iambuilder

package
v1.15.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: May 3, 2020 License: MIT Imports: 3 Imported by: 4

Documentation

Overview

Package iambuilder exposes a fluent IAM privilege builder

Index

Examples

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type IAMBuilder added in v1.8.0

type IAMBuilder struct {
	// contains filtered or unexported fields
}

IAMBuilder is the intermediate type that creates the Resource to which the privilege applies

func Allow

func Allow(apiCalls ...string) *IAMBuilder

Allow creates a IAMPrivilegeBuilder instance Allowing the supplied API calls

func Deny added in v1.8.0

func Deny(apiCalls ...string) *IAMBuilder

Deny creates a IAMPrivilegeBuilder instance Denying the supplied API calls

func (*IAMBuilder) ForFederatedPrincipals added in v1.9.0

func (iamRes *IAMBuilder) ForFederatedPrincipals(principals ...string) *IAMPrincipalBuilder

ForFederatedPrincipals returns the IAMPrincipalBuilder instance which can be finalized into an IAMRolePrivilege

func (*IAMBuilder) ForPrincipals added in v1.8.0

func (iamRes *IAMBuilder) ForPrincipals(principals ...string) *IAMPrincipalBuilder

ForPrincipals returns the IAMPrincipalBuilder instance which can be finalized into an IAMRolePrivilege

func (*IAMBuilder) ForResource added in v1.8.0

func (iamRes *IAMBuilder) ForResource() *IAMResourceBuilder

ForResource returns the IAMPrivilegeBuilder instance which can be finalized into an IAMRolePrivilege

func (*IAMBuilder) WithCondition added in v1.9.0

func (iamRes *IAMBuilder) WithCondition(conditionExpression interface{}) *IAMBuilder

WithCondition applies the given condition to the policy

type IAMPrincipalBuilder added in v1.8.0

type IAMPrincipalBuilder struct {
	// contains filtered or unexported fields
}

IAMPrincipalBuilder is the builder for a Principal allowance

func (*IAMPrincipalBuilder) ToPolicyStatement added in v1.8.0

func (iampb *IAMPrincipalBuilder) ToPolicyStatement() spartaIAM.PolicyStatement

ToPolicyStatement finalizes the builder and returns a spartaIAM.PolicyStatements

func (*IAMPrincipalBuilder) ToPrivilege added in v1.8.0

func (iampb *IAMPrincipalBuilder) ToPrivilege() sparta.IAMRolePrivilege

ToPrivilege returns a legacy sparta.IAMRolePrivilege type for this IAMPrincipalBuilder entry

type IAMResourceBuilder

type IAMResourceBuilder struct {
	// contains filtered or unexported fields
}

IAMResourceBuilder encapsulates the IAM builder for a resource

Example (Lambdaarn)
Allow("s3:GetObject").ForResource().
	Literal("arn:aws:s3:::").
	Ref("MyDynamicS3Bucket").
	Literal("/*").
	ToPrivilege()
Output:

Example (S3)
Allow("s3:GetObject").ForResource().
	Literal("arn:aws:s3:::").
	Ref("MyDynamicS3Bucket").
	Literal("/*").
	ToPrivilege()
Output:

Example (Ssm)
Allow("ssm:GetParameter").ForResource().
	Literal("arn:aws:ssm:").
	Region(":").
	AccountID(":").
	Literal("parameter/SpartaHelloWorld-Discovery").
	ToPrivilege()
Output:

func (*IAMResourceBuilder) AccountID added in v1.8.0

func (iamRes *IAMResourceBuilder) AccountID(delimiter ...string) *IAMResourceBuilder

AccountID inserts the AWS::AccountId pseudo param into the privilege

func (*IAMResourceBuilder) Attr added in v1.8.0

func (iamRes *IAMResourceBuilder) Attr(resName string, propName string, delimiter ...string) *IAMResourceBuilder

Attr inserts a go-cloudformation GetAtt entry

func (*IAMResourceBuilder) Literal added in v1.8.0

func (iamRes *IAMResourceBuilder) Literal(arnPart string) *IAMResourceBuilder

Literal inserts a string literal into the ARN being constructed

func (*IAMResourceBuilder) NotificationARNS added in v1.8.0

func (iamRes *IAMResourceBuilder) NotificationARNS(delimiter ...string) *IAMResourceBuilder

NotificationARNS inserts the AWS::NotificationARNs pseudo param into the privilege

func (*IAMResourceBuilder) Partition added in v1.8.0

func (iamRes *IAMResourceBuilder) Partition(delimiter ...string) *IAMResourceBuilder

Partition inserts the AWS::Partition pseudo param into the privilege

func (*IAMResourceBuilder) Ref added in v1.8.0

func (iamRes *IAMResourceBuilder) Ref(resName string, delimiter ...string) *IAMResourceBuilder

Ref inserts a go-cloudformation Ref entry

func (*IAMResourceBuilder) Region added in v1.8.0

func (iamRes *IAMResourceBuilder) Region(delimiter ...string) *IAMResourceBuilder

Region inserts the AWS::Region pseudo param into the privilege

func (*IAMResourceBuilder) StackID added in v1.8.0

func (iamRes *IAMResourceBuilder) StackID(delimiter ...string) *IAMResourceBuilder

StackID inserts the AWS::StackID pseudo param into the privilege

func (*IAMResourceBuilder) StackName added in v1.8.0

func (iamRes *IAMResourceBuilder) StackName(delimiter ...string) *IAMResourceBuilder

StackName inserts the AWS::StackName pseudo param into the privilege

func (*IAMResourceBuilder) ToPolicyStatement added in v1.8.0

func (iamRes *IAMResourceBuilder) ToPolicyStatement() spartaIAM.PolicyStatement

ToPolicyStatement finalizes the builder and returns a spartaIAM.PolicyStatements

func (*IAMResourceBuilder) ToPrivilege added in v1.8.0

func (iamRes *IAMResourceBuilder) ToPrivilege() sparta.IAMRolePrivilege

ToPrivilege returns a legacy sparta.IAMRolePrivilege type for this entry

func (*IAMResourceBuilder) URLSuffix added in v1.8.0

func (iamRes *IAMResourceBuilder) URLSuffix(delimiter ...string) *IAMResourceBuilder

URLSuffix inserts the AWS::URLSuffix pseudo param into the privilege

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL