ElastiCachePrimaryEndpoint = "primary"
	// ElastiCacheReaderEndpoint is the endpoint of the replica nodes in the
	// node group.
	ElastiCacheReaderEndpoint = "reader"
	// ElastiCacheNodeEndpoint is the endpoint that used to connect to an
	// individual node.
	ElastiCacheNodeEndpoint = "node"

	// MemoryDBClusterEndpoint is the cluster configuration endpoint for a
	// MemoryDB cluster.
	MemoryDBClusterEndpoint = "cluster"
	// MemoryDBNodeEndpoint is the endpoint of an individual MemoryDB node.
	MemoryDBNodeEndpoint = "node"

	// OpenSearchDefaultEndpoint is the default endpoint for domain.
	OpenSearchDefaultEndpoint = "default"
	// OpenSearchCustomEndpoint is the custom endpoint configured for domain.
	OpenSearchCustomEndpoint = "custom"
	// OpenSearchVPCEndpoint is the VPC endpoint for domain.
	OpenSearchVPCEndpoint = "vpc"

	// RDSEndpointTypePrimary is the endpoint that specifies the connection for
	// the primary instance of the RDS cluster.
	RDSEndpointTypePrimary = "primary"
	// RDSEndpointTypeReader is the endpoint that load-balances connections
	// across the Aurora Replicas that are available in an RDS cluster.
	RDSEndpointTypeReader = "reader"
	// RDSEndpointTypeCustom is the endpoint that specifies one of the custom
	// endpoints associated with the RDS cluster.
	RDSEndpointTypeCustom = "custom"
	// RDSEndpointTypeInstance is the endpoint of an RDS DB instance.
	RDSEndpointTypeInstance = "instance"
)
View Source
const (
	// AWSEndpointSuffix is the endpoint suffix for AWS Standard and AWS US
	// GovCloud regions.
	//
	// https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints
	// https://docs.aws.amazon.com/govcloud-us/latest/UserGuide/using-govcloud-endpoints.html
	AWSEndpointSuffix = ".amazonaws.com"

	// AWSCNEndpointSuffix is the endpoint suffix for AWS China regions.
	//
	// https://docs.amazonaws.cn/en_us/aws/latest/userguide/endpoints-arns.html
	AWSCNEndpointSuffix = ".amazonaws.com.cn"

	// RDSServiceName is the service name for AWS RDS.
	RDSServiceName = "rds"

	// RedshiftServiceName is the service name for AWS Redshift.
	RedshiftServiceName = "redshift"

	// RedshiftServerlessServiceName is the service name for AWS Redshift Serverless.
	RedshiftServerlessServiceName = "redshift-serverless"

	// ElastiCacheServiceName is the service name for AWS ElastiCache.
	ElastiCacheServiceName = "cache"

	// MemoryDBSServiceName is the service name for AWS MemoryDB.
	MemoryDBSServiceName = "memorydb"

	// DynamoDBServiceName is the service name for AWS DynamoDB.
	DynamoDBServiceName = "dynamodb"
	// DynamoDBFipsServiceName is the fips variant service name for AWS DynamoDB.
	DynamoDBFipsServiceName = "dynamodb-fips"
	// DynamoDBStreamsServiceName is the AWS DynamoDB Streams service name.
	DynamoDBStreamsServiceName = "streams.dynamodb"
	// DAXServiceName is the AWS DynamoDB Accelerator service name.
	DAXServiceName = "dax"

	// OpenSearchServiceName is the AWS OpenSearch service name.
	OpenSearchServiceName = "es"
)
View Source
const (
	// StandardPartition is the partition ID of the AWS Standard partition.
	StandardPartition = "aws"

	// CNPartition is the partition ID of the AWS China partition.
	CNPartition = "aws-cn"

	// USGovPartition is the partition ID of the AWS GovCloud partition.
	USGovPartition = "aws-us-gov"
)
View Source
const (
	// CNRegionPrefix is the prefix for all AWS China regions.
	CNRegionPrefix = "cn-"

	// USGovRegionPrefix is the prefix for all AWS US GovCloud regions.
	USGovRegionPrefix = "us-gov-"
)
View Source
const (
	// AWSGlobalRegion is a sentinel value used by AWS to be able to use global endpoints, instead of region specific ones.
	// Useful for STS API Calls.
	// https://docs.aws.amazon.com/sdkref/latest/guide/feature-region.html
	AWSGlobalRegion = "aws-global"
)

Variables

This section is empty.

Functions

func CassandraEndpointRegion

func CassandraEndpointRegion(endpoint string) (string, error)

CassandraEndpointRegion returns an AWS region from cassandra endpoint: where endpoint looks like cassandra.us-east-2.amazonaws.com https://docs.aws.amazon.com/keyspaces/latest/devguide/programmatic.endpoints.html

func CassandraEndpointURLForRegion

func CassandraEndpointURLForRegion(region string) string

CassandraEndpointURLForRegion returns a Cassandra endpoint based on the provided region. https://docs.aws.amazon.com/keyspaces/latest/devguide/programmatic.endpoints.html

func CheckRoleARN

func CheckRoleARN(arn string) error

CheckRoleARN returns whether a string is a valid IAM Role ARN. Example role ARN: arn:aws:iam::123456789012:role/some-role-name

func DynamoDBURIForRegion

func DynamoDBURIForRegion(region string) string

DynamoDBURIForRegion constructs a DynamoDB URI based on the AWS region. The URI uses a custom schema aws:// to differentiate an auto-generated URI from a user-configured URI in the engine. When the Teleport DynamoDB engine sees this custom URI schema, it will resolve the real endpoint using the request API target. https://docs.aws.amazon.com/general/latest/gr/ddb.html

func GetPartitionFromRegion

func GetPartitionFromRegion(region string) string

GetPartitionFromRegion get aws partition from region example, region "us-east-1" corresponds to partition "aws" region "cn-north-1" corresponds to partition "aws-cn"

func IsAWSEndpoint

func IsAWSEndpoint(uri string) bool

IsAWSEndpoint returns true if the input URI is an AWS endpoint.

func IsCNRegion

func IsCNRegion(region string) bool

IsCNRegion returns true if the region is an AWS China region.

func IsDocumentDBEndpoint

func IsDocumentDBEndpoint(uri string) bool

IsDocumentDBEndpoint returns true if the input URI is a DocumentDB endpoint.

https://docs.aws.amazon.com/documentdb/latest/developerguide/endpoints.html

func IsEC2NodeID

func IsEC2NodeID(id string) bool

IsEC2NodeID returns true if the given ID looks like an EC2 node ID. Uses a simple regex to check. Node IDs are almost always UUIDs when set automatically, but can be manually overridden by admins. If someone manually sets a host ID that looks like one of our generated EC2 node IDs, they may be able to trick this function, so don't use it for any critical purpose.

func IsElastiCacheEndpoint

func IsElastiCacheEndpoint(uri string) bool

IsElastiCacheEndpoint returns true if the input URI is an ElastiCache endpoint.

func IsKeyspacesEndpoint

func IsKeyspacesEndpoint(uri string) bool

IsKeyspacesEndpoint returns true if input URI is an AWS Keyspaces endpoint. https://docs.aws.amazon.com/keyspaces/latest/devguide/programmatic.endpoints.html

func IsMemoryDBEndpoint

func IsMemoryDBEndpoint(uri string) bool

IsMemoryDBEndpoint returns true if the input URI is an MemoryDB endpoint.

func IsOpenSearchEndpoint

func IsOpenSearchEndpoint(uri string) bool

IsOpenSearchEndpoint returns true if input URI is an OpenSearch endpoint.

func IsRDSEndpoint

func IsRDSEndpoint(uri string) bool

IsRDSEndpoint returns true if the input URI is an RDS endpoint.

https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Aurora.Overview.Endpoints.html

func IsRedshiftEndpoint

func IsRedshiftEndpoint(uri string) bool

IsRedshiftEndpoint returns true if the input URI is an Redshift endpoint.

https://docs.aws.amazon.com/redshift/latest/mgmt/connecting-from-psql.html

func IsRedshiftServerlessEndpoint

func IsRedshiftServerlessEndpoint(uri string) bool

IsRedshiftServerlessEndpoint returns true if the input URI is an Redshift Serverless endpoint.

https://docs.aws.amazon.com/redshift/latest/mgmt/serverless-connecting.html

func IsUSGovRegion

func IsUSGovRegion(region string) bool

IsUSGovRegion returns true if the region is an AWS US GovCloud region.

func IsValidAccountID

func IsValidAccountID(accountID string) error

IsValidAccountID checks whether the accountID is a valid AWS Account ID

https://docs.aws.amazon.com/accounts/latest/reference/manage-acct-identifiers.html

func IsValidAthenaWorkgroupName

func IsValidAthenaWorkgroupName(workgroup string) error

IsValidAthenaWorkgroupName checks whether the name is a valid AWS Athena workgroup name.

func IsValidGlueResourceName

func IsValidGlueResourceName(name string) error

IsValidGlueResourceName check whether the name is valid for an AWS Glue database or table used with AWS Athena

func IsValidIAMPolicyName

func IsValidIAMPolicyName(policyName string) error

IsValidIAMPolicyName checks whether the policy name is a valid AWS IAM Policy identifier.

> Length Constraints: Minimum length of 1. Maximum length of 128. > Pattern: [\w+=,.@-]+ https://docs.aws.amazon.com/IAM/latest/APIReference/API_CreatePolicy.html

func IsValidIAMRoleName

func IsValidIAMRoleName(roleName string) error

IsValidIAMRoleName checks whether the role name is a valid AWS IAM Role identifier.

> Length Constraints: Minimum length of 1. Maximum length of 64. > Pattern: [\w+=,.@-]+ https://docs.aws.amazon.com/IAM/latest/APIReference/API_CreateRole.html

func IsValidPartition

func IsValidPartition(partition string) error

IsValidPartition checks if partition is a valid AWS partition

func IsValidRegion

func IsValidRegion(region string) error

IsValidRegion ensures the region looks to be valid. It does not do a full validation, because AWS doesn't provide documentation for that. However, they usually only have the following chars: [a-z0-9\-]

func ParseRedshiftEndpoint

func ParseRedshiftEndpoint(endpoint string) (clusterID, region string, err error)

ParseRedshiftEndpoint extracts cluster ID and region from the provided Redshift endpoint.

func ShortRegionToRegion

func ShortRegionToRegion(shortRegion string) (string, bool)

ShortRegionToRegion converts short region codes to regular region names. For example, a short region "use1" maps to region "us-east-1".

There is no official documentation on this mapping. Here is gist of others collecting these naming schemes: https://gist.github.com/colinvh/14e4b7fb6b66c29f79d3

This function currently does not support regions in secert partitions.

Types

type DocumentDBEndpointDetails

type DocumentDBEndpointDetails struct {
	// ClusterID is the identifier of a DocumentDB cluster.
	ClusterID string
	// InstanceID is the identifier of a DocumentDB instance.
	InstanceID string
	// Region is the AWS region for the endpoint.
	Region string
	// EndpointType specifies the type of the endpoint.
	EndpointType string
}

DocumentDBEndpointDetails contains information about a DocumentDB endpoint.

func ParseDocumentDBEndpoint

func ParseDocumentDBEndpoint(endpoint string) (*DocumentDBEndpointDetails, error)

ParseDocumentDBEndpoint parses and extracts info from the provided DocumentDB endpoint.

type DynamoDBEndpointInfo

type DynamoDBEndpointInfo struct {
	// Service is the service subdomain of the endpoint, for example "dynamodb" or "dax".
	Service string
	// Region is the AWS region for the endpoint, for example "us-west-1".
	Region string
	// Partition is the AWS partition for the endpoint, for example ".amazonaws.com"
	Partition string
}

DynamoDBEndpointInfo describes info extracted from a DynamoDB endpoint.

func ParseDynamoDBEndpoint

func ParseDynamoDBEndpoint(endpoint string) (*DynamoDBEndpointInfo, error)

ParseDynamoDBEndpoint parses and extract info from the provided DynamoDB endpoint.

type OpenSearchEndpointInfo

type OpenSearchEndpointInfo struct {
	// Service is the service subdomain of the endpoint. Only "es" allowed for now.
	Service string
	// Region is the AWS region for the endpoint, for example "us-west-1".
	Region string
	// Partition is the AWS partition for the endpoint, for example ".amazonaws.com"
	Partition string
}

OpenSearchEndpointInfo describes info extracted from an AWS endpoint.

func ParseOpensearchEndpoint

func ParseOpensearchEndpoint(endpoint string) (*OpenSearchEndpointInfo, error)

ParseOpensearchEndpoint parses and extract info from the provided OpenSearch endpoint.

type RDSEndpointDetails

type RDSEndpointDetails struct {
	// InstanceID is the identifier of an RDS instance.
	InstanceID string
	// ClusterID is the identifier of an RDS Aurora cluster.
	ClusterID string
	// ClusterCustomEndpointName is the identifier of an Aurora cluster custom endpoint.
	ClusterCustomEndpointName string
	// ProxyName is the identifier of an RDS proxy.
	ProxyName string
	// ProxyCustomEndpointName is the identifier of an RDS proxy custom endpoint.
	ProxyCustomEndpointName string
	// Region is the AWS region the database resides in.
	Region string
	// EndpointType specifies the type of the endpoint, if available.
	//
	// Note that the endpoint type of RDS Proxies are determined by their
	// targets, so the endpoint type will be empty for RDS Proxies here as it
	// cannot be decided by the endpoint URL itself.
	EndpointType string
}

RDSEndpointDetails contains information about an RDS endpoint.

func ParseRDSEndpoint

func ParseRDSEndpoint(endpoint string) (d *RDSEndpointDetails, err error)

ParseRDSEndpoint extracts the identifier and region from the provided RDS endpoint.

func (RDSEndpointDetails) IsProxy

func (d RDSEndpointDetails) IsProxy() bool

IsProxy returns true if the RDS endpoint is an RDS Proxy.

type RedisEndpointInfo

type RedisEndpointInfo struct {
	// ID is the identifier of the endpoint.
	ID string
	// Region is the AWS region for the endpoint.
	Region string
	// TransitEncryptionEnabled specifies if in-transit encryption (TLS) is
	// enabled.
	TransitEncryptionEnabled bool
	// EndpointType specifies the type of the endpoint.
	EndpointType string
}

RedisEndpointInfo describes details extracted from a ElastiCache or MemoryDB Redis endpoint.

func ParseElastiCacheEndpoint

func ParseElastiCacheEndpoint(endpoint string) (*RedisEndpointInfo, error)

ParseElastiCacheEndpoint extracts the details from the provided ElastiCache Redis endpoint.

https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/GettingStarted.ConnectToCacheNode.html

func ParseMemoryDBEndpoint

func ParseMemoryDBEndpoint(endpoint string) (*RedisEndpointInfo, error)

ParseMemoryDBEndpoint extracts the details from the provided MemoryDB endpoint.

https://docs.aws.amazon.com/memorydb/latest/devguide/endpoints.html

type RedshiftServerlessEndpointDetails

type RedshiftServerlessEndpointDetails struct {
	// WorkgroupName is the name of the workgroup.
	WorkgroupName string
	// EndpointName is the name of the VPC endpoint.
	EndpointName string
	// AccountID is the AWS Account ID.
	AccountID string
	// Region is the AWS region the database resides in.
	Region string
}

RedshiftServerlessEndpointDetails contains information about an Redshift Serverless endpoint.

func ParseRedshiftServerlessEndpoint

func ParseRedshiftServerlessEndpoint(endpoint string) (details *RedshiftServerlessEndpointDetails, err error)

ParseRedshiftServerlessEndpoint extracts name, AWS Account ID, and region from the provided Redshift Serverless endpoint.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL