Documentation ¶
Index ¶
- func AppendGCPClientCert(ctx context.Context, sessionCtx *common.Session, gcpClient gcp.SQLAdminClient, ...) error
- func GetGCPRequireSSL(ctx context.Context, sessionCtx *common.Session, gcpClient gcp.SQLAdminClient) (requireSSL bool, err error)
- type DiscoveryResourceChecker
- type DiscoveryResourceCheckerConfig
- type IAM
- type IAMConfig
- type Metadata
- type MetadataConfig
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func AppendGCPClientCert ¶
func AppendGCPClientCert(ctx context.Context, sessionCtx *common.Session, gcpClient gcp.SQLAdminClient, tlsConfig *tls.Config) error
AppendGCPClientCert calls the GCP API to generate an ephemeral certificate and adds it to the TLS config. An access denied error is returned when the generate call fails.
func GetGCPRequireSSL ¶
func GetGCPRequireSSL(ctx context.Context, sessionCtx *common.Session, gcpClient gcp.SQLAdminClient) (requireSSL bool, err error)
GetGCPRequireSSL requests settings for the project/instance in session from GCP and returns true when the instance requires SSL. An access denied error is returned when an unauthorized error is returned from GCP.
Types ¶
type DiscoveryResourceChecker ¶
type DiscoveryResourceChecker interface { // Check performs required checks on provided database resource before it // gets registered. Check(ctx context.Context, database types.Database) error }
DiscoveryResourceChecker defines an interface for checking database resources created by the discovery service.
func NewDiscoveryResourceChecker ¶
func NewDiscoveryResourceChecker(cfg DiscoveryResourceCheckerConfig) (DiscoveryResourceChecker, error)
NewDiscoveryResourceChecker creates a new DiscoveryResourceChecker.
type DiscoveryResourceCheckerConfig ¶
type DiscoveryResourceCheckerConfig struct { // ResourceMatchers is a list of database resource matchers. ResourceMatchers []services.ResourceMatcher // Clients is an interface for retrieving cloud clients. Clients cloud.Clients // Context is the database server close context. Context context.Context // Log is used for logging. Log logrus.FieldLogger }
DiscoveryResourceCheckerConfig is the config for DiscoveryResourceChecker.
func (*DiscoveryResourceCheckerConfig) CheckAndSetDefaults ¶
func (c *DiscoveryResourceCheckerConfig) CheckAndSetDefaults() error
CheckAndSetDefaults validates the config and sets default values.
type IAM ¶
type IAM struct {
// contains filtered or unexported fields
}
IAM is a service that manages IAM policies for cloud databases.
A semaphore lock has to be acquired by the this service before making changes to the IAM inline policy as database agents may share the same the same policy. These tasks are processed in a background goroutine to avoid blocking callers when acquiring the locks with retries.
type IAMConfig ¶
type IAMConfig struct { // Clock is used to control time. Clock clockwork.Clock // AccessPoint is a caching client connected to the Auth Server. AccessPoint auth.DatabaseAccessPoint // Clients is an interface for retrieving cloud clients. Clients cloud.Clients // HostID is the host identified where this agent is running. // DELETE IN 11.0. HostID string // contains filtered or unexported fields }
IAMConfig is the IAM configurator config.
type Metadata ¶
type Metadata struct {
// contains filtered or unexported fields
}
Metadata is a service that fetches cloud databases metadata.
func NewMetadata ¶
func NewMetadata(config MetadataConfig) (*Metadata, error)
NewMetadata returns a new cloud metadata service.
type MetadataConfig ¶
type MetadataConfig struct { // Clients is an interface for retrieving cloud clients. Clients cloud.Clients }
MetadataConfig is the cloud metadata service config.
func (*MetadataConfig) Check ¶
func (c *MetadataConfig) Check() error
Check validates the metadata service config.