databases

package
v1.2.3-fred.12 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Nov 1, 2022 License: Apache-2.0 Imports: 16 Imported by: 0

Documentation

Index

Constants

View Source
const (
	// DefaultPolicyName default policy name.
	DefaultPolicyName = "DatabaseAccess"
)

Variables

This section is empty.

Functions

This section is empty.

Types

type AWSConfiguratorConfig

type AWSConfiguratorConfig struct {
	// Flags user-provided flags to configure/execute the configurator.
	Flags BootstrapFlags
	// FileConfig Teleport database agent config.
	FileConfig *config.FileConfig
	// AWSSession current AWS session.
	AWSSession *awssession.Session
	// AWSSTSClient AWS STS client.
	AWSSTSClient stsiface.STSAPI
	// Policies instance of the `Policies` that the actions use.
	Policies awslib.Policies
	// Identity is the current AWS credentials chain identity.
	Identity awslib.Identity
}

func (*AWSConfiguratorConfig) CheckAndSetDefaults

func (c *AWSConfiguratorConfig) CheckAndSetDefaults() error

CheckAndSetDefaults checks and set configuration default values.

type BootstrapFlags

type BootstrapFlags struct {
	// ConfigPath database agent configuration path.
	ConfigPath string
	// Manual boolean indicating if the configurator will perform the
	// instructions or if it will be the user.
	Manual bool
	// PolicyName name of the generated policy.
	PolicyName string
	// AttachToUser user that the generated policies will be attached to.
	AttachToUser string
	// AttachToRole role that the generated policies will be attached to.
	AttachToRole string
	// ForceRDSPermissions forces the presence of RDS permissions.
	ForceRDSPermissions bool
	// ForceRDSProxyPermissions forces the presence of RDS Proxy permissions.
	ForceRDSProxyPermissions bool
	// ForceRedshiftPermissions forces the presence of Redshift permissions.
	ForceRedshiftPermissions bool
	// ForceElastiCachePermissions forces the presence of ElastiCache permissions.
	ForceElastiCachePermissions bool
	// ForceMemoryDBPermissions forces the presence of MemoryDB permissions.
	ForceMemoryDBPermissions bool
}

BootstrapFlags flags provided by users to configure and define how the configurators will work.

type Configurator

type Configurator interface {
	// Actions return the list of actions that needs to be performed by the
	// users (when in manual mode) or by the configurator itself.
	Actions() []ConfiguratorAction
	// Name returns the configurator name.
	Name() string
	// IsEmpty defines if the configurator will have to perform any action.
	IsEmpty() bool
}

Configurator responsible for generating a list of actions that needs to be performed in the database agent bootstrap process.

func BuildConfigurators

func BuildConfigurators(flags BootstrapFlags) ([]Configurator, error)

BuildConfigurators reads the configuration and returns a list of configurators. Configurators that are "empty" are not returned.

func NewAWSConfigurator

func NewAWSConfigurator(config AWSConfiguratorConfig) (Configurator, error)

NewAWSConfigurator creates an instance of awsConfigurator and builds its actions.

type ConfiguratorAction

type ConfiguratorAction interface {
	// Description returns human-readable description of what the action will
	// do.
	Description() string
	// Details if the action has some additional information, such as a JSON
	// payload, it will be returned in the `Details`.
	Details() string
	// Execute executes the action with the provided context. It might or not
	// modify the `ConfiguratorActionContext`.
	//
	// Actions can store and retrieve information from the
	// `ConfiguratorActionContext` that is passed to `Execute`. For example,
	// if an action requires information that was generated by a previous action.
	// It should retrieve this information from context.
	Execute(context.Context, *ConfiguratorActionContext) error
}

ConfiguratorAction single configurator action, its details can be retrieved using `Description` and `Details`, and executed using `Execute` function.

type ConfiguratorActionContext

type ConfiguratorActionContext struct {
	// AWSPolicyArn AWS ARN of the created policy.
	AWSPolicyArn string
	// AWS ARN of the created policy boundary.
	AWSPolicyBoundaryArn string
}

ConfiguratorActionContext context passed across configurator actions. It is used to share attributes between actions.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL