Documentation ¶
Index ¶
Constants ¶
const (
// DefaultPolicyName default policy name.
DefaultPolicyName = "DatabaseAccess"
)
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type AWSConfiguratorConfig ¶
type AWSConfiguratorConfig struct { // Flags user-provided flags to configure/execute the configurator. Flags BootstrapFlags // FileConfig Teleport database agent config. FileConfig *config.FileConfig // AWSSession current AWS session. AWSSession *awssession.Session // AWSSTSClient AWS STS client. AWSSTSClient stsiface.STSAPI // Policies instance of the `Policies` that the actions use. Policies awslib.Policies // Identity is the current AWS credentials chain identity. Identity awslib.Identity }
func (*AWSConfiguratorConfig) CheckAndSetDefaults ¶
func (c *AWSConfiguratorConfig) CheckAndSetDefaults() error
CheckAndSetDefaults checks and set configuration default values.
type BootstrapFlags ¶
type BootstrapFlags struct { // ConfigPath database agent configuration path. ConfigPath string // Manual boolean indicating if the configurator will perform the // instructions or if it will be the user. Manual bool // PolicyName name of the generated policy. PolicyName string // AttachToUser user that the generated policies will be attached to. AttachToUser string // AttachToRole role that the generated policies will be attached to. AttachToRole string // ForceRDSPermissions forces the presence of RDS permissions. ForceRDSPermissions bool // ForceRedshiftPermissions forces the presence of Redshift permissions. ForceRedshiftPermissions bool // ForceElastiCachePermissions forces the presence of ElastiCache permissions. ForceElastiCachePermissions bool // ForceMemoryDBPermissions forces the presence of MemoryDB permissions. ForceMemoryDBPermissions bool }
BootstrapFlags flags provided by users to configure and define how the configurators will work.
type Configurator ¶
type Configurator interface { // Actions return the list of actions that needs to be performed by the // users (when in manual mode) or by the configurator itself. Actions() []ConfiguratorAction // Name returns the configurator name. Name() string // IsEmpty defines if the configurator will have to perform any action. IsEmpty() bool }
Configurator responsible for generating a list of actions that needs to be performed in the database agent bootstrap process.
func BuildConfigurators ¶
func BuildConfigurators(flags BootstrapFlags) ([]Configurator, error)
BuildConfigurators reads the configuration and returns a list of configurators. Configurators that are "empty" are not returned.
func NewAWSConfigurator ¶
func NewAWSConfigurator(config AWSConfiguratorConfig) (Configurator, error)
NewAWSConfigurator creates an instance of awsConfigurator and builds its actions.
type ConfiguratorAction ¶
type ConfiguratorAction interface { // Description returns human-readable description of what the action will // do. Description() string // Details if the action has some additional information, such as a JSON // payload, it will be returned in the `Details`. Details() string // Execute executes the action with the provided context. It might or not // modify the `ConfiguratorActionContext`. // // Actions can store and retrieve information from the // `ConfiguratorActionContext` that is passed to `Execute`. For example, // if an action requires information that was generated by a previous action. // It should retrieve this information from context. Execute(context.Context, *ConfiguratorActionContext) error }
ConfiguratorAction single configurator action, its details can be retrieved using `Description` and `Details`, and executed using `Execute` function.
type ConfiguratorActionContext ¶
type ConfiguratorActionContext struct { // AWSPolicyArn AWS ARN of the created policy. AWSPolicyArn string // AWS ARN of the created policy boundary. AWSPolicyBoundaryArn string }
ConfiguratorActionContext context passed across configurator actions. It is used to share attributes between actions.