local

package
v1.3.3-0...-f31c912 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 9, 2024 License: AGPL-3.0 Imports: 59 Imported by: 56

Documentation

Overview

Package local implements services interfaces using abstract key value backend provided by lib/backend, what makes it possible for teleport to run using boltdb or etcd

Index

Constants

View Source 
const (
	// AuditQueryPrefix is the prefix for audit queries.
	AuditQueryPrefix = "security_report/audit_query"
	// SecurityReportPrefix is the prefix for security reports.
	SecurityReportPrefix = "security_report/report"
	// SecurityReportStatePrefix  is the prefix for security report states.
	SecurityReportStatePrefix = "security_report/state"
	// SecurityReportCostLimiterPrefix is the prefix for security report cost limiter.
	SecurityReportCostLimiterPrefix = "security_report/cost_limiter"
)
View Source 
const GroupMaxPageSize = 200

GroupMaxPageSize is the max page size of the group.

Variables

View Source 
var ErrHeadlessAuthenticationWatcherClosed = errors.New("headless authentication watcher closed")
View Source 
var GlobalSessionDataMaxEntries = 5000 // arbitrary

GlobalSessionDataMaxEntries represents the maximum number of in-flight global WebAuthn challenges for a given scope. Attempting to write more instances than the max limit causes an error. The limit is enforced separately by Auth Server instances.

Functions

func AccessRequestAllowedPromotionKey 

func AccessRequestAllowedPromotionKey(name string) []byte

func CreateResources 

func CreateResources(ctx context.Context, b backend.Backend, resources ...types.Resource) error

CreateResources attempts to dynamically create the supplied resources. This function returns `trace.AlreadyExistsError` if one or more resources would be overwritten, and `trace.NotImplementedError` if any resources are of an unsupported type (see `itemsFromResources(...)`).

NOTE: This function is non-atomic and performs no internal synchronization; backend must be locked by caller when operating in parallel environment.

func DefaultUserPreferences 

func DefaultUserPreferences() *userpreferencesv1.UserPreferences

func FakePaginate 

func FakePaginate(resources []types.ResourceWithLabels, req FakePaginateParams) (*types.ListResourcesResponse, error)

FakePaginate is used when we are working with an entire list of resources upfront but still requires pagination. While applying filters, it will also deduplicate matches found.

func GetTeleportSPSSODescriptor 

func GetTeleportSPSSODescriptor(spSSODescriptors []saml.SPSSODescriptor) (embeddedSPSSODescriptorIndex int, teleportSPSSODescriptor saml.SPSSODescriptor)

GetTeleportSPSSODescriptor returns Teleport embedded SPSSODescriptor and its index from a list of SPSSODescriptors. The correct SPSSODescriptor is determined by searching for AttributeConsumingService element with ServiceNames named teleport_saml_idp_service.

func KeyAttestationDataFingerprintV11 

func KeyAttestationDataFingerprintV11(pub crypto.PublicKey) (string, error)

KeyAttestationDataFingerprintV11 creates a "KeyAttestationData" fingerprint compatible with older patches of Teleport v11. Exposed for testing, do not use this function directly. DELETE IN 13.0, old fingerprints not in use by then (Joerger).

func NewSessionTrackerService 

func NewSessionTrackerService(bk backend.Backend) (services.SessionTrackerService, error)

func WaitForEvent 

func WaitForEvent(ctx context.Context, watcher types.Watcher, m EventMatcher, clock clockwork.Clock) (types.Resource, error)

WaitForEvent waits for the event matched by the specified event matcher in the given watcher.

Types

type AccessListService 

type AccessListService struct {
	// contains filtered or unexported fields
}

AccessListService manages Access List resources in the Backend. The AccessListService's sole job is to manage and co-ordinate operations on the underlying AccessList, AccessListMember, etc resources in the backend in order to provide a consistent view to the rest of the Teleport application. It makes no decisions about granting or withholding list membership.

func NewAccessListService 

func NewAccessListService(backend backend.Backend, clock clockwork.Clock) (*AccessListService, error)

NewAccessListService creates a new AccessListService.

func (*AccessListService) AccessRequestPromote 

func (a *AccessListService) AccessRequestPromote(_ context.Context, _ *accesslistv1.AccessRequestPromoteRequest) (*accesslistv1.AccessRequestPromoteResponse, error)

func (*AccessListService) CreateAccessListReview 

func (a *AccessListService) CreateAccessListReview(ctx context.Context, review *accesslist.Review) (*accesslist.Review, time.Time, error)

CreateAccessListReview will create a new review for an access list.

func (*AccessListService) DeleteAccessList 

func (a *AccessListService) DeleteAccessList(ctx context.Context, name string) error

DeleteAccessList removes the specified access list resource.

func (*AccessListService) DeleteAccessListMember 

func (a *AccessListService) DeleteAccessListMember(ctx context.Context, accessList string, memberName string) error

DeleteAccessListMember hard deletes the specified access list member resource.

func (*AccessListService) DeleteAccessListReview 

func (a *AccessListService) DeleteAccessListReview(ctx context.Context, accessListName, reviewName string) error

DeleteAccessListReview will delete an access list review from the backend.

func (*AccessListService) DeleteAllAccessListMembers 

func (a *AccessListService) DeleteAllAccessListMembers(ctx context.Context) error

DeleteAllAccessListMembers hard deletes all access list members.

func (*AccessListService) DeleteAllAccessListMembersForAccessList 

func (a *AccessListService) DeleteAllAccessListMembersForAccessList(ctx context.Context, accessList string) error

DeleteAllAccessListMembersForAccessList hard deletes all access list members for an access list. Note that deleting all members is the only member operation allowed on a list with implicit membership, as it provides a mechanism for cleaning out the user list if a list is converted from explicit to implicit.

func (*AccessListService) DeleteAllAccessListReviews 

func (a *AccessListService) DeleteAllAccessListReviews(ctx context.Context) error

DeleteAllAccessListReviews will delete all access list reviews from all access lists.

func (*AccessListService) DeleteAllAccessLists 

func (a *AccessListService) DeleteAllAccessLists(ctx context.Context) error

DeleteAllAccessLists removes all access lists.

func (*AccessListService) GetAccessList 

func (a *AccessListService) GetAccessList(ctx context.Context, name string) (*accesslist.AccessList, error)

GetAccessList returns the specified access list resource.

func (*AccessListService) GetAccessListMember 

func (a *AccessListService) GetAccessListMember(ctx context.Context, accessList string, memberName string) (*accesslist.AccessListMember, error)

GetAccessListMember returns the specified access list member resource.

func (*AccessListService) GetAccessLists 

func (a *AccessListService) GetAccessLists(ctx context.Context) ([]*accesslist.AccessList, error)

GetAccessLists returns a list of all access lists.

func (*AccessListService) GetAccessListsToReview 

func (a *AccessListService) GetAccessListsToReview(ctx context.Context) ([]*accesslist.AccessList, error)

GetAccessListsToReview returns access lists that the user needs to review. This is not implemented in the local service.

func (*AccessListService) GetSuggestedAccessLists 

func (a *AccessListService) GetSuggestedAccessLists(ctx context.Context, accessRequestID string) ([]*accesslist.AccessList, error)

GetSuggestedAccessLists returns a list of access lists that are suggested for a given request. This is not implemented in the local service.

func (*AccessListService) ListAccessListMembers 

func (a *AccessListService) ListAccessListMembers(ctx context.Context, accessListName string, pageSize int, nextToken string) ([]*accesslist.AccessListMember, string, error)

ListAccessListMembers returns a paginated list of all access list members.

func (*AccessListService) ListAccessListReviews 

func (a *AccessListService) ListAccessListReviews(ctx context.Context, accessList string, pageSize int, pageToken string) (reviews []*accesslist.Review, nextToken string, err error)

ListAccessListReviews will list access list reviews for a particular access list.

func (*AccessListService) ListAccessLists 

func (a *AccessListService) ListAccessLists(ctx context.Context, pageSize int, nextToken string) ([]*accesslist.AccessList, string, error)

ListAccessLists returns a paginated list of access lists.

func (*AccessListService) ListAllAccessListMembers 

func (a *AccessListService) ListAllAccessListMembers(ctx context.Context, pageSize int, pageToken string) (members []*accesslist.AccessListMember, nextToken string, err error)

ListAllAccessListMembers returns a paginated list of all access list members for all access lists.

func (*AccessListService) ListAllAccessListReviews 

func (a *AccessListService) ListAllAccessListReviews(ctx context.Context, pageSize int, pageToken string) (reviews []*accesslist.Review, nextToken string, err error)

ListAllAccessListReviews will list access list reviews for all access lists.

func (*AccessListService) UpsertAccessList 

func (a *AccessListService) UpsertAccessList(ctx context.Context, accessList *accesslist.AccessList) (*accesslist.AccessList, error)

UpsertAccessList creates or updates an access list resource.

func (*AccessListService) UpsertAccessListMember 

func (a *AccessListService) UpsertAccessListMember(ctx context.Context, member *accesslist.AccessListMember) (*accesslist.AccessListMember, error)

UpsertAccessListMember creates or updates an access list member resource.

func (*AccessListService) UpsertAccessListWithMembers 

func (a *AccessListService) UpsertAccessListWithMembers(ctx context.Context, accessList *accesslist.AccessList, membersIn []*accesslist.AccessListMember) (*accesslist.AccessList, []*accesslist.AccessListMember, error)

UpsertAccessListWithMembers creates or updates an access list resource and its members.

func (*AccessListService) VerifyAccessListCreateLimit 

func (a *AccessListService) VerifyAccessListCreateLimit(ctx context.Context, targetAccessListName string) error

VerifyAccessListCreateLimit ensures creating access list is limited to no more than 1 (updating is allowed). It differentiates request for `creating` and `updating` by checking to see if the request access list name matches the ones we retrieved. Returns error if limit has been reached.

type AccessService 

type AccessService struct {
	backend.Backend
}

AccessService manages roles

func NewAccessService 

func NewAccessService(backend backend.Backend) *AccessService

NewAccessService returns new access service instance

func (*AccessService) CreateRole 

func (s *AccessService) CreateRole(ctx context.Context, role types.Role) (types.Role, error)

CreateRole creates a new role.

func (*AccessService) DeleteAllLocks 

func (s *AccessService) DeleteAllLocks(ctx context.Context) error

DeleteLock deletes all/in-force locks.

func (*AccessService) DeleteAllRoles 

func (s *AccessService) DeleteAllRoles(ctx context.Context) error

DeleteAllRoles deletes all roles

func (*AccessService) DeleteLock 

func (s *AccessService) DeleteLock(ctx context.Context, name string) error

DeleteLock deletes a lock.

func (*AccessService) DeleteRole 

func (s *AccessService) DeleteRole(ctx context.Context, name string) error

DeleteRole deletes a role from the backend

func (*AccessService) GetLock 

func (s *AccessService) GetLock(ctx context.Context, name string) (types.Lock, error)

GetLock gets a lock by name.

func (*AccessService) GetLocks 

func (s *AccessService) GetLocks(ctx context.Context, inForceOnly bool, targets ...types.LockTarget) ([]types.Lock, error)

GetLocks gets all/in-force locks that match at least one of the targets when specified.

func (*AccessService) GetRole 

func (s *AccessService) GetRole(ctx context.Context, name string) (types.Role, error)

GetRole returns a role by name

func (*AccessService) GetRoles 

func (s *AccessService) GetRoles(ctx context.Context) ([]types.Role, error)

GetRoles returns a list of roles registered with the local auth server

func (*AccessService) ReplaceRemoteLocks 

func (s *AccessService) ReplaceRemoteLocks(ctx context.Context, clusterName string, newRemoteLocks []types.Lock) error

ReplaceRemoteLocks replaces the set of locks associated with a remote cluster.

func (*AccessService) UpdateRole 

func (s *AccessService) UpdateRole(ctx context.Context, role types.Role) (types.Role, error)

UpdateRole updates an existing role.

func (*AccessService) UpsertLock 

func (s *AccessService) UpsertLock(ctx context.Context, lock types.Lock) error

UpsertLock upserts a lock.

func (*AccessService) UpsertRole 

func (s *AccessService) UpsertRole(ctx context.Context, role types.Role) (types.Role, error)

UpsertRole creates or overwrites an existing role.

type AppService 

type AppService struct {
	backend.Backend
}

AppService manages application resources in the backend.

func NewAppService 

func NewAppService(backend backend.Backend) *AppService

NewAppService creates a new AppService.

func (*AppService) CreateApp 

func (s *AppService) CreateApp(ctx context.Context, app types.Application) error

CreateApp creates a new application resource.

func (*AppService) DeleteAllApps 

func (s *AppService) DeleteAllApps(ctx context.Context) error

DeleteAllApps removes all application resources.

func (*AppService) DeleteApp 

func (s *AppService) DeleteApp(ctx context.Context, name string) error

DeleteApp removes the specified application resource.

func (*AppService) GetApp 

func (s *AppService) GetApp(ctx context.Context, name string) (types.Application, error)

GetApp returns the specified application resource.

func (*AppService) GetApps 

func (s *AppService) GetApps(ctx context.Context) ([]types.Application, error)

GetApps returns all application resources.

func (*AppService) UpdateApp 

func (s *AppService) UpdateApp(ctx context.Context, app types.Application) error

UpdateApp updates an existing application resource.

type AssertionReplayService 

type AssertionReplayService struct {
	// contains filtered or unexported fields
}

AssertionReplayService tracks used SSO assertions to mitigate replay attacks. Assertions are automatically derecognized when their signed expiry passes.

func NewAssertionReplayService 

func NewAssertionReplayService(bk backend.Backend) *AssertionReplayService

NewAssertionReplayService creates a new instance of AssertionReplayService.

func (*AssertionReplayService) RecognizeSSOAssertion 

func (s *AssertionReplayService) RecognizeSSOAssertion(ctx context.Context, connectorID string, assertionID string, user string, safeAfter time.Time) error

RecognizeSSOAssertion will remember a new assertion until it becomes invalid. This will error with `trace.AlreadyExists` if the assertion has been previously recognized.

`safeAfter` must be either at or after the point in time that a given SSO assertion becomes invalid in order to mitigate replay attacks. This function shouldn't be used if the assertion never verifiably expires.

type AssistService 

type AssistService struct {
	backend.Backend
	// contains filtered or unexported fields
}

AssistService is responsible for managing assist conversations.

func NewAssistService 

func NewAssistService(backend backend.Backend) *AssistService

NewAssistService returns a new instance of AssistService.

func (*AssistService) CreateAssistantConversation 

func (s *AssistService) CreateAssistantConversation(ctx context.Context,
	req *assist.CreateAssistantConversationRequest,
) (*assist.CreateAssistantConversationResponse, error)

CreateAssistantConversation creates a new conversation entry in the backend.

func (*AssistService) CreateAssistantMessage 

func (s *AssistService) CreateAssistantMessage(ctx context.Context, req *assist.CreateAssistantMessageRequest) error

CreateAssistantMessage adds the message to the backend.

func (*AssistService) DeleteAssistantConversation 

func (s *AssistService) DeleteAssistantConversation(ctx context.Context, req *assist.DeleteAssistantConversationRequest) error

DeleteAssistantConversation deletes a conversation from the backend.

func (*AssistService) GetAssistantConversations 

func (s *AssistService) GetAssistantConversations(ctx context.Context, req *assist.GetAssistantConversationsRequest) (*assist.GetAssistantConversationsResponse, error)

GetAssistantConversations returns all conversations started by a user.

func (*AssistService) GetAssistantMessages 

func (s *AssistService) GetAssistantMessages(ctx context.Context, req *assist.GetAssistantMessagesRequest) (*assist.GetAssistantMessagesResponse, error)

GetAssistantMessages returns all messages with given conversation ID.

func (*AssistService) IsAssistEnabled 

func (s *AssistService) IsAssistEnabled(ctx context.Context) (*assist.IsAssistEnabledResponse, error)

IsAssistEnabled returns true if the assist is enabled or not on the auth level.

func (*AssistService) UpdateAssistantConversationInfo 

func (s *AssistService) UpdateAssistantConversationInfo(ctx context.Context, request *assist.UpdateAssistantConversationInfoRequest) error

UpdateAssistantConversationInfo updates the conversation title.

type CA 

type CA struct {
	backend.Backend
}

CA is local implementation of Trust service that is using local backend

func NewCAService 

func NewCAService(b backend.Backend) *CA

NewCAService returns new instance of CAService

func (*CA) ActivateCertAuthority 

func (s *CA) ActivateCertAuthority(id types.CertAuthID) error

ActivateCertAuthority moves a CertAuthority from the deactivated list to the normal list.

func (*CA) CompareAndSwapCertAuthority 

func (s *CA) CompareAndSwapCertAuthority(new, expected types.CertAuthority) error

CompareAndSwapCertAuthority updates the cert authority value if the existing value matches expected parameter, returns nil if succeeds, trace.CompareFailed otherwise.

func (*CA) CreateCertAuthority 

func (s *CA) CreateCertAuthority(ctx context.Context, ca types.CertAuthority) error

CreateCertAuthority updates or inserts a new certificate authority

func (*CA) DeactivateCertAuthority 

func (s *CA) DeactivateCertAuthority(id types.CertAuthID) error

DeactivateCertAuthority moves a CertAuthority from the normal list to the deactivated list.

func (*CA) DeleteAllCertAuthorities 

func (s *CA) DeleteAllCertAuthorities(caType types.CertAuthType) error

DeleteAllCertAuthorities deletes all certificate authorities of a certain type

func (*CA) DeleteCertAuthority 

func (s *CA) DeleteCertAuthority(ctx context.Context, id types.CertAuthID) error

DeleteCertAuthority deletes particular certificate authority

func (*CA) GetCertAuthorities 

func (s *CA) GetCertAuthorities(ctx context.Context, caType types.CertAuthType, loadSigningKeys bool) ([]types.CertAuthority, error)

GetCertAuthorities returns a list of authorities of a given type loadSigningKeys controls whether signing keys should be loaded or not

func (*CA) GetCertAuthority 

func (s *CA) GetCertAuthority(ctx context.Context, id types.CertAuthID, loadSigningKeys bool) (types.CertAuthority, error)

GetCertAuthority returns certificate authority by given id. Parameter loadSigningKeys controls if signing keys are loaded

func (*CA) UpdateUserCARoleMap 

func (s *CA) UpdateUserCARoleMap(ctx context.Context, name string, roleMap types.RoleMap, activated bool) error

UpdateUserCARoleMap updates the role map of the userCA of the specified existing cluster.

func (*CA) UpsertCertAuthority 

func (s *CA) UpsertCertAuthority(ctx context.Context, ca types.CertAuthority) error

UpsertCertAuthority updates or inserts a new certificate authority

type ClusterConfigurationService 

type ClusterConfigurationService struct {
	backend.Backend
}

ClusterConfigurationService is responsible for managing cluster configuration.

func NewClusterConfigurationService 

func NewClusterConfigurationService(backend backend.Backend) (*ClusterConfigurationService, error)

NewClusterConfigurationService returns a new ClusterConfigurationService.

func (*ClusterConfigurationService) DeleteAllInstallers 

func (s *ClusterConfigurationService) DeleteAllInstallers(ctx context.Context) error

DeleteAllInstallers removes all installer resources.

func (*ClusterConfigurationService) DeleteAuthPreference 

func (s *ClusterConfigurationService) DeleteAuthPreference(ctx context.Context) error

DeleteAuthPreference deletes types.AuthPreference from the backend.

func (*ClusterConfigurationService) DeleteClusterAuditConfig 

func (s *ClusterConfigurationService) DeleteClusterAuditConfig(ctx context.Context) error

DeleteClusterAuditConfig deletes ClusterAuditConfig from the backend.

func (*ClusterConfigurationService) DeleteClusterMaintenanceConfig 

func (s *ClusterConfigurationService) DeleteClusterMaintenanceConfig(ctx context.Context) error

DeleteClusterMaintenanceConfig deletes the maintenance config singleton resource.

func (*ClusterConfigurationService) DeleteClusterName 

func (s *ClusterConfigurationService) DeleteClusterName() error

DeleteClusterName deletes types.ClusterName from the backend.

func (*ClusterConfigurationService) DeleteClusterNetworkingConfig 

func (s *ClusterConfigurationService) DeleteClusterNetworkingConfig(ctx context.Context) error

DeleteClusterNetworkingConfig deletes ClusterNetworkingConfig from the backend.

func (*ClusterConfigurationService) DeleteInstaller 

func (s *ClusterConfigurationService) DeleteInstaller(ctx context.Context, name string) error

DeleteInstaller sets the installer script to default script in the backend.

func (*ClusterConfigurationService) DeleteSessionRecordingConfig 

func (s *ClusterConfigurationService) DeleteSessionRecordingConfig(ctx context.Context) error

DeleteSessionRecordingConfig deletes SessionRecordingConfig from the backend.

func (*ClusterConfigurationService) DeleteStaticTokens 

func (s *ClusterConfigurationService) DeleteStaticTokens() error

DeleteStaticTokens deletes static tokens

func (*ClusterConfigurationService) DeleteUIConfig 

func (s *ClusterConfigurationService) DeleteUIConfig(ctx context.Context) error

func (*ClusterConfigurationService) GetAuthPreference 

func (s *ClusterConfigurationService) GetAuthPreference(ctx context.Context) (types.AuthPreference, error)

GetAuthPreference fetches the cluster authentication preferences from the backend and return them.

func (*ClusterConfigurationService) GetClusterAuditConfig 

func (s *ClusterConfigurationService) GetClusterAuditConfig(ctx context.Context, opts ...services.MarshalOption) (types.ClusterAuditConfig, error)

GetClusterAuditConfig gets cluster audit config from the backend.

func (*ClusterConfigurationService) GetClusterMaintenanceConfig 

func (s *ClusterConfigurationService) GetClusterMaintenanceConfig(ctx context.Context) (types.ClusterMaintenanceConfig, error)

GetClusterMaintenanceConfig loads the maintenance config singleton resource.

func (*ClusterConfigurationService) GetClusterName 

func (s *ClusterConfigurationService) GetClusterName(opts ...services.MarshalOption) (types.ClusterName, error)

GetClusterName gets the name of the cluster from the backend.

func (*ClusterConfigurationService) GetClusterNetworkingConfig 

func (s *ClusterConfigurationService) GetClusterNetworkingConfig(ctx context.Context, opts ...services.MarshalOption) (types.ClusterNetworkingConfig, error)

GetClusterNetworkingConfig gets cluster networking config from the backend.

func (*ClusterConfigurationService) GetInstaller 

func (s *ClusterConfigurationService) GetInstaller(ctx context.Context, name string) (types.Installer, error)

GetInstaller gets the script of the cluster from the backend.

func (*ClusterConfigurationService) GetInstallers 

func (s *ClusterConfigurationService) GetInstallers(ctx context.Context) ([]types.Installer, error)

GetInstallers retrieves all the install scripts.

func (*ClusterConfigurationService) GetSessionRecordingConfig 

func (s *ClusterConfigurationService) GetSessionRecordingConfig(ctx context.Context, opts ...services.MarshalOption) (types.SessionRecordingConfig, error)

GetSessionRecordingConfig gets session recording config from the backend.

func (*ClusterConfigurationService) GetStaticTokens 

func (s *ClusterConfigurationService) GetStaticTokens() (types.StaticTokens, error)

GetStaticTokens gets the list of static tokens used to provision nodes.

func (*ClusterConfigurationService) GetUIConfig 

func (s *ClusterConfigurationService) GetUIConfig(ctx context.Context) (types.UIConfig, error)

func (*ClusterConfigurationService) SetAuthPreference 

func (s *ClusterConfigurationService) SetAuthPreference(ctx context.Context, preferences types.AuthPreference) error

SetAuthPreference sets the cluster authentication preferences on the backend.

func (*ClusterConfigurationService) SetClusterAuditConfig 

func (s *ClusterConfigurationService) SetClusterAuditConfig(ctx context.Context, auditConfig types.ClusterAuditConfig) error

SetClusterAuditConfig sets the cluster audit config on the backend.

func (*ClusterConfigurationService) SetClusterName 

func (s *ClusterConfigurationService) SetClusterName(c types.ClusterName) error

SetClusterName sets the name of the cluster in the backend. SetClusterName can only be called once on a cluster after which it will return trace.AlreadyExists.

func (*ClusterConfigurationService) SetClusterNetworkingConfig 

func (s *ClusterConfigurationService) SetClusterNetworkingConfig(ctx context.Context, netConfig types.ClusterNetworkingConfig) error

SetClusterNetworkingConfig sets the cluster networking config on the backend.

func (*ClusterConfigurationService) SetInstaller 

func (s *ClusterConfigurationService) SetInstaller(ctx context.Context, ins types.Installer) error

SetInstaller sets the script of the cluster in the backend

func (*ClusterConfigurationService) SetSessionRecordingConfig 

func (s *ClusterConfigurationService) SetSessionRecordingConfig(ctx context.Context, recConfig types.SessionRecordingConfig) error

SetSessionRecordingConfig sets session recording config on the backend.

func (*ClusterConfigurationService) SetStaticTokens 

func (s *ClusterConfigurationService) SetStaticTokens(c types.StaticTokens) error

SetStaticTokens sets the list of static tokens used to provision nodes.

func (*ClusterConfigurationService) SetUIConfig 

func (s *ClusterConfigurationService) SetUIConfig(ctx context.Context, uic types.UIConfig) error

func (*ClusterConfigurationService) UpdateClusterMaintenanceConfig 

func (s *ClusterConfigurationService) UpdateClusterMaintenanceConfig(ctx context.Context, cmc types.ClusterMaintenanceConfig) error

UpdateClusterMaintenanceConfig performs a nonce-protected update of the maintenance config singleton resource.

func (*ClusterConfigurationService) UpsertClusterName 

func (s *ClusterConfigurationService) UpsertClusterName(c types.ClusterName) error

UpsertClusterName sets the name of the cluster in the backend.

type ClusterExternalAuditStorageWatcherConfig 

type ClusterExternalAuditStorageWatcherConfig struct {
	// Backend is the storage backend used to create watchers.
	Backend backend.Backend
	// Log is a logger.
	Log logrus.FieldLogger
	// Clock is used to control time.
	Clock clockwork.Clock
	// OnChange is the action to take when the cluster ExternalAuditStorage
	// changes.
	OnChange func()
}

ClusterExternalAuditStorageWatcherConfig contains configuration options for a ClusterExternalAuditWatcher.

func (*ClusterExternalAuditStorageWatcherConfig) CheckAndSetDefaults 

func (cfg *ClusterExternalAuditStorageWatcherConfig) CheckAndSetDefaults() error

CheckAndSetDefaults checks parameters and sets default values.

type ClusterExternalAuditWatcher 

type ClusterExternalAuditWatcher struct {
	// contains filtered or unexported fields
}

ClusterExternalAuditWatcher is a light weight backend watcher for the cluster external audit resource.

func NewClusterExternalAuditWatcher 

func NewClusterExternalAuditWatcher(ctx context.Context, cfg ClusterExternalAuditStorageWatcherConfig) (*ClusterExternalAuditWatcher, error)

NewClusterExternalAuditWatcher creates a new cluster external audit resource watcher. The watcher will close once the given ctx is closed.

func (*ClusterExternalAuditWatcher) WaitInit 

func (w *ClusterExternalAuditWatcher) WaitInit(ctx context.Context) error

WaitInit waits for the watch loop to initialize.

type ConnectionDiagnosticService 

type ConnectionDiagnosticService struct {
	backend.Backend
}

ConnectionDiagnosticService manages connection diagnostic resources in the backend.

func NewConnectionsDiagnosticService 

func NewConnectionsDiagnosticService(backend backend.Backend) *ConnectionDiagnosticService

NewConnectionsDiagnosticService creates a new ConnectionsDiagnosticService.

func (*ConnectionDiagnosticService) AppendDiagnosticTrace 

func (s *ConnectionDiagnosticService) AppendDiagnosticTrace(ctx context.Context, name string, t *types.ConnectionDiagnosticTrace) (types.ConnectionDiagnostic, error)

AppendDiagnosticTrace adds a Trace into the ConnectionDiagnostics. It does a CompareAndSwap to ensure atomicity.

func (*ConnectionDiagnosticService) CreateConnectionDiagnostic 

func (s *ConnectionDiagnosticService) CreateConnectionDiagnostic(ctx context.Context, connectionDiagnostic types.ConnectionDiagnostic) error

CreateConnectionDiagnostic creates a Connection Diagnostic resource.

func (*ConnectionDiagnosticService) GetConnectionDiagnostic 

func (s *ConnectionDiagnosticService) GetConnectionDiagnostic(ctx context.Context, name string) (types.ConnectionDiagnostic, error)

GetConnectionDiagnostic receives a name and returns the Connection Diagnostic matching that name

If not found, a `trace.NotFound` error is returned

func (*ConnectionDiagnosticService) UpdateConnectionDiagnostic 

func (s *ConnectionDiagnosticService) UpdateConnectionDiagnostic(ctx context.Context, connectionDiagnostic types.ConnectionDiagnostic) error

UpdateConnectionDiagnostic updates a Connection Diagnostic resource.

type Conversation 

type Conversation struct {
	Title          string    `json:"title,omitempty"`
	ConversationID string    `json:"conversation_id"`
	CreatedTime    time.Time `json:"created_time"`
}

Conversation is a conversation entry in the backend.

type DatabaseService 

type DatabaseService struct {
	backend.Backend
}

DatabaseService manages database resources in the backend.

func NewDatabasesService 

func NewDatabasesService(backend backend.Backend) *DatabaseService

NewDatabasesService creates a new DatabasesService.

func (*DatabaseService) CreateDatabase 

func (s *DatabaseService) CreateDatabase(ctx context.Context, database types.Database) error

CreateDatabase creates a new database resource.

func (*DatabaseService) DeleteAllDatabases 

func (s *DatabaseService) DeleteAllDatabases(ctx context.Context) error

DeleteAllDatabases removes all database resources.

func (*DatabaseService) DeleteDatabase 

func (s *DatabaseService) DeleteDatabase(ctx context.Context, name string) error

DeleteDatabase removes the specified database resource.

func (*DatabaseService) GetDatabase 

func (s *DatabaseService) GetDatabase(ctx context.Context, name string) (types.Database, error)

GetDatabase returns the specified database resource.

func (*DatabaseService) GetDatabases 

func (s *DatabaseService) GetDatabases(ctx context.Context) ([]types.Database, error)

GetDatabases returns all database resources.

func (*DatabaseService) UpdateDatabase 

func (s *DatabaseService) UpdateDatabase(ctx context.Context, database types.Database) error

UpdateDatabase updates an existing database resource.

type DatabaseServicesService 

type DatabaseServicesService struct {
	backend.Backend
}

DatabaseServicesService manages DatabaseService resources in the backend.

func NewDatabaseServicesService 

func NewDatabaseServicesService(backend backend.Backend) *DatabaseServicesService

NewDatabaseServicesService creates a new DatabaseServicesService.

func (*DatabaseServicesService) DeleteAllDatabaseServices 

func (s *DatabaseServicesService) DeleteAllDatabaseServices(ctx context.Context) error

DeleteAllDatabaseServices removes all DatabaseService resources.

func (*DatabaseServicesService) DeleteDatabaseService 

func (s *DatabaseServicesService) DeleteDatabaseService(ctx context.Context, name string) error

DeleteDatabaseService removes the specified DatabaseService resource.

func (*DatabaseServicesService) UpsertDatabaseService 

func (s *DatabaseServicesService) UpsertDatabaseService(ctx context.Context, service types.DatabaseService) (*types.KeepAlive, error)

UpsertDatabaseService creates or updates (by name) a DatabaseService resource.

type DiscoveryConfigService 

type DiscoveryConfigService struct {
	// contains filtered or unexported fields
}

DiscoveryConfigService manages DiscoveryConfigs in the Backend.

func NewDiscoveryConfigService 

func NewDiscoveryConfigService(backend backend.Backend) (*DiscoveryConfigService, error)

NewDiscoveryConfigService creates a new DiscoveryConfigService.

func (*DiscoveryConfigService) CreateDiscoveryConfig 

func (s *DiscoveryConfigService) CreateDiscoveryConfig(ctx context.Context, dc *discoveryconfig.DiscoveryConfig) (*discoveryconfig.DiscoveryConfig, error)

CreateDiscoveryConfig creates a new DiscoveryConfig resource.

func (*DiscoveryConfigService) DeleteAllDiscoveryConfigs 

func (s *DiscoveryConfigService) DeleteAllDiscoveryConfigs(ctx context.Context) error

DeleteAllDiscoveryConfigs removes all DiscoveryConfig resources.

func (*DiscoveryConfigService) DeleteDiscoveryConfig 

func (s *DiscoveryConfigService) DeleteDiscoveryConfig(ctx context.Context, name string) error

DeleteDiscoveryConfig removes the specified DiscoveryConfig resource.

func (*DiscoveryConfigService) GetDiscoveryConfig 

func (s *DiscoveryConfigService) GetDiscoveryConfig(ctx context.Context, name string) (*discoveryconfig.DiscoveryConfig, error)

GetDiscoveryConfig returns the specified DiscoveryConfig resource.

func (*DiscoveryConfigService) ListDiscoveryConfigs 

func (s *DiscoveryConfigService) ListDiscoveryConfigs(ctx context.Context, pageSize int, pageToken string) ([]*discoveryconfig.DiscoveryConfig, string, error)

ListDiscoveryConfigs returns a paginated list of DiscoveryConfig resources.

func (*DiscoveryConfigService) UpdateDiscoveryConfig 

func (s *DiscoveryConfigService) UpdateDiscoveryConfig(ctx context.Context, dc *discoveryconfig.DiscoveryConfig) (*discoveryconfig.DiscoveryConfig, error)

UpdateDiscoveryConfig updates an existing DiscoveryConfig resource.

func (*DiscoveryConfigService) UpsertDiscoveryConfig 

func (s *DiscoveryConfigService) UpsertDiscoveryConfig(ctx context.Context, dc *discoveryconfig.DiscoveryConfig) (*discoveryconfig.DiscoveryConfig, error)

UpsertDiscoveryConfig upserts a DiscoveryConfig resource.

type DynamicAccessService 

type DynamicAccessService struct {
	backend.Backend
}

DynamicAccessService manages dynamic RBAC

func NewDynamicAccessService 

func NewDynamicAccessService(backend backend.Backend) *DynamicAccessService

NewDynamicAccessService returns new dynamic access service instance

func (*DynamicAccessService) ApplyAccessReview 

func (s *DynamicAccessService) ApplyAccessReview(ctx context.Context, params types.AccessReviewSubmission, checker services.ReviewPermissionChecker) (types.AccessRequest, error)

ApplyAccessReview applies a review to a request and returns the post-application state.

func (*DynamicAccessService) CreateAccessRequest 

func (s *DynamicAccessService) CreateAccessRequest(ctx context.Context, req types.AccessRequest) error

CreateAccessRequest stores a new access request.

func (*DynamicAccessService) CreateAccessRequestAllowedPromotions 

func (s *DynamicAccessService) CreateAccessRequestAllowedPromotions(ctx context.Context, req types.AccessRequest, accessLists *types.AccessRequestAllowedPromotions) error

CreateAccessRequestAllowedPromotions creates AccessRequestAllowedPromotions object.

func (*DynamicAccessService) CreateAccessRequestV2 

func (s *DynamicAccessService) CreateAccessRequestV2(ctx context.Context, req types.AccessRequest) (types.AccessRequest, error)

CreateAccessRequestV2 stores a new access request.

func (*DynamicAccessService) DeleteAccessRequest 

func (s *DynamicAccessService) DeleteAccessRequest(ctx context.Context, name string) error

DeleteAccessRequest deletes an access request.

func (*DynamicAccessService) DeleteAllAccessRequests 

func (s *DynamicAccessService) DeleteAllAccessRequests(ctx context.Context) error

func (*DynamicAccessService) GetAccessRequest 

func (s *DynamicAccessService) GetAccessRequest(ctx context.Context, name string) (types.AccessRequest, error)

func (*DynamicAccessService) GetAccessRequestAllowedPromotions 

func (s *DynamicAccessService) GetAccessRequestAllowedPromotions(ctx context.Context, req types.AccessRequest) (*types.AccessRequestAllowedPromotions, error)

GetAccessRequestAllowedPromotions returns AccessRequestAllowedPromotions object.

func (*DynamicAccessService) GetAccessRequests 

func (s *DynamicAccessService) GetAccessRequests(ctx context.Context, filter types.AccessRequestFilter) ([]types.AccessRequest, error)

GetAccessRequests gets all currently active access requests.

func (*DynamicAccessService) SetAccessRequestState 

func (s *DynamicAccessService) SetAccessRequestState(ctx context.Context, params types.AccessRequestUpdate) (types.AccessRequest, error)

SetAccessRequestState updates the state of an existing access request.

func (*DynamicAccessService) UpsertAccessRequest 

func (s *DynamicAccessService) UpsertAccessRequest(ctx context.Context, req types.AccessRequest) error

type EmbeddingsService 

type EmbeddingsService struct {
	backend.Backend
	// contains filtered or unexported fields
}

EmbeddingsService implements the services.Embeddings interface.

func NewEmbeddingsService 

func NewEmbeddingsService(b backend.Backend) *EmbeddingsService

NewEmbeddingsService is a constructor for the EmbeddingsService.

func (EmbeddingsService) GetAllEmbeddings 

func (e EmbeddingsService) GetAllEmbeddings(ctx context.Context) stream.Stream[*embedding.Embedding]

GetEmbeddings returns a stream of all embeddings

func (EmbeddingsService) GetEmbedding 

func (e EmbeddingsService) GetEmbedding(ctx context.Context, kind, resourceID string) (*embedding.Embedding, error)

GetEmbedding looks up a single embedding by its name in the backend.

func (EmbeddingsService) GetEmbeddings 

func (e EmbeddingsService) GetEmbeddings(ctx context.Context, kind string) stream.Stream[*embedding.Embedding]

GetEmbeddings returns a stream of embeddings for a given kind.

func (EmbeddingsService) UpsertEmbedding 

func (e EmbeddingsService) UpsertEmbedding(ctx context.Context, embedding *embedding.Embedding) (*embedding.Embedding, error)

UpsertEmbedding creates or update a single ai.Embedding in the backend.

type EventMatcher 

type EventMatcher interface {
	// Match matches the specified event.
	// Returns the matched resource if successful.
	// Returns trace.CompareFailedError for no match.
	Match(types.Event) (types.Resource, error)
}

EventMatcher matches a specific resource event

type EventMatcherFunc 

type EventMatcherFunc func(types.Event) (types.Resource, error)

EventMatcherFunc matches the specified resource event. Implements EventMatcher

func (EventMatcherFunc) Match 

func (r EventMatcherFunc) Match(event types.Event) (types.Resource, error)

Match matches the specified resource event by applying itself

type EventsService 

type EventsService struct {
	*logrus.Entry
	// contains filtered or unexported fields
}

EventsService implements service to watch for events

func NewEventsService 

func NewEventsService(b backend.Backend) *EventsService

NewEventsService returns new events service instance

func (*EventsService) NewWatcher 

func (e *EventsService) NewWatcher(ctx context.Context, watch types.Watch) (types.Watcher, error)

NewWatcher returns a new event watcher

type ExternalAuditStorageService 

type ExternalAuditStorageService struct {
	// contains filtered or unexported fields
}

ExternalAuditStorageService manages External Audit Storage resources in the Backend.

func NewExternalAuditStorageService 

func NewExternalAuditStorageService(backend backend.Backend) *ExternalAuditStorageService

func (*ExternalAuditStorageService) CreateDraftExternalAuditStorage 

func (s *ExternalAuditStorageService) CreateDraftExternalAuditStorage(ctx context.Context, in *externalauditstorage.ExternalAuditStorage) (*externalauditstorage.ExternalAuditStorage, error)

CreateDraftExternalAudit creates the draft External Audit Storage resource if one does not already exist.

func (*ExternalAuditStorageService) DeleteDraftExternalAuditStorage 

func (s *ExternalAuditStorageService) DeleteDraftExternalAuditStorage(ctx context.Context) error

DeleteDraftExternalAudit removes the draft External Audit Storage resource.

func (*ExternalAuditStorageService) DisableClusterExternalAuditStorage 

func (s *ExternalAuditStorageService) DisableClusterExternalAuditStorage(ctx context.Context) error

func (*ExternalAuditStorageService) GenerateDraftExternalAuditStorage 

func (s *ExternalAuditStorageService) GenerateDraftExternalAuditStorage(ctx context.Context, integrationName, region string) (*externalauditstorage.ExternalAuditStorage, error)

GenerateDraftExternalAuditStorage creates a new draft ExternalAuditStorage with randomized resource names and stores it as the current draft, returning the generated resource.

func (*ExternalAuditStorageService) GetClusterExternalAuditStorage 

func (s *ExternalAuditStorageService) GetClusterExternalAuditStorage(ctx context.Context) (*externalauditstorage.ExternalAuditStorage, error)

GetClusterExternalAuditStorage returns the cluster External Audit Storage resource.

func (*ExternalAuditStorageService) GetDraftExternalAuditStorage 

func (s *ExternalAuditStorageService) GetDraftExternalAuditStorage(ctx context.Context) (*externalauditstorage.ExternalAuditStorage, error)

GetDraftExternalAuditStorage returns the draft External Audit Storage resource.

func (*ExternalAuditStorageService) PromoteToClusterExternalAuditStorage 

func (s *ExternalAuditStorageService) PromoteToClusterExternalAuditStorage(ctx context.Context) error

PromoteToClusterExternalAuditStorage promotes draft to cluster external cloud audit resource.

func (*ExternalAuditStorageService) UpsertDraftExternalAuditStorage 

func (s *ExternalAuditStorageService) UpsertDraftExternalAuditStorage(ctx context.Context, in *externalauditstorage.ExternalAuditStorage) (*externalauditstorage.ExternalAuditStorage, error)

UpsertDraftExternalAudit upserts the draft External Audit Storage resource.

type FakePaginateParams 

type FakePaginateParams struct {
	// ResourceType is the resource that is going to be retrieved.
	// This only needs to be set explicitly for the `ListResources` rpc.
	ResourceType string
	// Namespace is the namespace of resources.
	Namespace string
	// Limit is the maximum amount of resources to retrieve.
	Limit int32
	// StartKey is used to start listing resources from a specific spot. It
	// should be set to the previous NextKey value if using pagination, or
	// left empty.
	StartKey string
	// Labels is a label-based matcher if non-empty.
	Labels map[string]string
	// PredicateExpression defines boolean conditions that will be matched against the resource.
	PredicateExpression string
	// SearchKeywords is a list of search keywords to match against resource field values.
	SearchKeywords []string
	// SortBy describes which resource field and which direction to sort by.
	SortBy types.SortBy
	// WindowsDesktopFilter specifies windows desktop specific filters.
	WindowsDesktopFilter types.WindowsDesktopFilter
	// Kinds is a list of kinds to match against a resource's kind. This can be used in a
	// unified resource request that can include multiple types.
	Kinds []string
	// NeedTotalCount indicates whether or not the caller also wants the total number of resources after filtering.
	NeedTotalCount bool
}

FakePaginateParams is used in FakePaginate to help filter down listing of resources into pages and includes required fields to support ListResources and ListUnifiedResources requests

func (*FakePaginateParams) CheckAndSetDefaults 

func (req *FakePaginateParams) CheckAndSetDefaults() error

CheckAndSetDefaults checks and sets default values.

func (*FakePaginateParams) GetWindowsDesktopFilter 

func (req *FakePaginateParams) GetWindowsDesktopFilter() types.WindowsDesktopFilter

GetWindowsDesktopFilter retrieves the WindowsDesktopFilter from params

type HeadlessAuthenticationSubscriber 

type HeadlessAuthenticationSubscriber interface {
	// Updates is a channel used by the watcher to send headless authentication updates.
	Updates() <-chan *types.HeadlessAuthentication
	// WaitForUpdate returns the first update which passes the given condition, or returns
	// early if the condition results in an error or if the subscriber or given context is closed.
	WaitForUpdate(ctx context.Context, cond func(*types.HeadlessAuthentication) (bool, error)) (*types.HeadlessAuthentication, error)
	// Done returns a channel that's closed when the subscriber is closed.
	Done() <-chan struct{}
	// Close closes the subscriber and its channels. This frees up resources for the watcher
	// and should always be called on completion.
	Close()
}

HeadlessAuthenticationSubscriber is a subscriber for a specific headless authentication.

type HeadlessAuthenticationWatcher 

type HeadlessAuthenticationWatcher struct {
	HeadlessAuthenticationWatcherConfig

	sync.Mutex
	// contains filtered or unexported fields
}

HeadlessAuthenticationWatcher is a light weight backend watcher for the headless authentication resource.

func NewHeadlessAuthenticationWatcher 

func NewHeadlessAuthenticationWatcher(ctx context.Context, cfg HeadlessAuthenticationWatcherConfig) (*HeadlessAuthenticationWatcher, error)

NewHeadlessAuthenticationWatcher creates a new headless authentication resource watcher. The watcher will close once the given ctx is closed.

func (*HeadlessAuthenticationWatcher) Done 

func (h *HeadlessAuthenticationWatcher) Done() <-chan struct{}

Done returns a channel that's closed when the watcher is closed.

func (*HeadlessAuthenticationWatcher) Subscribe 

func (h *HeadlessAuthenticationWatcher) Subscribe(ctx context.Context, username, name string) (HeadlessAuthenticationSubscriber, error)

Subscribe creates a subscriber for a specific headless authentication.

func (*HeadlessAuthenticationWatcher) WaitInit 

func (h *HeadlessAuthenticationWatcher) WaitInit(ctx context.Context) error

WaitInit waits for the watch loop to initialize.

type HeadlessAuthenticationWatcherConfig 

type HeadlessAuthenticationWatcherConfig struct {
	// Backend is the storage backend used to create watchers.
	Backend backend.Backend
	// Log is a logger.
	Log logrus.FieldLogger
	// Clock is used to control time.
	Clock clockwork.Clock
	// MaxRetryPeriod is the maximum retry period on failed watchers.
	MaxRetryPeriod time.Duration
}

HeadlessAuthenticationWatcherConfig contains configuration options for a HeadlessAuthenticationWatcher.

func (*HeadlessAuthenticationWatcherConfig) CheckAndSetDefaults 

func (cfg *HeadlessAuthenticationWatcherConfig) CheckAndSetDefaults() error

CheckAndSetDefaults checks parameters and sets default values.

type IdentityService 

type IdentityService struct {
	backend.Backend
	// contains filtered or unexported fields
}

IdentityService is responsible for managing web users and currently user accounts as well

func NewIdentityService 

func NewIdentityService(backend backend.Backend) *IdentityService

NewIdentityService returns a new instance of IdentityService object

func (*IdentityService) AddUserLoginAttempt 

func (s *IdentityService) AddUserLoginAttempt(user string, attempt services.LoginAttempt, ttl time.Duration) error

AddUserLoginAttempt logs user login attempt

func (*IdentityService) CompareAndSwapHeadlessAuthentication 

func (s *IdentityService) CompareAndSwapHeadlessAuthentication(ctx context.Context, old, new *types.HeadlessAuthentication) (*types.HeadlessAuthentication, error)

CompareAndSwapHeadlessAuthentication validates the new headless authentication and performs a compare and swap replacement on a headless authentication resource.

func (*IdentityService) CompareAndSwapUser 

func (s *IdentityService) CompareAndSwapUser(ctx context.Context, new, existing types.User) error

CompareAndSwapUser updates a user, but fails if the value (as exists in the backend) differs from the provided `existing` value. If the existing value matches, returns no error, otherwise returns `trace.CompareFailed`.

func (*IdentityService) CreateGithubAuthRequest 

func (s *IdentityService) CreateGithubAuthRequest(ctx context.Context, req types.GithubAuthRequest) error

CreateGithubAuthRequest creates a new auth request for Github OAuth2 flow

func (*IdentityService) CreateGithubConnector 

func (s *IdentityService) CreateGithubConnector(ctx context.Context, connector types.GithubConnector) (types.GithubConnector, error)

CreateGithubConnector creates a new Github connector.

func (*IdentityService) CreateOIDCAuthRequest 

func (s *IdentityService) CreateOIDCAuthRequest(ctx context.Context, req types.OIDCAuthRequest, ttl time.Duration) error

CreateOIDCAuthRequest creates new auth request

func (*IdentityService) CreateOIDCConnector 

func (s *IdentityService) CreateOIDCConnector(ctx context.Context, connector types.OIDCConnector) (types.OIDCConnector, error)

CreateOIDCConnector creates a new OIDC connector.

func (*IdentityService) CreateSAMLAuthRequest 

func (s *IdentityService) CreateSAMLAuthRequest(ctx context.Context, req types.SAMLAuthRequest, ttl time.Duration) error

CreateSAMLAuthRequest creates new auth request

func (*IdentityService) CreateSAMLConnector 

func (s *IdentityService) CreateSAMLConnector(ctx context.Context, connector types.SAMLConnector) (types.SAMLConnector, error)

CreateSAMLConnector creates a new SAML connector.

func (*IdentityService) CreateSSODiagnosticInfo 

func (s *IdentityService) CreateSSODiagnosticInfo(ctx context.Context, authKind string, authRequestID string, entry types.SSODiagnosticInfo) error

CreateSSODiagnosticInfo creates new SAML diagnostic info record.

func (*IdentityService) CreateUser 

func (s *IdentityService) CreateUser(ctx context.Context, user types.User) (types.User, error)

CreateUser creates user if it does not exist.

func (*IdentityService) CreateUserRecoveryAttempt 

func (s *IdentityService) CreateUserRecoveryAttempt(ctx context.Context, user string, attempt *types.RecoveryAttempt) error

CreateUserRecoveryAttempt creates new user recovery attempt.

func (*IdentityService) CreateUserToken 

func (s *IdentityService) CreateUserToken(ctx context.Context, token types.UserToken) (types.UserToken, error)

CreateUserToken creates a user token.

func (*IdentityService) DeleteAllAppSessions 

func (s *IdentityService) DeleteAllAppSessions(ctx context.Context) error

DeleteAllAppSessions removes all application web sessions.

func (*IdentityService) DeleteAllHeadlessAuthentications 

func (s *IdentityService) DeleteAllHeadlessAuthentications(ctx context.Context) error

DeleteAllHeadlessAuthentications deletes all headless authentications from the backend.

func (*IdentityService) DeleteAllSAMLIdPSessions 

func (s *IdentityService) DeleteAllSAMLIdPSessions(ctx context.Context) error

DeleteAllSAMLIdPSessions removes all SAML IdP sessions.

func (*IdentityService) DeleteAllSnowflakeSessions 

func (s *IdentityService) DeleteAllSnowflakeSessions(ctx context.Context) error

DeleteAllSnowflakeSessions removes all Snowflake web sessions.

func (*IdentityService) DeleteAllUsers 

func (s *IdentityService) DeleteAllUsers(ctx context.Context) error

DeleteAllUsers deletes all users

func (*IdentityService) DeleteAppSession 

func (s *IdentityService) DeleteAppSession(ctx context.Context, req types.DeleteAppSessionRequest) error

DeleteAppSession removes an application web session.

func (*IdentityService) DeleteGithubConnector 

func (s *IdentityService) DeleteGithubConnector(ctx context.Context, name string) error

DeleteGithubConnector deletes the specified connector

func (*IdentityService) DeleteGlobalWebauthnSessionData 

func (s *IdentityService) DeleteGlobalWebauthnSessionData(ctx context.Context, scope, id string) error

func (*IdentityService) DeleteHeadlessAuthentication 

func (s *IdentityService) DeleteHeadlessAuthentication(ctx context.Context, username, name string) error

DeleteHeadlessAuthentication deletes a headless authentication from the backend.

func (*IdentityService) DeleteMFADevice 

func (s *IdentityService) DeleteMFADevice(ctx context.Context, user, id string) error

func (*IdentityService) DeleteOIDCConnector 

func (s *IdentityService) DeleteOIDCConnector(ctx context.Context, name string) error

DeleteOIDCConnector deletes OIDC Connector by name

func (*IdentityService) DeleteSAMLConnector 

func (s *IdentityService) DeleteSAMLConnector(ctx context.Context, name string) error

DeleteSAMLConnector deletes SAML Connector by name

func (*IdentityService) DeleteSAMLIdPSession 

func (s *IdentityService) DeleteSAMLIdPSession(ctx context.Context, req types.DeleteSAMLIdPSessionRequest) error

DeleteSAMLIdPSession removes a SAML IdP session.

func (*IdentityService) DeleteSnowflakeSession 

func (s *IdentityService) DeleteSnowflakeSession(ctx context.Context, req types.DeleteSnowflakeSessionRequest) error

DeleteSnowflakeSession removes a Snowflake web session.

func (*IdentityService) DeleteUsedTOTPToken 

func (s *IdentityService) DeleteUsedTOTPToken(user string) error

DeleteUsedTOTPToken removes the used token from the backend. This should only be used during tests.

func (*IdentityService) DeleteUser 

func (s *IdentityService) DeleteUser(ctx context.Context, user string) error

DeleteUser deletes a user with all the keys from the backend

func (*IdentityService) DeleteUserAppSessions 

func (s *IdentityService) DeleteUserAppSessions(ctx context.Context, req *proto.DeleteUserAppSessionsRequest) error

DeleteUserAppSessions removes all application web sessions for a particular user.

func (*IdentityService) DeleteUserLoginAttempts 

func (s *IdentityService) DeleteUserLoginAttempts(user string) error

DeleteUserLoginAttempts removes all login attempts of a user. Should be called after successful login.

func (*IdentityService) DeleteUserRecoveryAttempts 

func (s *IdentityService) DeleteUserRecoveryAttempts(ctx context.Context, user string) error

DeleteUserRecoveryAttempts removes all recovery attempts of a user.

func (*IdentityService) DeleteUserSAMLIdPSessions 

func (s *IdentityService) DeleteUserSAMLIdPSessions(ctx context.Context, user string) error

DeleteUserSAMLIdPSessions removes all SAML IdP sessions for a particular user.

func (*IdentityService) DeleteUserToken 

func (s *IdentityService) DeleteUserToken(ctx context.Context, tokenID string) error

DeleteUserToken deletes user token by ID.

func (*IdentityService) DeleteWebauthnSessionData 

func (s *IdentityService) DeleteWebauthnSessionData(ctx context.Context, user, sessionID string) error

func (*IdentityService) GetAppSession 

func (s *IdentityService) GetAppSession(ctx context.Context, req types.GetAppSessionRequest) (types.WebSession, error)

GetAppSession gets an application web session.

func (*IdentityService) GetGithubAuthRequest 

func (s *IdentityService) GetGithubAuthRequest(ctx context.Context, stateToken string) (*types.GithubAuthRequest, error)

GetGithubAuthRequest retrieves Github auth request by the token

func (*IdentityService) GetGithubConnector 

func (s *IdentityService) GetGithubConnector(ctx context.Context, name string, withSecrets bool) (types.GithubConnector, error)

GetGithubConnector returns a particular Github connector.

func (*IdentityService) GetGithubConnectors 

func (s *IdentityService) GetGithubConnectors(ctx context.Context, withSecrets bool) ([]types.GithubConnector, error)

GetGithubConnectors returns all configured Github connectors

func (*IdentityService) GetGlobalWebauthnSessionData 

func (s *IdentityService) GetGlobalWebauthnSessionData(ctx context.Context, scope, id string) (*wanpb.SessionData, error)

func (*IdentityService) GetHeadlessAuthentication 

func (s *IdentityService) GetHeadlessAuthentication(ctx context.Context, username, name string) (*types.HeadlessAuthentication, error)

GetHeadlessAuthentication returns a headless authentication from the backend.

func (*IdentityService) GetHeadlessAuthentications 

func (s *IdentityService) GetHeadlessAuthentications(ctx context.Context) ([]*types.HeadlessAuthentication, error)

GetHeadlessAuthentications returns all headless authentications from the backend.

func (*IdentityService) GetKeyAttestationData 

func (s *IdentityService) GetKeyAttestationData(ctx context.Context, publicKey crypto.PublicKey) (*keys.AttestationData, error)

GetKeyAttestationData gets a verified public key attestation response.

func (*IdentityService) GetMFADevices 

func (s *IdentityService) GetMFADevices(ctx context.Context, user string, withSecrets bool) ([]*types.MFADevice, error)

func (*IdentityService) GetOIDCAuthRequest 

func (s *IdentityService) GetOIDCAuthRequest(ctx context.Context, stateToken string) (*types.OIDCAuthRequest, error)

GetOIDCAuthRequest returns OIDC auth request

func (*IdentityService) GetOIDCConnector 

func (s *IdentityService) GetOIDCConnector(ctx context.Context, name string, withSecrets bool) (types.OIDCConnector, error)

GetOIDCConnector returns OIDC connector data, parameter 'withSecrets' includes or excludes client secret from return results

func (*IdentityService) GetOIDCConnectors 

func (s *IdentityService) GetOIDCConnectors(ctx context.Context, withSecrets bool) ([]types.OIDCConnector, error)

GetOIDCConnectors returns registered connectors, withSecrets adds or removes client secret from return results

func (*IdentityService) GetPasswordHash 

func (s *IdentityService) GetPasswordHash(user string) ([]byte, error)

GetPasswordHash returns the password hash for a given user

func (*IdentityService) GetRecoveryCodes 

func (s *IdentityService) GetRecoveryCodes(ctx context.Context, user string, withSecrets bool) (*types.RecoveryCodesV1, error)

GetRecoveryCodes returns user's recovery codes.

func (*IdentityService) GetSAMLAuthRequest 

func (s *IdentityService) GetSAMLAuthRequest(ctx context.Context, id string) (*types.SAMLAuthRequest, error)

GetSAMLAuthRequest returns SAML auth request if found

func (*IdentityService) GetSAMLConnector 

func (s *IdentityService) GetSAMLConnector(ctx context.Context, name string, withSecrets bool) (types.SAMLConnector, error)

GetSAMLConnector returns SAML connector data, withSecrets includes or excludes secrets from return results

func (*IdentityService) GetSAMLConnectors 

func (s *IdentityService) GetSAMLConnectors(ctx context.Context, withSecrets bool) ([]types.SAMLConnector, error)

GetSAMLConnectors returns registered connectors withSecrets includes or excludes private key values from return results

func (*IdentityService) GetSAMLIdPSession 

func (s *IdentityService) GetSAMLIdPSession(ctx context.Context, req types.GetSAMLIdPSessionRequest) (types.WebSession, error)

GetSAMLIdPSession gets a SAML IdP session.

func (*IdentityService) GetSSODiagnosticInfo 

func (s *IdentityService) GetSSODiagnosticInfo(ctx context.Context, authKind string, authRequestID string) (*types.SSODiagnosticInfo, error)

GetSSODiagnosticInfo returns SSO diagnostic info records.

func (*IdentityService) GetSnowflakeSession 

func (s *IdentityService) GetSnowflakeSession(ctx context.Context, req types.GetSnowflakeSessionRequest) (types.WebSession, error)

GetSnowflakeSession gets an application web session.

func (*IdentityService) GetSnowflakeSessions 

func (s *IdentityService) GetSnowflakeSessions(ctx context.Context) ([]types.WebSession, error)

GetSnowflakeSessions gets all Snowflake web sessions.

func (*IdentityService) GetTeleportUserByWebauthnID 

func (s *IdentityService) GetTeleportUserByWebauthnID(ctx context.Context, webID []byte) (string, error)

func (*IdentityService) GetUsedTOTPToken 

func (s *IdentityService) GetUsedTOTPToken(user string) (string, error)

GetUsedTOTPToken returns the last successfully used TOTP token. If no token is found zero is returned.

func (*IdentityService) GetUser 

func (s *IdentityService) GetUser(ctx context.Context, user string, withSecrets bool) (types.User, error)

GetUser returns a user by name

func (*IdentityService) GetUserByGithubIdentity 

func (s *IdentityService) GetUserByGithubIdentity(id types.ExternalIdentity) (types.User, error)

GetUserByGithubIdentity returns the first found user with specified Github identity

func (*IdentityService) GetUserByOIDCIdentity 

func (s *IdentityService) GetUserByOIDCIdentity(id types.ExternalIdentity) (types.User, error)

GetUserByOIDCIdentity returns a user by it's specified OIDC Identity, returns first user specified with this identity

func (*IdentityService) GetUserBySAMLIdentity 

func (s *IdentityService) GetUserBySAMLIdentity(id types.ExternalIdentity) (types.User, error)

GetUserBySAMLIdentity returns a user by it's specified OIDC Identity, returns first user specified with this identity.

func (*IdentityService) GetUserLoginAttempts 

func (s *IdentityService) GetUserLoginAttempts(user string) ([]services.LoginAttempt, error)

GetUserLoginAttempts returns user login attempts

func (*IdentityService) GetUserRecoveryAttempts 

func (s *IdentityService) GetUserRecoveryAttempts(ctx context.Context, user string) ([]*types.RecoveryAttempt, error)

GetUserRecoveryAttempts returns users recovery attempts.

func (*IdentityService) GetUserToken 

func (s *IdentityService) GetUserToken(ctx context.Context, tokenID string) (types.UserToken, error)

GetUserToken returns a token by its ID.

func (*IdentityService) GetUserTokenSecrets 

func (s *IdentityService) GetUserTokenSecrets(ctx context.Context, tokenID string) (types.UserTokenSecrets, error)

GetUserTokenSecrets returns token secrets.

func (*IdentityService) GetUserTokens 

func (s *IdentityService) GetUserTokens(ctx context.Context) ([]types.UserToken, error)

GetUserTokens returns all user tokens.

func (*IdentityService) GetUsers 

func (s *IdentityService) GetUsers(ctx context.Context, withSecrets bool) ([]types.User, error)

GetUsers returns a list of users registered with the local auth server

func (*IdentityService) GetWebauthnLocalAuth 

func (s *IdentityService) GetWebauthnLocalAuth(ctx context.Context, user string) (*types.WebauthnLocalAuth, error)

func (*IdentityService) GetWebauthnSessionData 

func (s *IdentityService) GetWebauthnSessionData(ctx context.Context, user, sessionID string) (*wanpb.SessionData, error)

func (*IdentityService) LegacyUpdateUser 

func (s *IdentityService) LegacyUpdateUser(ctx context.Context, user types.User) (types.User, error)

LegacyUpdateUser blindly updates an existing user. IdentityService.UpdateUser should be used instead so that optimistic locking prevents concurrent resource updates.

func (*IdentityService) ListAppSessions 

func (s *IdentityService) ListAppSessions(ctx context.Context, pageSize int, pageToken, user string) ([]types.WebSession, string, error)

ListAppSessions gets a paginated list of application web sessions.

func (*IdentityService) ListSAMLIdPSessions 

func (s *IdentityService) ListSAMLIdPSessions(ctx context.Context, pageSize int, pageToken, user string) ([]types.WebSession, string, error)

ListSAMLIdPSessions gets a paginated list of SAML IdP sessions.

func (*IdentityService) ListUsers 

func (s *IdentityService) ListUsers(ctx context.Context, pageSize int, pageToken string, withSecrets bool) ([]types.User, string, error)

ListUsers returns a page of users.

func (*IdentityService) UpdateAndSwapUser 

func (s *IdentityService) UpdateAndSwapUser(ctx context.Context, user string, withSecrets bool, fn func(types.User) (changed bool, err error)) (types.User, error)

UpdateAndSwapUser reads an existing user, runs `fn` against it and writes the result to storage. Return `false` from `fn` to avoid storage changes. Roughly equivalent to [GetUser] followed by [CompareAndSwapUser]. Returns the storage user.

func (*IdentityService) UpdateGithubConnector 

func (s *IdentityService) UpdateGithubConnector(ctx context.Context, connector types.GithubConnector) (types.GithubConnector, error)

UpdateGithubConnector updates an existing Github connector.

func (*IdentityService) UpdateOIDCConnector 

func (s *IdentityService) UpdateOIDCConnector(ctx context.Context, connector types.OIDCConnector) (types.OIDCConnector, error)

UpdateOIDCConnector updates an existing OIDC connector.

func (*IdentityService) UpdateSAMLConnector 

func (s *IdentityService) UpdateSAMLConnector(ctx context.Context, connector types.SAMLConnector) (types.SAMLConnector, error)

UpdateSAMLConnector updates an existing SAML connector

func (*IdentityService) UpdateUser 

func (s *IdentityService) UpdateUser(ctx context.Context, user types.User) (types.User, error)

UpdateUser updates an existing user if the revisions match.

func (*IdentityService) UpsertAppSession 

func (s *IdentityService) UpsertAppSession(ctx context.Context, session types.WebSession) error

UpsertAppSession creates an application web session.

func (*IdentityService) UpsertGithubConnector 

func (s *IdentityService) UpsertGithubConnector(ctx context.Context, connector types.GithubConnector) (types.GithubConnector, error)

UpsertGithubConnector creates or updates a Github connector

func (*IdentityService) UpsertGlobalWebauthnSessionData 

func (s *IdentityService) UpsertGlobalWebauthnSessionData(ctx context.Context, scope, id string, sd *wanpb.SessionData) error

func (*IdentityService) UpsertHeadlessAuthentication 

func (s *IdentityService) UpsertHeadlessAuthentication(ctx context.Context, ha *types.HeadlessAuthentication) error

UpsertHeadlessAuthentication upserts a headless authentication in the backend.

func (*IdentityService) UpsertKeyAttestationData 

func (s *IdentityService) UpsertKeyAttestationData(ctx context.Context, attestationData *keys.AttestationData, ttl time.Duration) error

UpsertKeyAttestationData upserts a verified public key attestation response.

func (*IdentityService) UpsertMFADevice 

func (s *IdentityService) UpsertMFADevice(ctx context.Context, user string, d *types.MFADevice) error

func (*IdentityService) UpsertOIDCConnector 

func (s *IdentityService) UpsertOIDCConnector(ctx context.Context, connector types.OIDCConnector) (types.OIDCConnector, error)

UpsertOIDCConnector upserts OIDC Connector

func (*IdentityService) UpsertPassword 

func (s *IdentityService) UpsertPassword(user string, password []byte) error

UpsertPassword upserts new password hash into a backend.

func (*IdentityService) UpsertPasswordHash 

func (s *IdentityService) UpsertPasswordHash(username string, hash []byte) error

UpsertPasswordHash upserts user password hash

func (*IdentityService) UpsertRecoveryCodes 

func (s *IdentityService) UpsertRecoveryCodes(ctx context.Context, user string, recovery *types.RecoveryCodesV1) error

UpsertRecoveryCodes creates or updates user's account recovery codes. Each recovery code are hashed before upsert.

func (*IdentityService) UpsertSAMLConnector 

func (s *IdentityService) UpsertSAMLConnector(ctx context.Context, connector types.SAMLConnector) (types.SAMLConnector, error)

UpsertSAMLConnector upserts SAML Connector

func (*IdentityService) UpsertSAMLIdPSession 

func (s *IdentityService) UpsertSAMLIdPSession(ctx context.Context, session types.WebSession) error

UpsertSAMLIdPSession creates a SAMLIdP web session.

func (*IdentityService) UpsertSnowflakeSession 

func (s *IdentityService) UpsertSnowflakeSession(ctx context.Context, session types.WebSession) error

UpsertSnowflakeSession creates a Snowflake web session.

func (*IdentityService) UpsertUsedTOTPToken 

func (s *IdentityService) UpsertUsedTOTPToken(user string, otpToken string) error

UpsertUsedTOTPToken upserts a TOTP token to the backend so it can't be used again during the 30 second window it's valid.

func (*IdentityService) UpsertUser 

func (s *IdentityService) UpsertUser(ctx context.Context, user types.User) (types.User, error)

UpsertUser updates parameters about user, or creates an entry if not exist.

func (*IdentityService) UpsertUserTokenSecrets 

func (s *IdentityService) UpsertUserTokenSecrets(ctx context.Context, secrets types.UserTokenSecrets) error

UpsertUserTokenSecrets upserts token secrets

func (*IdentityService) UpsertWebauthnLocalAuth 

func (s *IdentityService) UpsertWebauthnLocalAuth(ctx context.Context, user string, wla *types.WebauthnLocalAuth) error

func (*IdentityService) UpsertWebauthnSessionData 

func (s *IdentityService) UpsertWebauthnSessionData(ctx context.Context, user, sessionID string, sd *wanpb.SessionData) error

func (*IdentityService) WebSessions 

func (s *IdentityService) WebSessions() types.WebSessionInterface

WebSessions returns the web sessions manager.

func (*IdentityService) WebTokens 

func (s *IdentityService) WebTokens() types.WebTokenInterface

WebTokens returns the web token manager.

type IntegrationsService 

type IntegrationsService struct {
	// contains filtered or unexported fields
}

IntegrationsService manages Integrations in the Backend.

func NewIntegrationsService 

func NewIntegrationsService(backend backend.Backend) (*IntegrationsService, error)

NewIntegrationsService creates a new IntegrationsService.

func (*IntegrationsService) CreateIntegration 

func (s *IntegrationsService) CreateIntegration(ctx context.Context, ig types.Integration) (types.Integration, error)

CreateIntegration creates a new Integration resource.

func (*IntegrationsService) DeleteAllIntegrations 

func (s *IntegrationsService) DeleteAllIntegrations(ctx context.Context) error

DeleteAllIntegrations removes all Integration resources.

func (*IntegrationsService) DeleteIntegration 

func (s *IntegrationsService) DeleteIntegration(ctx context.Context, name string) error

DeleteIntegration removes the specified Integration resource.

func (*IntegrationsService) GetIntegration 

func (s *IntegrationsService) GetIntegration(ctx context.Context, name string) (types.Integration, error)

GetIntegration returns the specified Integration resource.

func (*IntegrationsService) ListIntegrations 

func (s *IntegrationsService) ListIntegrations(ctx context.Context, pageSize int, pageToken string) ([]types.Integration, string, error)

ListIntegrations returns a paginated list of Integration resources.

func (*IntegrationsService) UpdateIntegration 

func (s *IntegrationsService) UpdateIntegration(ctx context.Context, ig types.Integration) (types.Integration, error)

UpdateIntegration updates an existing Integration resource.

type KubernetesService 

type KubernetesService struct {
	backend.Backend
}

KubernetesService manages kubernetes resources in the backend.

func NewKubernetesService 

func NewKubernetesService(backend backend.Backend) *KubernetesService

NewKubernetesService creates a new KubernetesService.

func (*KubernetesService) CreateKubernetesCluster 

func (s *KubernetesService) CreateKubernetesCluster(ctx context.Context, cluster types.KubeCluster) error

CreateKubernetesCluster creates a new kubernetes cluster resource.

func (*KubernetesService) DeleteAllKubernetesClusters 

func (s *KubernetesService) DeleteAllKubernetesClusters(ctx context.Context) error

DeleteAllKubernetesClusters removes all kubernetes cluster resources.

func (*KubernetesService) DeleteKubernetesCluster 

func (s *KubernetesService) DeleteKubernetesCluster(ctx context.Context, name string) error

DeleteKubernetesCluster removes the specified kubernetes cluster resource.

func (*KubernetesService) GetKubernetesCluster 

func (s *KubernetesService) GetKubernetesCluster(ctx context.Context, name string) (types.KubeCluster, error)

GetKubernetesCluster returns the specified kubernetes cluster resource.

func (*KubernetesService) GetKubernetesClusters 

func (s *KubernetesService) GetKubernetesClusters(ctx context.Context) ([]types.KubeCluster, error)

GetKubernetesClusters returns all kubernetes cluster resources.

func (*KubernetesService) UpdateKubernetesCluster 

func (s *KubernetesService) UpdateKubernetesCluster(ctx context.Context, cluster types.KubeCluster) error

UpdateKubernetesCluster updates an existing kubernetes cluster resource.

type OktaService 

type OktaService struct {
	// contains filtered or unexported fields
}

OktaService manages Okta resources in the Backend.

func NewOktaService 

func NewOktaService(backend backend.Backend, clock clockwork.Clock) (*OktaService, error)

NewOktaService creates a new OktaService.

func (*OktaService) CreateOktaAssignment 

func (o *OktaService) CreateOktaAssignment(ctx context.Context, assignment types.OktaAssignment) (types.OktaAssignment, error)

CreateOktaAssignment creates a new Okta assignment resource.

func (*OktaService) CreateOktaImportRule 

func (o *OktaService) CreateOktaImportRule(ctx context.Context, importRule types.OktaImportRule) (types.OktaImportRule, error)

CreateOktaImportRule creates a new Okta import rule resource.

func (*OktaService) DeleteAllOktaAssignments 

func (o *OktaService) DeleteAllOktaAssignments(ctx context.Context) error

DeleteAllOktaAssignments removes all Okta assignments.

func (*OktaService) DeleteAllOktaImportRules 

func (o *OktaService) DeleteAllOktaImportRules(ctx context.Context) error

DeleteAllOktaImportRules removes all Okta import rules.

func (*OktaService) DeleteOktaAssignment 

func (o *OktaService) DeleteOktaAssignment(ctx context.Context, name string) error

DeleteOktaAssignment removes the specified Okta assignment resource.

func (*OktaService) DeleteOktaImportRule 

func (o *OktaService) DeleteOktaImportRule(ctx context.Context, name string) error

DeleteOktaImportRule removes the specified Okta import rule resource.

func (*OktaService) GetOktaAssignment 

func (o *OktaService) GetOktaAssignment(ctx context.Context, name string) (types.OktaAssignment, error)

GetOktaAssignment returns the specified Okta assignment resources.

func (*OktaService) GetOktaImportRule 

func (o *OktaService) GetOktaImportRule(ctx context.Context, name string) (types.OktaImportRule, error)

GetOktaImportRule returns the specified Okta import rule resources.

func (*OktaService) ListOktaAssignments 

func (o *OktaService) ListOktaAssignments(ctx context.Context, pageSize int, nextToken string) ([]types.OktaAssignment, string, error)

ListOktaAssignments returns a paginated list of all Okta assignment resources.

func (*OktaService) ListOktaImportRules 

func (o *OktaService) ListOktaImportRules(ctx context.Context, pageSize int, nextToken string) ([]types.OktaImportRule, string, error)

ListOktaImportRules returns a paginated list of all Okta import rule resources.

func (*OktaService) UpdateOktaAssignment 

func (o *OktaService) UpdateOktaAssignment(ctx context.Context, assignment types.OktaAssignment) (types.OktaAssignment, error)

UpdateOktaAssignment updates an existing Okta assignment resource.

func (*OktaService) UpdateOktaAssignmentStatus 

func (o *OktaService) UpdateOktaAssignmentStatus(ctx context.Context, name, status string, timeHasPassed time.Duration) error

UpdateOktaAssignmentStatus will update the status for an Okta assignment if the given time has passed since the last transition.

func (*OktaService) UpdateOktaImportRule 

func (o *OktaService) UpdateOktaImportRule(ctx context.Context, importRule types.OktaImportRule) (types.OktaImportRule, error)

UpdateOktaImportRule updates an existing Okta import rule resource.

type PluginDataService 

type PluginDataService struct {
	backend.Backend
	// contains filtered or unexported fields
}

PluginDataService is the backend service for plugin data.

func NewPluginData 

func NewPluginData(backend backend.Backend, dynamicAccess services.DynamicAccessCore) *PluginDataService

NewPluginData creates a new plugin data service.

func (*PluginDataService) GetPluginData 

func (p *PluginDataService) GetPluginData(ctx context.Context, filter types.PluginDataFilter) ([]types.PluginData, error)

GetPluginData loads all plugin data matching the supplied filter.

func (*PluginDataService) UpdatePluginData 

func (p *PluginDataService) UpdatePluginData(ctx context.Context, params types.PluginDataUpdateParams) error

UpdatePluginData updates a per-resource PluginData entry.

type PluginStaticCredentialsService 

type PluginStaticCredentialsService struct {
	// contains filtered or unexported fields
}

PluginStaticCredentialsService manages plugin static credentials in the Backend.

func NewPluginStaticCredentialsService 

func NewPluginStaticCredentialsService(backend backend.Backend) (*PluginStaticCredentialsService, error)

NewPluginStaticCredentialsService creates a new PluginStaticCredentialsService.

func (*PluginStaticCredentialsService) CreatePluginStaticCredentials 

func (p *PluginStaticCredentialsService) CreatePluginStaticCredentials(ctx context.Context, pluginStaticCredentials types.PluginStaticCredentials) error

CreatePluginStaticCredentials will create a new plugin static credentials resource.

func (*PluginStaticCredentialsService) DeletePluginStaticCredentials 

func (p *PluginStaticCredentialsService) DeletePluginStaticCredentials(ctx context.Context, name string) error

DeletePluginStaticCredentials will delete a plugin static credentials resource.

func (*PluginStaticCredentialsService) GetPluginStaticCredentials 

func (p *PluginStaticCredentialsService) GetPluginStaticCredentials(ctx context.Context, name string) (types.PluginStaticCredentials, error)

GetPluginStaticCredentials will get a plugin static credentials resource by name.

func (*PluginStaticCredentialsService) GetPluginStaticCredentialsByLabels 

func (p *PluginStaticCredentialsService) GetPluginStaticCredentialsByLabels(ctx context.Context, labels map[string]string) ([]types.PluginStaticCredentials, error)

GetPluginStaticCredentialsByLabels will get a list of plugin static credentials resource by matching labels.

type PluginsService 

type PluginsService struct {
	// contains filtered or unexported fields
}

PluginsService manages plugin instances in the backend.

func NewPluginsService 

func NewPluginsService(backend backend.Backend) *PluginsService

NewPluginsService constructs a new PluginsService

func (*PluginsService) CreatePlugin 

func (s *PluginsService) CreatePlugin(ctx context.Context, plugin types.Plugin) error

CreatePlugin implements services.Plugins

func (*PluginsService) DeleteAllPlugins 

func (s *PluginsService) DeleteAllPlugins(ctx context.Context) error

DeleteAllPlugins implements service.Plugins

func (*PluginsService) DeletePlugin 

func (s *PluginsService) DeletePlugin(ctx context.Context, name string) error

DeletePlugin implements service.Plugins

func (*PluginsService) GetPlugin 

func (s *PluginsService) GetPlugin(ctx context.Context, name string, withSecrets bool) (types.Plugin, error)

GetPlugin implements services.Plugins

func (*PluginsService) GetPlugins 

func (s *PluginsService) GetPlugins(ctx context.Context, withSecrets bool) ([]types.Plugin, error)

GetPlugins implements services.Plugins

func (*PluginsService) HasPluginType 

func (s *PluginsService) HasPluginType(ctx context.Context, pluginType types.PluginType) (bool, error)

HasPluginType will return true if a plugin of the given type is registered.

func (*PluginsService) ListPlugins 

func (s *PluginsService) ListPlugins(ctx context.Context, limit int, startKey string, withSecrets bool) ([]types.Plugin, string, error)

ListPlugins returns a paginated list of plugin instances. StartKey is a resource name, which is the suffix of its key.

func (*PluginsService) SetPluginCredentials 

func (s *PluginsService) SetPluginCredentials(ctx context.Context, name string, creds types.PluginCredentials) error

SetPluginCredentials implements services.Plugins

func (*PluginsService) SetPluginStatus 

func (s *PluginsService) SetPluginStatus(ctx context.Context, name string, status types.PluginStatus) error

SetPluginStatus implements services.Plugins

type PresenceService 

type PresenceService struct {
	backend.Backend
	// contains filtered or unexported fields
}

PresenceService records and reports the presence of all components of the cluster - Nodes, Proxies and SSH nodes

func NewPresenceService 

func NewPresenceService(b backend.Backend) *PresenceService

NewPresenceService returns new presence service instance

func (*PresenceService) AcquireSemaphore 

func (s *PresenceService) AcquireSemaphore(ctx context.Context, req types.AcquireSemaphoreRequest) (*types.SemaphoreLease, error)

AcquireSemaphore attempts to acquire the specified semaphore. AcquireSemaphore will automatically handle retry on contention. If the semaphore has already reached MaxLeases, or there is too much contention, a LimitExceeded error is returned (contention in this context means concurrent attempts to update the *same* semaphore, separate semaphores can be modified concurrently without issue). Note that this function is the only semaphore method that handles retries internally. This is because this method both blocks user-facing operations, and contains multiple different potential contention points.

func (*PresenceService) CancelSemaphoreLease 

func (s *PresenceService) CancelSemaphoreLease(ctx context.Context, lease types.SemaphoreLease) error

CancelSemaphoreLease cancels semaphore lease early.

func (*PresenceService) CreateRemoteCluster 

func (s *PresenceService) CreateRemoteCluster(rc types.RemoteCluster) error

CreateRemoteCluster creates remote cluster

func (*PresenceService) DeleteAllApplicationServers 

func (s *PresenceService) DeleteAllApplicationServers(ctx context.Context, namespace string) error

DeleteAllApplicationServers removes all registered application servers.

func (*PresenceService) DeleteAllAuthServers 

func (s *PresenceService) DeleteAllAuthServers() error

DeleteAllAuthServers deletes all auth servers

func (*PresenceService) DeleteAllDatabaseServers 

func (s *PresenceService) DeleteAllDatabaseServers(ctx context.Context, namespace string) error

DeleteAllDatabaseServers removes all registered database proxy servers.

func (*PresenceService) DeleteAllKubernetesServers 

func (s *PresenceService) DeleteAllKubernetesServers(ctx context.Context) error

DeleteAllKubernetesServers removes all registered kubernetes servers.

func (*PresenceService) DeleteAllNamespaces 

func (s *PresenceService) DeleteAllNamespaces() error

DeleteAllNamespaces deletes all namespaces

func (*PresenceService) DeleteAllNodes 

func (s *PresenceService) DeleteAllNodes(ctx context.Context, namespace string) error

DeleteAllNodes deletes all nodes in a namespace

func (*PresenceService) DeleteAllProxies 

func (s *PresenceService) DeleteAllProxies() error

DeleteAllProxies deletes all proxies

func (*PresenceService) DeleteAllRemoteClusters 

func (s *PresenceService) DeleteAllRemoteClusters() error

DeleteAllRemoteClusters deletes all remote clusters

func (*PresenceService) DeleteAllReverseTunnels 

func (s *PresenceService) DeleteAllReverseTunnels() error

DeleteAllReverseTunnels deletes all reverse tunnels

func (*PresenceService) DeleteAllServerInfos 

func (s *PresenceService) DeleteAllServerInfos(ctx context.Context) error

DeleteAllServerInfos deletes all ServerInfos.

func (*PresenceService) DeleteAllTunnelConnections 

func (s *PresenceService) DeleteAllTunnelConnections() error

DeleteAllTunnelConnections deletes all tunnel connections

func (*PresenceService) DeleteAllWindowsDesktopServices 

func (s *PresenceService) DeleteAllWindowsDesktopServices(ctx context.Context) error

DeleteAllWindowsDesktopServices removes all registered Windows desktop services.

func (*PresenceService) DeleteApplicationServer 

func (s *PresenceService) DeleteApplicationServer(ctx context.Context, namespace, hostID, name string) error

DeleteApplicationServer removes specified application server.

func (*PresenceService) DeleteAuthServer 

func (s *PresenceService) DeleteAuthServer(name string) error

DeleteAuthServer deletes auth server by name

func (*PresenceService) DeleteDatabaseServer 

func (s *PresenceService) DeleteDatabaseServer(ctx context.Context, namespace, hostID, name string) error

DeleteDatabaseServer removes the specified database proxy server.

func (*PresenceService) DeleteKubernetesServer 

func (s *PresenceService) DeleteKubernetesServer(ctx context.Context, hostID, name string) error

DeleteKubernetesServer removes specified kubernetes server.

func (*PresenceService) DeleteNamespace 

func (s *PresenceService) DeleteNamespace(namespace string) error

DeleteNamespace deletes a namespace with all the keys from the backend

func (*PresenceService) DeleteNode 

func (s *PresenceService) DeleteNode(ctx context.Context, namespace string, name string) error

DeleteNode deletes node

func (*PresenceService) DeleteProxy 

func (s *PresenceService) DeleteProxy(ctx context.Context, name string) error

DeleteProxy deletes proxy

func (*PresenceService) DeleteRemoteCluster 

func (s *PresenceService) DeleteRemoteCluster(ctx context.Context, clusterName string) error

DeleteRemoteCluster deletes remote cluster by name

func (*PresenceService) DeleteReverseTunnel 

func (s *PresenceService) DeleteReverseTunnel(clusterName string) error

DeleteReverseTunnel deletes reverse tunnel by it's cluster name

func (*PresenceService) DeleteSemaphore 

func (s *PresenceService) DeleteSemaphore(ctx context.Context, filter types.SemaphoreFilter) error

DeleteSemaphore deletes a semaphore matching the supplied filter

func (*PresenceService) DeleteServerInfo 

func (s *PresenceService) DeleteServerInfo(ctx context.Context, name string) error

DeleteServerInfo deletes a ServerInfo by name.

func (*PresenceService) DeleteTrustedCluster 

func (s *PresenceService) DeleteTrustedCluster(ctx context.Context, name string) error

DeleteTrustedCluster removes a TrustedCluster from the backend by name.

func (*PresenceService) DeleteTunnelConnection 

func (s *PresenceService) DeleteTunnelConnection(clusterName, connectionName string) error

DeleteTunnelConnection deletes tunnel connection by name

func (*PresenceService) DeleteTunnelConnections 

func (s *PresenceService) DeleteTunnelConnections(clusterName string) error

DeleteTunnelConnections deletes all tunnel connections for cluster

func (*PresenceService) DeleteWindowsDesktopService 

func (s *PresenceService) DeleteWindowsDesktopService(ctx context.Context, name string) error

DeleteWindowsDesktopService removes the specified Windows desktop service.

func (*PresenceService) GetAllTunnelConnections 

func (s *PresenceService) GetAllTunnelConnections(opts ...services.MarshalOption) ([]types.TunnelConnection, error)

GetAllTunnelConnections returns all tunnel connections

func (*PresenceService) GetApplicationServers 

func (s *PresenceService) GetApplicationServers(ctx context.Context, namespace string) ([]types.AppServer, error)

GetApplicationServers returns all registered application servers.

func (*PresenceService) GetAuthServers 

func (s *PresenceService) GetAuthServers() ([]types.Server, error)

GetAuthServers returns a list of registered servers

func (*PresenceService) GetDatabaseServers 

func (s *PresenceService) GetDatabaseServers(ctx context.Context, namespace string, opts ...services.MarshalOption) ([]types.DatabaseServer, error)

GetDatabaseServers returns all registered database proxy servers.

func (*PresenceService) GetHostUserInteractionTime 

func (s *PresenceService) GetHostUserInteractionTime(ctx context.Context, name string) (time.Time, error)

GetHostUserInteractionTime retrieves a unix user's interaction time

func (*PresenceService) GetInstances 

func (s *PresenceService) GetInstances(ctx context.Context, req types.InstanceFilter) stream.Stream[types.Instance]

GetInstances iterates all teleport instances.

func (*PresenceService) GetKubernetesServers 

func (s *PresenceService) GetKubernetesServers(ctx context.Context) ([]types.KubeServer, error)

GetKubernetesServers returns all registered kubernetes servers.

func (*PresenceService) GetNamespace 

func (s *PresenceService) GetNamespace(name string) (*types.Namespace, error)

GetNamespace returns a namespace by name

func (*PresenceService) GetNamespaces 

func (s *PresenceService) GetNamespaces() ([]types.Namespace, error)

GetNamespaces returns a list of namespaces

func (*PresenceService) GetNode 

func (s *PresenceService) GetNode(ctx context.Context, namespace, name string) (types.Server, error)

GetNode returns a node by name and namespace.

func (*PresenceService) GetNodes 

func (s *PresenceService) GetNodes(ctx context.Context, namespace string) ([]types.Server, error)

GetNodes returns a list of registered servers

func (*PresenceService) GetProxies 

func (s *PresenceService) GetProxies() ([]types.Server, error)

GetProxies returns a list of registered proxies

func (*PresenceService) GetRemoteCluster 

func (s *PresenceService) GetRemoteCluster(clusterName string) (types.RemoteCluster, error)

GetRemoteCluster returns a remote cluster by name

func (*PresenceService) GetRemoteClusters 

func (s *PresenceService) GetRemoteClusters(opts ...services.MarshalOption) ([]types.RemoteCluster, error)

GetRemoteClusters returns a list of remote clusters

func (*PresenceService) GetReverseTunnel 

func (s *PresenceService) GetReverseTunnel(name string, opts ...services.MarshalOption) (types.ReverseTunnel, error)

GetReverseTunnel returns reverse tunnel by name

func (*PresenceService) GetReverseTunnels 

func (s *PresenceService) GetReverseTunnels(ctx context.Context, opts ...services.MarshalOption) ([]types.ReverseTunnel, error)

GetReverseTunnels returns a list of registered servers

func (*PresenceService) GetSemaphores 

func (s *PresenceService) GetSemaphores(ctx context.Context, filter types.SemaphoreFilter) ([]types.Semaphore, error)

GetSemaphores returns all semaphores matching the supplied filter.

func (*PresenceService) GetServerInfo 

func (s *PresenceService) GetServerInfo(ctx context.Context, name string) (types.ServerInfo, error)

GetServerInfo returns a ServerInfo by name.

func (*PresenceService) GetServerInfos 

func (s *PresenceService) GetServerInfos(ctx context.Context) stream.Stream[types.ServerInfo]

GetServerInfos returns a stream of ServerInfos.

func (*PresenceService) GetTrustedCluster 

func (s *PresenceService) GetTrustedCluster(ctx context.Context, name string) (types.TrustedCluster, error)

GetTrustedCluster returns a single TrustedCluster by name.

func (*PresenceService) GetTrustedClusters 

func (s *PresenceService) GetTrustedClusters(ctx context.Context) ([]types.TrustedCluster, error)

GetTrustedClusters returns all TrustedClusters in the backend.

func (*PresenceService) GetTunnelConnection 

func (s *PresenceService) GetTunnelConnection(clusterName, connectionName string, opts ...services.MarshalOption) (types.TunnelConnection, error)

GetTunnelConnection returns connection by cluster name and connection name

func (*PresenceService) GetTunnelConnections 

func (s *PresenceService) GetTunnelConnections(clusterName string, opts ...services.MarshalOption) ([]types.TunnelConnection, error)

GetTunnelConnections returns connections for a trusted cluster

func (*PresenceService) GetUserGroups 

func (s *PresenceService) GetUserGroups(ctx context.Context, opts ...services.MarshalOption) ([]types.UserGroup, error)

GetUserGroups returns all registered user groups.

func (*PresenceService) GetWindowsDesktopService 

func (s *PresenceService) GetWindowsDesktopService(ctx context.Context, name string) (types.WindowsDesktopService, error)

func (*PresenceService) GetWindowsDesktopServices 

func (s *PresenceService) GetWindowsDesktopServices(ctx context.Context) ([]types.WindowsDesktopService, error)

GetWindowsDesktopServices returns all registered Windows desktop services.

func (*PresenceService) KeepAliveSemaphoreLease 

func (s *PresenceService) KeepAliveSemaphoreLease(ctx context.Context, lease types.SemaphoreLease) error

KeepAliveSemaphoreLease updates semaphore lease, if the lease expiry is updated, semaphore is renewed

func (*PresenceService) KeepAliveServer 

func (s *PresenceService) KeepAliveServer(ctx context.Context, h types.KeepAlive) error

KeepAliveServer updates expiry time of a server resource.

func (*PresenceService) ListResources 

func (s *PresenceService) ListResources(ctx context.Context, req proto.ListResourcesRequest) (*types.ListResourcesResponse, error)

ListResources returns a paginated list of resources. It implements various filtering for scenarios where the call comes directly here (without passing through the RBAC).

func (*PresenceService) UpdateRemoteCluster 

func (s *PresenceService) UpdateRemoteCluster(ctx context.Context, rc types.RemoteCluster) error

UpdateRemoteCluster updates selected remote cluster fields: expiry and labels other changed fields will be ignored by the method

func (*PresenceService) UpsertApplicationServer 

func (s *PresenceService) UpsertApplicationServer(ctx context.Context, server types.AppServer) (*types.KeepAlive, error)

UpsertApplicationServer registers an application server.

func (*PresenceService) UpsertAuthServer 

func (s *PresenceService) UpsertAuthServer(ctx context.Context, server types.Server) error

UpsertAuthServer registers auth server presence, permanently if ttl is 0 or for the specified duration with second resolution if it's >= 1 second

func (*PresenceService) UpsertDatabaseServer 

func (s *PresenceService) UpsertDatabaseServer(ctx context.Context, server types.DatabaseServer) (*types.KeepAlive, error)

UpsertDatabaseServer registers new database proxy server.

func (*PresenceService) UpsertHostUserInteractionTime 

func (s *PresenceService) UpsertHostUserInteractionTime(ctx context.Context, name string, loginTime time.Time) error

UpsertHostUserInteractionTime upserts a unix user's interaction time

func (*PresenceService) UpsertInstance 

func (s *PresenceService) UpsertInstance(ctx context.Context, instance types.Instance) error

UpsertInstance creates or updates an instance resource.

func (*PresenceService) UpsertKubernetesServer 

func (s *PresenceService) UpsertKubernetesServer(ctx context.Context, server types.KubeServer) (*types.KeepAlive, error)

UpsertKubernetesServer registers an kubernetes server.

func (*PresenceService) UpsertNamespace 

func (s *PresenceService) UpsertNamespace(n types.Namespace) error

UpsertNamespace upserts namespace

func (*PresenceService) UpsertNode 

func (s *PresenceService) UpsertNode(ctx context.Context, server types.Server) (*types.KeepAlive, error)

UpsertNode registers node presence, permanently if TTL is 0 or for the specified duration with second resolution if it's >= 1 second.

func (*PresenceService) UpsertProxy 

func (s *PresenceService) UpsertProxy(ctx context.Context, server types.Server) error

UpsertProxy registers proxy server presence, permanently if ttl is 0 or for the specified duration with second resolution if it's >= 1 second

func (*PresenceService) UpsertReverseTunnel 

func (s *PresenceService) UpsertReverseTunnel(tunnel types.ReverseTunnel) error

UpsertReverseTunnel upserts reverse tunnel entry temporarily or permanently

func (*PresenceService) UpsertServerInfo 

func (s *PresenceService) UpsertServerInfo(ctx context.Context, si types.ServerInfo) error

UpsertServerInfo upserts a ServerInfo.

func (*PresenceService) UpsertTrustedCluster 

func (s *PresenceService) UpsertTrustedCluster(ctx context.Context, trustedCluster types.TrustedCluster) (types.TrustedCluster, error)

UpsertTrustedCluster creates or updates a TrustedCluster in the backend.

func (*PresenceService) UpsertTunnelConnection 

func (s *PresenceService) UpsertTunnelConnection(conn types.TunnelConnection) error

UpsertTunnelConnection updates or creates tunnel connection

func (*PresenceService) UpsertWindowsDesktopService 

func (s *PresenceService) UpsertWindowsDesktopService(ctx context.Context, srv types.WindowsDesktopService) (*types.KeepAlive, error)

UpsertWindowsDesktopService registers new Windows desktop service.

type ProvisioningService 

type ProvisioningService struct {
	backend.Backend
}

ProvisioningService governs adding new nodes to the cluster

func NewProvisioningService 

func NewProvisioningService(backend backend.Backend) *ProvisioningService

NewProvisioningService returns a new instance of provisioning service

func (*ProvisioningService) CreateToken 

func (s *ProvisioningService) CreateToken(ctx context.Context, p types.ProvisionToken) error

CreateToken creates a new token for the auth server

func (*ProvisioningService) DeleteAllTokens 

func (s *ProvisioningService) DeleteAllTokens() error

DeleteAllTokens deletes all provisioning tokens

func (*ProvisioningService) DeleteToken 

func (s *ProvisioningService) DeleteToken(ctx context.Context, token string) error

DeleteToken deletes a token by ID

func (*ProvisioningService) GetToken 

func (s *ProvisioningService) GetToken(ctx context.Context, token string) (types.ProvisionToken, error)

GetToken finds and returns token by ID

func (*ProvisioningService) GetTokens 

func (s *ProvisioningService) GetTokens(ctx context.Context) ([]types.ProvisionToken, error)

GetTokens returns all active (non-expired) provisioning tokens

func (*ProvisioningService) UpsertToken 

func (s *ProvisioningService) UpsertToken(ctx context.Context, p types.ProvisionToken) error

UpsertToken adds provisioning tokens for the auth server

type RestrictionsService 

type RestrictionsService struct {
	backend.Backend
}

RestrictionsService manages restrictions to be enforced by restricted shell

func NewRestrictionsService 

func NewRestrictionsService(backend backend.Backend) *RestrictionsService

NewRestrictionsService creates a new RestrictionsService

func (*RestrictionsService) DeleteNetworkRestrictions 

func (s *RestrictionsService) DeleteNetworkRestrictions(ctx context.Context) error

SetNetworkRestrictions upserts NetworkRestrictions

func (*RestrictionsService) GetNetworkRestrictions 

func (s *RestrictionsService) GetNetworkRestrictions(ctx context.Context) (types.NetworkRestrictions, error)

func (*RestrictionsService) SetNetworkRestrictions 

func (s *RestrictionsService) SetNetworkRestrictions(ctx context.Context, nr types.NetworkRestrictions) error

SetNetworkRestrictions upserts NetworkRestrictions

type SAMLIdPOption 

type SAMLIdPOption func(*SAMLIdPServiceProviderService)

SAMLIdPOption adds optional arguments to NewSAMLIdPServiceProviderService.

func WithHTTPClient 

func WithHTTPClient(httpClient *http.Client) SAMLIdPOption

WithHTTPClient configures SAMLIdPServiceProviderService with given http client.

type SAMLIdPServiceProviderService 

type SAMLIdPServiceProviderService struct {
	// contains filtered or unexported fields
}

SAMLIdPServiceProviderService manages IdP service providers in the Backend.

func NewSAMLIdPServiceProviderService 

func NewSAMLIdPServiceProviderService(backend backend.Backend, opts ...SAMLIdPOption) (*SAMLIdPServiceProviderService, error)

NewSAMLIdPServiceProviderService creates a new SAMLIdPServiceProviderService.

func (*SAMLIdPServiceProviderService) CreateSAMLIdPServiceProvider 

func (s *SAMLIdPServiceProviderService) CreateSAMLIdPServiceProvider(ctx context.Context, sp types.SAMLIdPServiceProvider) error

CreateSAMLIdPServiceProvider creates a new SAML IdP service provider resource.

func (*SAMLIdPServiceProviderService) DeleteAllSAMLIdPServiceProviders 

func (s *SAMLIdPServiceProviderService) DeleteAllSAMLIdPServiceProviders(ctx context.Context) error

DeleteAllSAMLIdPServiceProviders removes all SAML IdP service provider resources.

func (*SAMLIdPServiceProviderService) DeleteSAMLIdPServiceProvider 

func (s *SAMLIdPServiceProviderService) DeleteSAMLIdPServiceProvider(ctx context.Context, name string) error

DeleteSAMLIdPServiceProvider removes the specified SAML IdP service provider resource.

func (*SAMLIdPServiceProviderService) GetSAMLIdPServiceProvider 

func (s *SAMLIdPServiceProviderService) GetSAMLIdPServiceProvider(ctx context.Context, name string) (types.SAMLIdPServiceProvider, error)

GetSAMLIdPServiceProvider returns the specified SAML IdP service provider resource.

func (*SAMLIdPServiceProviderService) ListSAMLIdPServiceProviders 

func (s *SAMLIdPServiceProviderService) ListSAMLIdPServiceProviders(ctx context.Context, pageSize int, pageToken string) ([]types.SAMLIdPServiceProvider, string, error)

ListSAMLIdPServiceProviders returns a paginated list of SAML IdP service provider resources.

func (*SAMLIdPServiceProviderService) UpdateSAMLIdPServiceProvider 

func (s *SAMLIdPServiceProviderService) UpdateSAMLIdPServiceProvider(ctx context.Context, sp types.SAMLIdPServiceProvider) error

UpdateSAMLIdPServiceProvider updates an existing SAML IdP service provider resource.

type SecReportsService 

type SecReportsService struct {
	// contains filtered or unexported fields
}

SecReportsService is the local implementation of the SecReports service.

func NewSecReportsService 

func NewSecReportsService(backend backend.Backend, clock clockwork.Clock) (*SecReportsService, error)

NewSecReportsService returns a new instance of the SecReports service.

func (*SecReportsService) DeleteAllSecurityAuditQueries 

func (s *SecReportsService) DeleteAllSecurityAuditQueries(ctx context.Context) error

DeleteAllSecurityAuditQueries deletes all audit queries.

func (*SecReportsService) DeleteAllSecurityReports 

func (s *SecReportsService) DeleteAllSecurityReports(ctx context.Context) error

DeleteAllSecurityReports deletes all security reports.

func (*SecReportsService) DeleteAllSecurityReportsStates 

func (s *SecReportsService) DeleteAllSecurityReportsStates(ctx context.Context) error

DeleteAllSecurityReportsStates deletes all security report states.

func (*SecReportsService) DeleteSecurityAuditQuery 

func (s *SecReportsService) DeleteSecurityAuditQuery(ctx context.Context, name string) error

DeleteSecurityAuditQuery deletes audit query by name.

func (*SecReportsService) DeleteSecurityReport 

func (s *SecReportsService) DeleteSecurityReport(ctx context.Context, name string) error

DeleteSecurityReport deletes security report by name.

func (*SecReportsService) DeleteSecurityReportsState 

func (s *SecReportsService) DeleteSecurityReportsState(ctx context.Context, name string) error

DeleteSecurityReportsState deletes security report state by name.

func (*SecReportsService) GetCostLimiter 

func (s *SecReportsService) GetCostLimiter(ctx context.Context, name string) (*secreports.CostLimiter, error)

GetCostLimiter returns cost limiter by name.

func (*SecReportsService) GetSecurityAuditQueries 

func (s *SecReportsService) GetSecurityAuditQueries(ctx context.Context) ([]*secreports.AuditQuery, error)

GetSecurityAuditQueries returns audit queries.

func (*SecReportsService) GetSecurityAuditQuery 

func (s *SecReportsService) GetSecurityAuditQuery(ctx context.Context, name string) (*secreports.AuditQuery, error)

GetSecurityAuditQuery returns audit query by name.

func (*SecReportsService) GetSecurityReport 

func (s *SecReportsService) GetSecurityReport(ctx context.Context, name string) (*secreports.Report, error)

GetSecurityReport returns security report by name.

func (*SecReportsService) GetSecurityReportState 

func (s *SecReportsService) GetSecurityReportState(ctx context.Context, name string) (*secreports.ReportState, error)

GetSecurityReportState returns security report state by name.

func (*SecReportsService) GetSecurityReports 

func (s *SecReportsService) GetSecurityReports(ctx context.Context) ([]*secreports.Report, error)

GetSecurityReports returns security reports.

func (*SecReportsService) GetSecurityReportsStates 

func (s *SecReportsService) GetSecurityReportsStates(ctx context.Context) ([]*secreports.ReportState, error)

GetSecurityReportsStates returns security report states.

func (*SecReportsService) ListSecurityAuditQueries 

func (s *SecReportsService) ListSecurityAuditQueries(ctx context.Context, pageSize int, nextToken string) ([]*secreports.AuditQuery, string, error)

ListSecurityAuditQueries returns a list of audit queries.

func (*SecReportsService) ListSecurityReports 

func (s *SecReportsService) ListSecurityReports(ctx context.Context, i int, token string) ([]*secreports.Report, string, error)

ListSecurityReports returns a list of security reports.

func (*SecReportsService) ListSecurityReportsStates 

func (s *SecReportsService) ListSecurityReportsStates(ctx context.Context, pageSize int, nextToken string) ([]*secreports.ReportState, string, error)

func (*SecReportsService) UpsertCostLimiter 

func (s *SecReportsService) UpsertCostLimiter(ctx context.Context, item *secreports.CostLimiter) error

UpsertCostLimiter upserts cost limiter.

func (*SecReportsService) UpsertSecurityAuditQuery 

func (s *SecReportsService) UpsertSecurityAuditQuery(ctx context.Context, in *secreports.AuditQuery) error

UpsertSecurityAuditQuery upserts audit query.

func (*SecReportsService) UpsertSecurityReport 

func (s *SecReportsService) UpsertSecurityReport(ctx context.Context, item *secreports.Report) error

UpsertSecurityReport upserts security report.

func (*SecReportsService) UpsertSecurityReportsState 

func (s *SecReportsService) UpsertSecurityReportsState(ctx context.Context, item *secreports.ReportState) error

UpsertSecurityReportsState upserts security report state.

type StatusService 

type StatusService struct {
	backend.Backend
	// contains filtered or unexported fields
}

StatusService manages cluster status info.

func NewStatusService 

func NewStatusService(bk backend.Backend) *StatusService

func (*StatusService) ClearAlertAcks 

func (s *StatusService) ClearAlertAcks(ctx context.Context, req proto.ClearAlertAcksRequest) error

ClearAlertAcks clears alert acknowledgments.

func (*StatusService) CreateAlertAck 

func (s *StatusService) CreateAlertAck(ctx context.Context, ack types.AlertAcknowledgement) error

CreateAlertAck marks a cluster alert as acknowledged.

func (*StatusService) DeleteClusterAlert 

func (s *StatusService) DeleteClusterAlert(ctx context.Context, alertID string) error

func (*StatusService) GetAlertAcks 

func (s *StatusService) GetAlertAcks(ctx context.Context) ([]types.AlertAcknowledgement, error)

GetAlertAcks gets active alert ackowledgements.

func (*StatusService) GetClusterAlerts 

func (s *StatusService) GetClusterAlerts(ctx context.Context, query types.GetClusterAlertsRequest) ([]types.ClusterAlert, error)

func (*StatusService) UpsertClusterAlert 

func (s *StatusService) UpsertClusterAlert(ctx context.Context, alert types.ClusterAlert) error

type UnstableService 

type UnstableService struct {
	backend.Backend
	*AssertionReplayService
}

UnstableService is a catch-all for unstable backend operations related to migrations/compatibility that don't fit into, or merit the change of, one of the primary service interfaces.

func NewUnstableService 

func NewUnstableService(backend backend.Backend, assertion *AssertionReplayService) UnstableService

NewUnstableService returns new unstable service instance.

type UserGroupService 

type UserGroupService struct {
	// contains filtered or unexported fields
}

UserGroupService manages user groups in the Backend.

func NewUserGroupService 

func NewUserGroupService(backend backend.Backend) (*UserGroupService, error)

NewUserGroupService creates a new UserGroupService.

func (*UserGroupService) CreateUserGroup 

func (s *UserGroupService) CreateUserGroup(ctx context.Context, group types.UserGroup) error

CreateUserGroup creates a new user group resource.

func (*UserGroupService) DeleteAllUserGroups 

func (s *UserGroupService) DeleteAllUserGroups(ctx context.Context) error

DeleteAllUserGroups removes all user group resources.

func (*UserGroupService) DeleteUserGroup 

func (s *UserGroupService) DeleteUserGroup(ctx context.Context, name string) error

DeleteUserGroup removes the specified user group resource.

func (*UserGroupService) GetUserGroup 

func (s *UserGroupService) GetUserGroup(ctx context.Context, name string) (types.UserGroup, error)

GetUserGroup returns the specified user group resource.

func (*UserGroupService) ListUserGroups 

func (s *UserGroupService) ListUserGroups(ctx context.Context, pageSize int, pageToken string) ([]types.UserGroup, string, error)

ListUserGroups returns a paginated list of user group resources.

func (*UserGroupService) UpdateUserGroup 

func (s *UserGroupService) UpdateUserGroup(ctx context.Context, group types.UserGroup) error

UpdateUserGroup updates an existing user group resource.

type UserLoginStateService 

type UserLoginStateService struct {
	// contains filtered or unexported fields
}

UserLoginStateService manages user login state resources in the Backend.

func NewUserLoginStateService 

func NewUserLoginStateService(backend backend.Backend) (*UserLoginStateService, error)

NewUserLoginStateService creates a new UserLoginStateService.

func (*UserLoginStateService) DeleteAllUserLoginStates 

func (u *UserLoginStateService) DeleteAllUserLoginStates(ctx context.Context) error

DeleteAllUserLoginStates removes all user login state resources.

func (*UserLoginStateService) DeleteUserLoginState 

func (u *UserLoginStateService) DeleteUserLoginState(ctx context.Context, name string) error

DeleteUserLoginState removes the specified user login state resource.

func (*UserLoginStateService) GetUserLoginState 

func (u *UserLoginStateService) GetUserLoginState(ctx context.Context, name string) (*userloginstate.UserLoginState, error)

GetUserLoginState returns the specified user login state resource.

func (*UserLoginStateService) GetUserLoginStates 

func (u *UserLoginStateService) GetUserLoginStates(ctx context.Context) ([]*userloginstate.UserLoginState, error)

GetUserLoginStates returns the all user login state resources.

func (*UserLoginStateService) UpsertUserLoginState 

func (u *UserLoginStateService) UpsertUserLoginState(ctx context.Context, userLoginState *userloginstate.UserLoginState) (*userloginstate.UserLoginState, error)

UpsertUserLoginState creates or updates a user login state resource.

type UserPreferencesService 

type UserPreferencesService struct {
	backend.Backend
}

UserPreferencesService is responsible for managing a user's preferences.

func NewUserPreferencesService 

func NewUserPreferencesService(backend backend.Backend) *UserPreferencesService

NewUserPreferencesService returns a new instance of the UserPreferencesService.

func (*UserPreferencesService) GetUserPreferences 

func (u *UserPreferencesService) GetUserPreferences(ctx context.Context, username string) (*userpreferencesv1.UserPreferences, error)

GetUserPreferences returns the user preferences for the given user.

func (*UserPreferencesService) UpsertUserPreferences 

func (u *UserPreferencesService) UpsertUserPreferences(ctx context.Context, username string, prefs *userpreferencesv1.UserPreferences) error

UpsertUserPreferences creates or updates user preferences for a given username.

type WindowsDesktopService 

type WindowsDesktopService struct {
	backend.Backend
}

WindowsDesktopService manages windows desktop resources in the backend.

func NewWindowsDesktopService 

func NewWindowsDesktopService(backend backend.Backend) *WindowsDesktopService

NewWindowsDesktopService creates a new WindowsDesktopsService.

func (*WindowsDesktopService) CreateWindowsDesktop 

func (s *WindowsDesktopService) CreateWindowsDesktop(ctx context.Context, desktop types.WindowsDesktop) error

CreateWindowsDesktop creates a windows desktop resource.

func (*WindowsDesktopService) DeleteAllWindowsDesktops 

func (s *WindowsDesktopService) DeleteAllWindowsDesktops(ctx context.Context) error

DeleteAllWindowsDesktops removes all windows desktop resources.

func (*WindowsDesktopService) DeleteWindowsDesktop 

func (s *WindowsDesktopService) DeleteWindowsDesktop(ctx context.Context, hostID, name string) error

DeleteWindowsDesktop removes the specified windows desktop resource.

func (*WindowsDesktopService) GetWindowsDesktops 

func (s *WindowsDesktopService) GetWindowsDesktops(ctx context.Context, filter types.WindowsDesktopFilter) ([]types.WindowsDesktop, error)

GetWindowsDesktops returns all Windows desktops matching filter.

func (*WindowsDesktopService) ListWindowsDesktopServices 

func (s *WindowsDesktopService) ListWindowsDesktopServices(ctx context.Context, req types.ListWindowsDesktopServicesRequest) (*types.ListWindowsDesktopServicesResponse, error)

func (*WindowsDesktopService) ListWindowsDesktops 

func (s *WindowsDesktopService) ListWindowsDesktops(ctx context.Context, req types.ListWindowsDesktopsRequest) (*types.ListWindowsDesktopsResponse, error)

ListWindowsDesktops returns all Windows desktops matching filter.

func (*WindowsDesktopService) UpdateWindowsDesktop 

func (s *WindowsDesktopService) UpdateWindowsDesktop(ctx context.Context, desktop types.WindowsDesktop) error

UpdateWindowsDesktop updates a windows desktop resource.

func (*WindowsDesktopService) UpsertWindowsDesktop 

func (s *WindowsDesktopService) UpsertWindowsDesktop(ctx context.Context, desktop types.WindowsDesktop) error

UpsertWindowsDesktop updates a windows desktop resource, creating it if it doesn't exist.

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.