azure

package
v1.2.3-fred.5 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Oct 19, 2022 License: Apache-2.0 Imports: 34 Imported by: 0

Documentation

Overview

Copyright 2022 Gravitational, Inc.

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

Index

Constants

View Source
const (
	// MySQLPort is the Azure managed MySQL server port
	// https://docs.microsoft.com/en-us/azure/mysql/single-server/concepts-connectivity-architecture
	MySQLPort = "3306"
	// PostgresPort is the Azure managed PostgreSQL server port
	// https://docs.microsoft.com/en-us/azure/postgresql/single-server/concepts-connectivity-architecture
	PostgresPort = "5432"
)
View Source
const (
	// RedisEnterpriseClusterDefaultDatabase is the default database name for a
	// Redis Enterprise cluster.
	RedisEnterpriseClusterDefaultDatabase = "default"
	// RedisEnterpriseClusterPolicyOSS indicates the Redis Enterprise cluster
	// is running in OSS mode.
	RedisEnterpriseClusterPolicyOSS = string(armredisenterprise.ClusteringPolicyOSSCluster)
)

Variables

This section is empty.

Functions

func ConvertResponseError

func ConvertResponseError(err error) error

ConvertResponseError converts `error` into Azure Response error. to trace error. If the provided error is not a `ResponseError` it returns. the error without modifying it.

func ConvertTags

func ConvertTags(tags map[string]*string) map[string]string

ConvertTags converts map of string pointers to map of strings.

func StringVal

func StringVal[T ~string](s *T) string

StringVal converts a pointer of a string or a string alias to a string value.

Types

type AKSAuthMethod

type AKSAuthMethod uint8

AKSAuthMethod defines the authentication method for AKS cluster.

const (
	// AzureRBAC indicates that the Azure AD is enabled and authorization is handled by Azure RBAC.
	AzureRBAC AKSAuthMethod = iota
	// AzureAD indicates that the Azure AD is enabled but authorization is handled by Kubernetes RBAC.
	AzureAD
	// LocalAccounts indicates that the cluster access happens through Local accounts created
	// during provisioning phase.
	LocalAccounts
)

type AKSClient

type AKSClient interface {
	// ListAll returns all AKSClusters the user has access to.
	ListAll(ctx context.Context) ([]*AKSCluster, error)
	// ListAll returns all AKSClusters the user has access to within the resource group.
	ListWithinGroup(ctx context.Context, group string) ([]*AKSCluster, error)
	// ClusterCredentials returns the credentials for accessing the desired AKS cluster.
	// If agent access has not yet been configured, this function will attempt to configure it
	// using administrator credentials `ListClusterAdminCredentials“ or by running a command `BeginRunCommand`.
	// If the access setup is not successful, then an error is returned.
	ClusterCredentials(ctx context.Context, cfg ClusterCredentialsConfig) (*rest.Config, time.Time, error)
}

AKSClient is the Azure client to interact with AKS.

func NewAKSClustersClient

func NewAKSClustersClient(api ARMAKS, azIdentity azureIdentityFunction) AKSClient

NewAKSClustersClient returns a client for Azure AKS clusters.

type AKSCluster

type AKSCluster struct {
	// Name is the name of the cluster.
	Name string
	// GroupName is the resource group name.
	GroupName string
	// TenantID is the cluster TenantID.
	TenantID string
	// Location is the cluster region.
	Location string
	// SubscriptionID is the cluster subscription id.
	SubscriptionID string
	// Tags are the cluster tags.
	Tags map[string]string
	// Properties are the cluster authentication and authorization properties.
	Properties AKSClusterProperties
}

AKSCluster represents an AKS cluster.

func AKSClusterFromManagedCluster

func AKSClusterFromManagedCluster(cluster *armcontainerservice.ManagedCluster) (*AKSCluster, error)

AKSClusterFromManagedCluster converts an Azure armcontainerservice.ManagedCluster into AKSCluster.

type AKSClusterProperties

type AKSClusterProperties struct {
	// AccessConfig indicates the authentication & authorization config to use with the cluster.
	AccessConfig AKSAuthMethod
	// LocalAccounts indicates if the cluster has local accounts.
	LocalAccounts bool
}

AKSClusterProperties holds the AZ cluster authentication properties.

type ARMAKS

type ARMAKS interface {
	BeginRunCommand(ctx context.Context, resourceGroupName string, resourceName string, requestPayload armcontainerservice.RunCommandRequest, options *armcontainerservice.ManagedClustersClientBeginRunCommandOptions) (*runtime.Poller[armcontainerservice.ManagedClustersClientRunCommandResponse], error)
	Get(ctx context.Context, resourceGroupName string, resourceName string, options *armcontainerservice.ManagedClustersClientGetOptions) (armcontainerservice.ManagedClustersClientGetResponse, error)
	GetCommandResult(ctx context.Context, resourceGroupName string, resourceName string, commandID string, options *armcontainerservice.ManagedClustersClientGetCommandResultOptions) (armcontainerservice.ManagedClustersClientGetCommandResultResponse, error)
	ListClusterAdminCredentials(ctx context.Context, resourceGroupName string, resourceName string, options *armcontainerservice.ManagedClustersClientListClusterAdminCredentialsOptions) (armcontainerservice.ManagedClustersClientListClusterAdminCredentialsResponse, error)
	ListClusterUserCredentials(ctx context.Context, resourceGroupName string, resourceName string, options *armcontainerservice.ManagedClustersClientListClusterUserCredentialsOptions) (armcontainerservice.ManagedClustersClientListClusterUserCredentialsResponse, error)
	NewListByResourceGroupPager(resourceGroupName string, options *armcontainerservice.ManagedClustersClientListByResourceGroupOptions) *runtime.Pager[armcontainerservice.ManagedClustersClientListByResourceGroupResponse]
	NewListPager(options *armcontainerservice.ManagedClustersClientListOptions) *runtime.Pager[armcontainerservice.ManagedClustersClientListResponse]
}

ARMAKS is an interface for armcontainerservice.ManagedClustersClient.

type ARMKubernetesMock

type ARMKubernetesMock struct {
	KubeServers       []*armcontainerservice.ManagedCluster
	ClusterAdminCreds *armcontainerservice.CredentialResult
	ClusterUserCreds  *armcontainerservice.CredentialResult
	NoAuth            bool
}

ARMKubernetesMock mocks Azure armmanagedclusters API.

func (*ARMKubernetesMock) BeginRunCommand

func (m *ARMKubernetesMock) BeginRunCommand(ctx context.Context, resourceGroupName string, resourceName string, requestPayload armcontainerservice.RunCommandRequest, options *armcontainerservice.ManagedClustersClientBeginRunCommandOptions) (*runtime.Poller[armcontainerservice.ManagedClustersClientRunCommandResponse], error)

func (*ARMKubernetesMock) Get

func (m *ARMKubernetesMock) Get(_ context.Context, group, name string, _ *armcontainerservice.ManagedClustersClientGetOptions) (armcontainerservice.ManagedClustersClientGetResponse, error)

func (*ARMKubernetesMock) GetCommandResult

func (m *ARMKubernetesMock) GetCommandResult(ctx context.Context, resourceGroupName string, resourceName string, commandID string, options *armcontainerservice.ManagedClustersClientGetCommandResultOptions) (armcontainerservice.ManagedClustersClientGetCommandResultResponse, error)

func (*ARMKubernetesMock) ListClusterAdminCredentials

func (m *ARMKubernetesMock) ListClusterAdminCredentials(ctx context.Context, resourceGroupName string, resourceName string, options *armcontainerservice.ManagedClustersClientListClusterAdminCredentialsOptions) (armcontainerservice.ManagedClustersClientListClusterAdminCredentialsResponse, error)

func (*ARMKubernetesMock) ListClusterUserCredentials

func (m *ARMKubernetesMock) ListClusterUserCredentials(ctx context.Context, resourceGroupName string, resourceName string, options *armcontainerservice.ManagedClustersClientListClusterUserCredentialsOptions) (armcontainerservice.ManagedClustersClientListClusterUserCredentialsResponse, error)

func (*ARMKubernetesMock) NewListByResourceGroupPager

func (m *ARMKubernetesMock) NewListByResourceGroupPager(group string, _ *armcontainerservice.ManagedClustersClientListByResourceGroupOptions) *runtime.Pager[armcontainerservice.ManagedClustersClientListByResourceGroupResponse]

func (*ARMKubernetesMock) NewListPager

func (m *ARMKubernetesMock) NewListPager(_ *armcontainerservice.ManagedClustersClientListOptions) *runtime.Pager[armcontainerservice.ManagedClustersClientListResponse]

type ARMMySQL

type ARMMySQL interface {
	// Get - gets information about an Azure DB server.
	Get(ctx context.Context, group, name string, opts *armmysql.ServersClientGetOptions) (armmysql.ServersClientGetResponse, error)
	// NewListPager - List all the servers in a given subscription.
	NewListPager(opts *armmysql.ServersClientListOptions) *runtime.Pager[armmysql.ServersClientListResponse]
	// NewListByResourceGroupPager - List all the servers in a given resource group.
	NewListByResourceGroupPager(group string, opts *armmysql.ServersClientListByResourceGroupOptions) *runtime.Pager[armmysql.ServersClientListByResourceGroupResponse]
}

ARMMySQL is an interface for armmysql.ServersClient. It exists so that the client can be mocked.

type ARMMySQLMock

type ARMMySQLMock struct {
	DBServers []*armmysql.Server
	NoAuth    bool
}

ARMMySQLMock mocks Azure armmysql API.

func (*ARMMySQLMock) Get

type ARMPostgres

type ARMPostgres interface {
	// Get - gets information about an Azure DB server.
	Get(ctx context.Context, group, name string, opts *armpostgresql.ServersClientGetOptions) (armpostgresql.ServersClientGetResponse, error)
	// NewListPager - List all the servers in a given subscription.
	NewListPager(opts *armpostgresql.ServersClientListOptions) *runtime.Pager[armpostgresql.ServersClientListResponse]
	// NewListByResourceGroupPager - List all the servers in a given resource group.
	NewListByResourceGroupPager(group string, opts *armpostgresql.ServersClientListByResourceGroupOptions) *runtime.Pager[armpostgresql.ServersClientListByResourceGroupResponse]
}

ARMPostgres is an interface for armpostgresql.ServersClient. It exists so that the client can be mocked.

type ARMPostgresMock

type ARMPostgresMock struct {
	DBServers []*armpostgresql.Server
	NoAuth    bool
}

ARMPostgresMock mocks Azure armpostgresql API.

type ARMRedisEnterpriseClusterMock

type ARMRedisEnterpriseClusterMock struct {
	NoAuth   bool
	Clusters []*armredisenterprise.Cluster
}

ARMRedisEnterpriseClusterMock mocks armRedisEnterpriseClusterClient.

func (*ARMRedisEnterpriseClusterMock) NewListByResourceGroupPager

type ARMRedisEnterpriseDatabaseMock

type ARMRedisEnterpriseDatabaseMock struct {
	Token                string
	TokensByDatabaseName map[string]string
	NoAuth               bool
	Databases            []*armredisenterprise.Database
}

ARMRedisEnterpriseDatabaseMock mocks armRedisEnterpriseDatabaseClient.

func (*ARMRedisEnterpriseDatabaseMock) ListKeys

func (*ARMRedisEnterpriseDatabaseMock) NewListByClusterPager

type ARMRedisMock

type ARMRedisMock struct {
	Token   string
	NoAuth  bool
	Servers []*armredis.ResourceInfo
}

ARMRedisMock mocks armRedisClient.

func (*ARMRedisMock) ListKeys

func (m *ARMRedisMock) ListKeys(ctx context.Context, resourceGroupName string, name string, options *armredis.ClientListKeysOptions) (armredis.ClientListKeysResponse, error)

func (*ARMRedisMock) NewListByResourceGroupPager

func (m *ARMRedisMock) NewListByResourceGroupPager(resourceGroupName string, options *armredis.ClientListByResourceGroupOptions) *runtime.Pager[armredis.ClientListByResourceGroupResponse]

func (*ARMRedisMock) NewListBySubscriptionPager

func (m *ARMRedisMock) NewListBySubscriptionPager(options *armredis.ClientListBySubscriptionOptions) *runtime.Pager[armredis.ClientListBySubscriptionResponse]

type ARMSubscriptions

ARMSubscriptions provides an interface for armsubscription.SubscriptionsClient. It is provided so that the client can be mocked.

type ARMSubscriptionsMock

type ARMSubscriptionsMock struct {
	Subscriptions []*armsubscription.Subscription
	NoAuth        bool
}

type CacheForRedisClient

type CacheForRedisClient interface {
	// GetToken retrieves the auth token for provided resource ID.
	GetToken(ctx context.Context, resourceID string) (string, error)
}

CacheForRedisClient provides an interface for an Azure Redis For Cache client.

type ClientConfig

type ClientConfig struct {
	ResourceGroup string
	Name          string
	TenantID      string
}

type ClientMap

type ClientMap[ClientType any] struct {
	// contains filtered or unexported fields
}

ClientMap is a generic map that caches a collection of Azure clients by subscriptions.

func NewClientMap

func NewClientMap[ClientType any](newClient func(string, azcore.TokenCredential, *arm.ClientOptions) (ClientType, error)) ClientMap[ClientType]

NewClientMap creates a new ClientMap.

func (*ClientMap[ClientType]) Get

func (m *ClientMap[ClientType]) Get(subscription string, getCredentials func() (azcore.TokenCredential, error)) (client ClientType, err error)

Get returns an Azure client by subscription. A new client is created if the subscription is not found in the map.

type ClusterCredentialsConfig

type ClusterCredentialsConfig struct {
	// ResourceGroup is the AKS cluster resource group.
	ResourceGroup string
	// ResourceName is the AKS cluster name.
	ResourceName string
	// TenantID is the AKS cluster tenant id.
	TenantID string
	// ImpersonationPermissionsChecker is checker function that validates if access
	// was granted.
	ImpersonationPermissionsChecker ImpersonationPermissionsChecker
}

ClusterCredentialsConfig are the required parameters for generating cluster credentials.

func (ClusterCredentialsConfig) CheckAndSetDefaults

func (c ClusterCredentialsConfig) CheckAndSetDefaults() error

CheckAndSetDefaults checks for required parameters.

type DBServer

type DBServer struct {
	// ID is the fully qualified resource ID for this resource.
	ID string
	// Location is the geo-location where the resource lives.
	Location string
	// Name is the name of the resource.
	Name string
	// Port is the port used to connect to this resource.
	Port string
	// Properties contains properties for an DB Server.
	Properties ServerProperties
	// Protocol is the DB protocol used for this DB Server.
	Protocol string
	// Tags are the resource tags associated with this resource.
	Tags map[string]string
}

DBServer represents an Azure DB Server. It exists to reduce code duplication, since Azure MySQL and PostgreSQL server fields are identical in all but type. TODO(gavin): Remove this in favor of generics when Go supports structural constraints on generic types.

func ServerFromMySQLServer

func ServerFromMySQLServer(server *armmysql.Server) *DBServer

ServerFromMySQLServer converts an Azure armmysql.Server into DBServer.

func ServerFromPostgresServer

func ServerFromPostgresServer(server *armpostgresql.Server) *DBServer

ServerFromPostgresServer converts an Azure armpostgresql.Server into DBServer.

func (*DBServer) IsAvailable

func (s *DBServer) IsAvailable() bool

IsAvailable returns whether the Azure DBServer is available.

func (*DBServer) IsSupported

func (s *DBServer) IsSupported() bool

IsSupported returns true if database supports AAD authentication. Only available for MySQL 5.7 and newer. All Azure managed PostgreSQL single-server instances support AAD auth.

type DBServersClient

type DBServersClient interface {
	// ListAll returns all Azure DB servers within an Azure subscription.
	ListAll(ctx context.Context) ([]*DBServer, error)
	// ListWithinGroup returns all Azure DB servers within an Azure resource group.
	ListWithinGroup(ctx context.Context, group string) ([]*DBServer, error)
	// Get returns a DBServer within an Azure subscription, queried by group and name
	Get(ctx context.Context, group, name string) (*DBServer, error)
}

DBServersClient provides an interface for fetching Azure DB Servers.

func NewMySQLServersClient

func NewMySQLServersClient(api ARMMySQL) DBServersClient

NewMySQLServersClient returns a DBServersClient for Azure MySQL servers.

func NewPostgresServerClient

func NewPostgresServerClient(api ARMPostgres) DBServersClient

NewPostgresServerClient returns a DBServersClient for Azure PostgreSQL servers.

type GetToken

type GetToken interface {
	// GetToken returns an azure token.
	GetToken(ctx context.Context, opts policy.TokenRequestOptions) (azcore.AccessToken, error)
}

GetToken is an interface for generating tokens from credentials.

type ImpersonationPermissionsChecker

type ImpersonationPermissionsChecker func(ctx context.Context, clusterName string,
	sarClient authztypes.SelfSubjectAccessReviewInterface) error

ImpersonationPermissionsChecker describes a function that can be used to check for the required impersonation permissions on a Kubernetes cluster. Return nil to indicate success.

type InstanceMetadataClient

type InstanceMetadataClient struct {
	// contains filtered or unexported fields
}

InstanceMetadataClient is a client for Azure instance metadata.

func NewInstanceMetadataClient

func NewInstanceMetadataClient(opts ...InstanceMetadataClientOption) *InstanceMetadataClient

NewInstanceMetadataClient creates a new instance metadata client.

func (*InstanceMetadataClient) GetAPIVersion

func (client *InstanceMetadataClient) GetAPIVersion() string

GetAPIVersion gets the Azure instance metadata API version this client is using.

func (*InstanceMetadataClient) GetHostname

func (client *InstanceMetadataClient) GetHostname(ctx context.Context) (string, error)

GetHostname gets the hostname set by the cloud instance that Teleport should use, if any.

func (*InstanceMetadataClient) GetTags

func (client *InstanceMetadataClient) GetTags(ctx context.Context) (map[string]string, error)

GetTags gets all of the Azure instance's tags.

func (*InstanceMetadataClient) GetType

GetType gets the cloud instance type.

func (*InstanceMetadataClient) IsAvailable

func (client *InstanceMetadataClient) IsAvailable(ctx context.Context) bool

IsAvailable checks if instance metadata is available.

type InstanceMetadataClientOption

type InstanceMetadataClientOption func(client *InstanceMetadataClient)

InstanceMetadataClientOption allows setting options as functional arguments to an InstanceMetadataClient.

func WithBaseURL

func WithBaseURL(url string) InstanceMetadataClientOption

WithBaseURL sets the base URL for the metadata client. Used in tests.

type RedisClient

type RedisClient interface {
	CacheForRedisClient

	// ListAll returns all Azure Redis servers within an Azure subscription.
	ListAll(ctx context.Context) ([]*armredis.ResourceInfo, error)
	// ListWithinGroup returns all Azure Redis servers within an Azure resource group.
	ListWithinGroup(ctx context.Context, group string) ([]*armredis.ResourceInfo, error)
}

RedisClient is an interface for a Redis client.

func NewRedisClient

func NewRedisClient(subscription string, cred azcore.TokenCredential, options *arm.ClientOptions) (RedisClient, error)

NewRedisClient creates a new Azure Redis client by subscription and credentials.

func NewRedisClientByAPI

func NewRedisClientByAPI(api armRedisClient) RedisClient

NewRedisClientByAPI creates a new Azure Redis client by ARM API client.

type RedisEnterpriseClient

type RedisEnterpriseClient interface {
	CacheForRedisClient

	// ListAll returns all Azure Redis Enterprise databases within an Azure subscription.
	ListAll(ctx context.Context) ([]*RedisEnterpriseDatabase, error)
	// ListWithinGroup returns all Azure Redis Enterprise databases within an Azure resource group.
	ListWithinGroup(ctx context.Context, group string) ([]*RedisEnterpriseDatabase, error)
}

RedisEnterpriseClient is an interface for a Redis Enterprise client.

func NewRedisEnterpriseClient

func NewRedisEnterpriseClient(subscription string, cred azcore.TokenCredential, options *arm.ClientOptions) (RedisEnterpriseClient, error)

NewRedisEnterpriseClient creates a new Azure Redis Enterprise client by subscription and credentials.

func NewRedisEnterpriseClientByAPI

func NewRedisEnterpriseClientByAPI(clusterAPI armRedisEnterpriseClusterClient, databaseAPI armRedisEnterpriseDatabaseClient) RedisEnterpriseClient

NewRedisEnterpriseClientByAPI creates a new Azure Redis Enterprise client by ARM API client(s).

type RedisEnterpriseDatabase

type RedisEnterpriseDatabase struct {
	*armredisenterprise.Database

	// Cluster is the parent cluster.
	Cluster *armredisenterprise.Cluster
}

RedisEnterpriseDatabase is a wrapper of a armredisenterprise.Database and its parent cluster.

func (*RedisEnterpriseDatabase) String

func (d *RedisEnterpriseDatabase) String() string

String returns the description of the database.

type ServerProperties

type ServerProperties struct {
	// FullyQualifiedDomainName is the fully qualified domain name which resolves to the DB Server address.
	FullyQualifiedDomainName string
	// UserVisibleState is the state of the DB Server that is visible to a user.
	UserVisibleState string
	// Version is the version of the Azure gateway which redirects traffic to the database servers.
	Version string
}

ServerProperties contains properties for an DB Server.

type SubscriptionClient

type SubscriptionClient struct {
	// contains filtered or unexported fields
}

SubscriptionClient wraps the Azure SubscriptionsAPI to fetch subscription IDs.

func NewSubscriptionClient

func NewSubscriptionClient(api ARMSubscriptions) *SubscriptionClient

NewSubscriptionClient returns a SubscriptionsClient.

func (*SubscriptionClient) ListSubscriptionIDs

func (c *SubscriptionClient) ListSubscriptionIDs(ctx context.Context) ([]string, error)

ListSubscriptionIDs lists all subscription IDs using the Azure Subscription API.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL