cloud

package
v1.2.3-fred.12 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Nov 1, 2022 License: Apache-2.0 Imports: 34 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func AppendGCPClientCert

func AppendGCPClientCert(ctx context.Context, sessionCtx *common.Session, gcpClient cloud.GCPSQLAdminClient, tlsConfig *tls.Config) error

AppendGCPClientCert calls the GCP API to generate an ephemeral certificate and adds it to the TLS config. An access denied error is returned when the generate call fails.

func GetGCPRequireSSL

func GetGCPRequireSSL(ctx context.Context, sessionCtx *common.Session, gcpClient cloud.GCPSQLAdminClient) (requireSSL bool, err error)

GetGCPRequireSSL requests settings for the project/instance in session from GCP and returns true when the instance requires SSL. An access denied error is returned when an unauthorized error is returned from GCP.

Types

type ElastiCacheMock

type ElastiCacheMock struct {
	elasticacheiface.ElastiCacheAPI

	ReplicationGroups []*elasticache.ReplicationGroup
	Users             []*elasticache.User
	TagsByARN         map[string][]*elasticache.Tag
}

ElastiCache mocks AWS ElastiCache API.

func (*ElastiCacheMock) AddMockUser

func (m *ElastiCacheMock) AddMockUser(user *elasticache.User, tagsMap map[string]string)

func (*ElastiCacheMock) DescribeUsersPagesWithContext

func (m *ElastiCacheMock) DescribeUsersPagesWithContext(_ aws.Context, _ *elasticache.DescribeUsersInput, fn func(*elasticache.DescribeUsersOutput, bool) bool, _ ...request.Option) error

func (*ElastiCacheMock) ListTagsForResourceWithContext

func (m *ElastiCacheMock) ListTagsForResourceWithContext(_ aws.Context, input *elasticache.ListTagsForResourceInput, _ ...request.Option) (*elasticache.TagListMessage, error)

func (*ElastiCacheMock) ModifyUserWithContext

func (m *ElastiCacheMock) ModifyUserWithContext(_ aws.Context, input *elasticache.ModifyUserInput, opts ...request.Option) (*elasticache.ModifyUserOutput, error)

type GCPSQLAdminClientMock

type GCPSQLAdminClientMock struct {
	// DatabaseInstance is returned from GetDatabaseInstance.
	DatabaseInstance *sqladmin.DatabaseInstance
	// EphemeralCert is returned from GenerateEphemeralCert.
	EphemeralCert *tls.Certificate
}

GCPSQLAdminClientMock implements the common.GCPSQLAdminClient interface for tests.

func (*GCPSQLAdminClientMock) GenerateEphemeralCert

func (g *GCPSQLAdminClientMock) GenerateEphemeralCert(ctx context.Context, db types.Database, identity tlsca.Identity) (*tls.Certificate, error)

func (*GCPSQLAdminClientMock) GetDatabaseInstance

func (g *GCPSQLAdminClientMock) GetDatabaseInstance(ctx context.Context, db types.Database) (*sqladmin.DatabaseInstance, error)

func (*GCPSQLAdminClientMock) UpdateUser

func (g *GCPSQLAdminClientMock) UpdateUser(ctx context.Context, db types.Database, dbUser string, user *sqladmin.User) error

type IAM

type IAM struct {
	// contains filtered or unexported fields
}

IAM is a service that manages IAM policies for cloud databases.

A semaphore lock has to be acquired by the this service before making changes to the IAM inline policy as database agents may share the same the same policy. These tasks are processed in a background goroutine to avoid blocking callers when acquiring the locks with retries.

func NewIAM

func NewIAM(ctx context.Context, config IAMConfig) (*IAM, error)

NewIAM returns a new IAM configurator service.

func (*IAM) Setup

func (c *IAM) Setup(ctx context.Context, database types.Database) error

Setup sets up cloud IAM policies for the provided database.

func (*IAM) Start

func (c *IAM) Start(ctx context.Context) error

Start starts the IAM configurator service.

func (*IAM) Teardown

func (c *IAM) Teardown(ctx context.Context, database types.Database) error

Teardown tears down cloud IAM policies for the provided database.

type IAMConfig

type IAMConfig struct {
	// Clock is used to control time.
	Clock clockwork.Clock
	// AccessPoint is a caching client connected to the Auth Server.
	AccessPoint auth.DatabaseAccessPoint
	// Clients is an interface for retrieving cloud clients.
	Clients cloud.Clients
	// HostID is the host identified where this agent is running.
	// DELETE IN 11.0.
	HostID string
	// contains filtered or unexported fields
}

IAMConfig is the IAM configurator config.

func (*IAMConfig) Check

func (c *IAMConfig) Check() error

Check validates the IAM configurator config.

type IAMErrorMock

type IAMErrorMock struct {
	iamiface.IAMAPI
	Error error
}

IAMErrorMock is a mock IAM client that returns the provided Error to all APIs. If Error is not provided, all APIs returns trace.AccessDenied by default.

func (*IAMErrorMock) GetRolePolicyWithContext

func (m *IAMErrorMock) GetRolePolicyWithContext(ctx aws.Context, input *iam.GetRolePolicyInput, options ...request.Option) (*iam.GetRolePolicyOutput, error)

func (*IAMErrorMock) GetUserPolicyWithContext

func (m *IAMErrorMock) GetUserPolicyWithContext(ctx aws.Context, input *iam.GetUserPolicyInput, options ...request.Option) (*iam.GetUserPolicyOutput, error)

func (*IAMErrorMock) PutRolePolicyWithContext

func (m *IAMErrorMock) PutRolePolicyWithContext(ctx aws.Context, input *iam.PutRolePolicyInput, options ...request.Option) (*iam.PutRolePolicyOutput, error)

func (*IAMErrorMock) PutUserPolicyWithContext

func (m *IAMErrorMock) PutUserPolicyWithContext(ctx aws.Context, input *iam.PutUserPolicyInput, options ...request.Option) (*iam.PutUserPolicyOutput, error)

type IAMMock

type IAMMock struct {
	iamiface.IAMAPI
	// contains filtered or unexported fields
}

IAMMock mocks AWS IAM API.

func (*IAMMock) DeleteRolePolicyWithContext

func (m *IAMMock) DeleteRolePolicyWithContext(ctx aws.Context, input *iam.DeleteRolePolicyInput, options ...request.Option) (*iam.DeleteRolePolicyOutput, error)

func (*IAMMock) DeleteUserPolicyWithContext

func (m *IAMMock) DeleteUserPolicyWithContext(ctx aws.Context, input *iam.DeleteUserPolicyInput, options ...request.Option) (*iam.DeleteUserPolicyOutput, error)

func (*IAMMock) GetRolePolicyWithContext

func (m *IAMMock) GetRolePolicyWithContext(ctx aws.Context, input *iam.GetRolePolicyInput, options ...request.Option) (*iam.GetRolePolicyOutput, error)

func (*IAMMock) GetUserPolicyWithContext

func (m *IAMMock) GetUserPolicyWithContext(ctx aws.Context, input *iam.GetUserPolicyInput, options ...request.Option) (*iam.GetUserPolicyOutput, error)

func (*IAMMock) PutRolePolicyWithContext

func (m *IAMMock) PutRolePolicyWithContext(ctx aws.Context, input *iam.PutRolePolicyInput, options ...request.Option) (*iam.PutRolePolicyOutput, error)

func (*IAMMock) PutUserPolicyWithContext

func (m *IAMMock) PutUserPolicyWithContext(ctx aws.Context, input *iam.PutUserPolicyInput, options ...request.Option) (*iam.PutUserPolicyOutput, error)

type MemoryDBMock

type MemoryDBMock struct {
	memorydbiface.MemoryDBAPI

	Clusters  []*memorydb.Cluster
	Users     []*memorydb.User
	TagsByARN map[string][]*memorydb.Tag
}

MemoryDBMock mocks AWS MemoryDB API.

func (*MemoryDBMock) AddMockUser

func (m *MemoryDBMock) AddMockUser(user *memorydb.User, tagsMap map[string]string)

func (*MemoryDBMock) DescribeClustersWithContext

func (m *MemoryDBMock) DescribeClustersWithContext(_ aws.Context, input *memorydb.DescribeClustersInput, _ ...request.Option) (*memorydb.DescribeClustersOutput, error)

func (*MemoryDBMock) DescribeUsersWithContext

func (*MemoryDBMock) ListTagsWithContext

func (m *MemoryDBMock) ListTagsWithContext(_ aws.Context, input *memorydb.ListTagsInput, _ ...request.Option) (*memorydb.ListTagsOutput, error)

func (*MemoryDBMock) UpdateUserWithContext

func (m *MemoryDBMock) UpdateUserWithContext(_ aws.Context, input *memorydb.UpdateUserInput, opts ...request.Option) (*memorydb.UpdateUserOutput, error)

type Metadata

type Metadata struct {
	// contains filtered or unexported fields
}

Metadata is a service that fetches cloud databases metadata.

func NewMetadata

func NewMetadata(config MetadataConfig) (*Metadata, error)

NewMetadata returns a new cloud metadata service.

func (*Metadata) Update

func (m *Metadata) Update(ctx context.Context, database types.Database) error

Update updates cloud metadata of the provided database.

type MetadataConfig

type MetadataConfig struct {
	// Clients is an interface for retrieving cloud clients.
	Clients cloud.Clients
}

MetadataConfig is the cloud metadata service config.

func (*MetadataConfig) Check

func (c *MetadataConfig) Check() error

Check validates the metadata service config.

type RDSMock

type RDSMock struct {
	rdsiface.RDSAPI
	DBInstances       []*rds.DBInstance
	DBClusters        []*rds.DBCluster
	DBProxies         []*rds.DBProxy
	DBProxyEndpoints  []*rds.DBProxyEndpoint
	DBProxyTargetPort int64
}

RDSMock mocks AWS RDS API.

func (*RDSMock) DescribeDBClustersPagesWithContext

func (m *RDSMock) DescribeDBClustersPagesWithContext(aws aws.Context, input *rds.DescribeDBClustersInput, fn func(*rds.DescribeDBClustersOutput, bool) bool, options ...request.Option) error

func (*RDSMock) DescribeDBClustersWithContext

func (m *RDSMock) DescribeDBClustersWithContext(ctx aws.Context, input *rds.DescribeDBClustersInput, options ...request.Option) (*rds.DescribeDBClustersOutput, error)

func (*RDSMock) DescribeDBInstancesPagesWithContext

func (m *RDSMock) DescribeDBInstancesPagesWithContext(ctx aws.Context, input *rds.DescribeDBInstancesInput, fn func(*rds.DescribeDBInstancesOutput, bool) bool, options ...request.Option) error

func (*RDSMock) DescribeDBInstancesWithContext

func (m *RDSMock) DescribeDBInstancesWithContext(ctx aws.Context, input *rds.DescribeDBInstancesInput, options ...request.Option) (*rds.DescribeDBInstancesOutput, error)

func (*RDSMock) DescribeDBProxiesPagesWithContext

func (m *RDSMock) DescribeDBProxiesPagesWithContext(ctx aws.Context, input *rds.DescribeDBProxiesInput, fn func(*rds.DescribeDBProxiesOutput, bool) bool, options ...request.Option) error

func (*RDSMock) DescribeDBProxiesWithContext

func (m *RDSMock) DescribeDBProxiesWithContext(ctx aws.Context, input *rds.DescribeDBProxiesInput, options ...request.Option) (*rds.DescribeDBProxiesOutput, error)

func (*RDSMock) DescribeDBProxyEndpointsPagesWithContext

func (m *RDSMock) DescribeDBProxyEndpointsPagesWithContext(ctx aws.Context, input *rds.DescribeDBProxyEndpointsInput, fn func(*rds.DescribeDBProxyEndpointsOutput, bool) bool, options ...request.Option) error

func (*RDSMock) DescribeDBProxyEndpointsWithContext

func (m *RDSMock) DescribeDBProxyEndpointsWithContext(ctx aws.Context, input *rds.DescribeDBProxyEndpointsInput, options ...request.Option) (*rds.DescribeDBProxyEndpointsOutput, error)

func (*RDSMock) DescribeDBProxyTargetsWithContext

func (m *RDSMock) DescribeDBProxyTargetsWithContext(ctx aws.Context, input *rds.DescribeDBProxyTargetsInput, options ...request.Option) (*rds.DescribeDBProxyTargetsOutput, error)

func (*RDSMock) ListTagsForResourceWithContext

func (m *RDSMock) ListTagsForResourceWithContext(ctx aws.Context, input *rds.ListTagsForResourceInput, options ...request.Option) (*rds.ListTagsForResourceOutput, error)

func (*RDSMock) ModifyDBClusterWithContext

func (m *RDSMock) ModifyDBClusterWithContext(ctx aws.Context, input *rds.ModifyDBClusterInput, options ...request.Option) (*rds.ModifyDBClusterOutput, error)

func (*RDSMock) ModifyDBInstanceWithContext

func (m *RDSMock) ModifyDBInstanceWithContext(ctx aws.Context, input *rds.ModifyDBInstanceInput, options ...request.Option) (*rds.ModifyDBInstanceOutput, error)

type RDSMockByDBType

type RDSMockByDBType struct {
	rdsiface.RDSAPI
	DBInstances rdsiface.RDSAPI
	DBClusters  rdsiface.RDSAPI
	DBProxies   rdsiface.RDSAPI
}

RDSMockByDBType is a mock RDS client that mocks API calls by DB type

func (*RDSMockByDBType) DescribeDBClustersPagesWithContext

func (m *RDSMockByDBType) DescribeDBClustersPagesWithContext(aws aws.Context, input *rds.DescribeDBClustersInput, fn func(*rds.DescribeDBClustersOutput, bool) bool, options ...request.Option) error

func (*RDSMockByDBType) DescribeDBClustersWithContext

func (m *RDSMockByDBType) DescribeDBClustersWithContext(ctx aws.Context, input *rds.DescribeDBClustersInput, options ...request.Option) (*rds.DescribeDBClustersOutput, error)

func (*RDSMockByDBType) DescribeDBInstancesPagesWithContext

func (m *RDSMockByDBType) DescribeDBInstancesPagesWithContext(ctx aws.Context, input *rds.DescribeDBInstancesInput, fn func(*rds.DescribeDBInstancesOutput, bool) bool, options ...request.Option) error

func (*RDSMockByDBType) DescribeDBInstancesWithContext

func (m *RDSMockByDBType) DescribeDBInstancesWithContext(ctx aws.Context, input *rds.DescribeDBInstancesInput, options ...request.Option) (*rds.DescribeDBInstancesOutput, error)

func (*RDSMockByDBType) DescribeDBProxiesPagesWithContext

func (m *RDSMockByDBType) DescribeDBProxiesPagesWithContext(ctx aws.Context, input *rds.DescribeDBProxiesInput, fn func(*rds.DescribeDBProxiesOutput, bool) bool, options ...request.Option) error

func (*RDSMockByDBType) DescribeDBProxiesWithContext

func (m *RDSMockByDBType) DescribeDBProxiesWithContext(ctx aws.Context, input *rds.DescribeDBProxiesInput, options ...request.Option) (*rds.DescribeDBProxiesOutput, error)

func (*RDSMockByDBType) DescribeDBProxyEndpointsWithContext

func (m *RDSMockByDBType) DescribeDBProxyEndpointsWithContext(ctx aws.Context, input *rds.DescribeDBProxyEndpointsInput, options ...request.Option) (*rds.DescribeDBProxyEndpointsOutput, error)

func (*RDSMockByDBType) ModifyDBClusterWithContext

func (m *RDSMockByDBType) ModifyDBClusterWithContext(ctx aws.Context, input *rds.ModifyDBClusterInput, options ...request.Option) (*rds.ModifyDBClusterOutput, error)

func (*RDSMockByDBType) ModifyDBInstanceWithContext

func (m *RDSMockByDBType) ModifyDBInstanceWithContext(ctx aws.Context, input *rds.ModifyDBInstanceInput, options ...request.Option) (*rds.ModifyDBInstanceOutput, error)

type RDSMockUnauth

type RDSMockUnauth struct {
	rdsiface.RDSAPI
}

RDSMockUnauth is a mock RDS client that returns access denied to each call.

func (*RDSMockUnauth) DescribeDBClustersPagesWithContext

func (m *RDSMockUnauth) DescribeDBClustersPagesWithContext(aws aws.Context, input *rds.DescribeDBClustersInput, fn func(*rds.DescribeDBClustersOutput, bool) bool, options ...request.Option) error

func (*RDSMockUnauth) DescribeDBClustersWithContext

func (m *RDSMockUnauth) DescribeDBClustersWithContext(ctx aws.Context, input *rds.DescribeDBClustersInput, options ...request.Option) (*rds.DescribeDBClustersOutput, error)

func (*RDSMockUnauth) DescribeDBInstancesPagesWithContext

func (m *RDSMockUnauth) DescribeDBInstancesPagesWithContext(ctx aws.Context, input *rds.DescribeDBInstancesInput, fn func(*rds.DescribeDBInstancesOutput, bool) bool, options ...request.Option) error

func (*RDSMockUnauth) DescribeDBInstancesWithContext

func (m *RDSMockUnauth) DescribeDBInstancesWithContext(ctx aws.Context, input *rds.DescribeDBInstancesInput, options ...request.Option) (*rds.DescribeDBInstancesOutput, error)

func (*RDSMockUnauth) DescribeDBProxiesPagesWithContext

func (m *RDSMockUnauth) DescribeDBProxiesPagesWithContext(ctx aws.Context, input *rds.DescribeDBProxiesInput, fn func(*rds.DescribeDBProxiesOutput, bool) bool, options ...request.Option) error

func (*RDSMockUnauth) DescribeDBProxiesWithContext

func (m *RDSMockUnauth) DescribeDBProxiesWithContext(ctx aws.Context, input *rds.DescribeDBProxiesInput, options ...request.Option) (*rds.DescribeDBProxiesOutput, error)

func (*RDSMockUnauth) DescribeDBProxyEndpointsWithContext

func (m *RDSMockUnauth) DescribeDBProxyEndpointsWithContext(ctx aws.Context, input *rds.DescribeDBProxyEndpointsInput, options ...request.Option) (*rds.DescribeDBProxyEndpointsOutput, error)

func (*RDSMockUnauth) ModifyDBClusterWithContext

func (m *RDSMockUnauth) ModifyDBClusterWithContext(ctx aws.Context, input *rds.ModifyDBClusterInput, options ...request.Option) (*rds.ModifyDBClusterOutput, error)

func (*RDSMockUnauth) ModifyDBInstanceWithContext

func (m *RDSMockUnauth) ModifyDBInstanceWithContext(ctx aws.Context, input *rds.ModifyDBInstanceInput, options ...request.Option) (*rds.ModifyDBInstanceOutput, error)

type RedshiftMock

type RedshiftMock struct {
	redshiftiface.RedshiftAPI
	Clusters []*redshift.Cluster
}

RedshiftMock mocks AWS Redshift API.

func (*RedshiftMock) DescribeClustersPagesWithContext

func (m *RedshiftMock) DescribeClustersPagesWithContext(ctx aws.Context, input *redshift.DescribeClustersInput, fn func(*redshift.DescribeClustersOutput, bool) bool, options ...request.Option) error

func (*RedshiftMock) DescribeClustersWithContext

func (m *RedshiftMock) DescribeClustersWithContext(ctx aws.Context, input *redshift.DescribeClustersInput, options ...request.Option) (*redshift.DescribeClustersOutput, error)

type RedshiftMockUnauth

type RedshiftMockUnauth struct {
	redshiftiface.RedshiftAPI
}

RedshiftMockUnauth is a mock Redshift client that returns access denied to each call.

func (*RedshiftMockUnauth) DescribeClustersWithContext

func (m *RedshiftMockUnauth) DescribeClustersWithContext(ctx aws.Context, input *redshift.DescribeClustersInput, options ...request.Option) (*redshift.DescribeClustersOutput, error)

type STSMock

type STSMock struct {
	stsiface.STSAPI
	ARN string
}

STSMock mocks AWS STS API.

func (*STSMock) GetCallerIdentityWithContext

func (m *STSMock) GetCallerIdentityWithContext(aws.Context, *sts.GetCallerIdentityInput, ...request.Option) (*sts.GetCallerIdentityOutput, error)

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL