aws

package
v0.5.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 28, 2023 License: Apache-2.0 Imports: 19 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	DefaultEnvPrefix           = "VMCLARITY_AWS"
	DefaultScannerInstanceType = "t2.large"
	DefaultBlockDeviceName     = "xvdh"
)
View Source 
const (
	DefaultRetryAfter     = 5 * time.Second
	RetryServerErrorAfter = time.Minute

	InstanceReadynessAfter         = 5 * time.Minute
	SnapshotReadynessAfter         = 5 * time.Minute
	VolumeReadynessAfter           = 5 * time.Minute
	VolumeAttachmentReadynessAfter = 2 * time.Minute

	AWSUnauthorizedOperation = "UnauthorizedOperation"
)
View Source 
const (
	EC2TagKeyOwner          = "Owner"
	EC2TagKeyName           = "Name"
	EC2TagValueNamePattern  = "vmclarity-scanner-%s"
	EC2TagValueOwner        = "VMClarity"
	EC2TagKeyScanID         = "VMClarity.ScanID"
	EC2TagKeyScanResultID   = "VMClarity.ScanResultID"
	EC2TagKeyTargetID       = "VMClarity.TargetID"
	EC2TagKeyTargetVolumeID = "VMClarity.TargetVolumeID"

	EC2SnapshotDescription = "Volume snapshot created by VMClarity for scanning"
)
View Source 
const (
	VpcIDFilterName           = "vpc-id"
	SecurityGroupIDFilterName = "instance.group-id"
	InstanceStateFilterName   = "instance-state-name"
	SnapshotIDFilterName      = "snapshot-id"
)
View Source 
const LocationSeparator = "/"

Variables

This section is empty.

Functions

func EC2FiltersFromEC2Tags added in v0.5.0 

func EC2FiltersFromEC2Tags(tags []ec2types.Tag) []ec2types.Filter

func EC2FiltersFromInstanceState added in v0.5.0 

func EC2FiltersFromInstanceState(states ...ec2types.InstanceStateName) []ec2types.Filter

func EC2FiltersFromTags added in v0.5.0 

func EC2FiltersFromTags(tags []models.Tag) []ec2types.Filter

func EC2TagsFromScanMetadata added in v0.5.0 

func EC2TagsFromScanMetadata(meta provider.ScanMetadata) []ec2types.Tag

func WrapError added in v0.5.0 

func WrapError(err error) error

Types

type Client 

type Client struct {
	// contains filtered or unexported fields
}

func New added in v0.5.0 

func New(ctx context.Context) (*Client, error)

func (*Client) DiscoverScopes 

func (c *Client) DiscoverScopes(ctx context.Context) (*models.Scopes, error)

func (*Client) DiscoverTargets added in v0.5.0 

func (c *Client) DiscoverTargets(ctx context.Context, scanScope *models.ScanScopeType) ([]models.TargetType, error)

nolint:cyclop

func (*Client) GetInstances 

func (c *Client) GetInstances(ctx context.Context, filters []ec2types.Filter, excludeTags []models.Tag, regionID string) ([]Instance, error)

func (Client) Kind added in v0.5.0 

func (c Client) Kind() models.CloudProvider

func (*Client) ListAllRegions 

func (c *Client) ListAllRegions(ctx context.Context, isRecursive bool) ([]Region, error)

func (*Client) RemoveTargetScan added in v0.5.0 

func (c *Client) RemoveTargetScan(ctx context.Context, config *provider.ScanJobConfig) error

RemoveTargetScan removes all the cloud resources associated with a Scan defined by config parameter. The operation is idempotent, therefore it is safe to call it multiple times. nolint:cyclop,gocognit

func (*Client) RunTargetScan added in v0.5.0 

func (c *Client) RunTargetScan(ctx context.Context, config *provider.ScanJobConfig) error

nolint:cyclop,gocognit,maintidx

type Config added in v0.5.0 

type Config struct {
	// Region where the Scanner instance needs to be created
	ScannerRegion string `mapstructure:"scanner_region"`
	// SubnetID where the Scanner instance needs to be created
	SubnetID string `mapstructure:"subnet_id"`
	// SecurityGroupID which needs to be attached to the Scanner instance
	SecurityGroupID string `mapstructure:"security_group_id"`
	// KeyPairName is the name of the SSH KeyPair to use for Scanner instance launch
	KeyPairName string `mapstructure:"keypair_name"`
	// ScannerImage is the AMI image used for creating Scanner instance
	ScannerImage string `mapstructure:"scanner_ami_id"`
	// ScannerInstanceType is the instance type used for Scanner instance
	ScannerInstanceType string `mapstructure:"scanner_instance_type"`
	// BlockDeviceName contains the block device name used for attaching Scanner volume to the Scanner instance
	BlockDeviceName string `mapstructure:"block_device_name"`
}

func NewConfig added in v0.5.0 

func NewConfig() (*Config, error)

func (*Config) Validate added in v0.5.0 

func (c *Config) Validate() error

type FatalError added in v0.5.0 

type FatalError = provider.FatalError

type Instance added in v0.5.0 

type Instance struct {
	ID               string
	Region           string
	VpcID            string
	SecurityGroups   []models.SecurityGroup
	AvailabilityZone string
	Image            string
	InstanceType     string
	Platform         string
	Tags             []models.Tag
	LaunchTime       time.Time
	RootDeviceName   string
	Volumes          []Volume

	Metadata provider.ScanMetadata
	// contains filtered or unexported fields
}

func (*Instance) AttachVolume added in v0.5.0 

func (i *Instance) AttachVolume(ctx context.Context, volume *Volume, deviceName string) error

nolint:cyclop

func (*Instance) Delete added in v0.5.0 

func (i *Instance) Delete(ctx context.Context) error

func (*Instance) IsReady added in v0.5.0 

func (i *Instance) IsReady(ctx context.Context) (bool, error)

func (*Instance) Location added in v0.5.0 

func (i *Instance) Location() string

func (*Instance) RootVolume added in v0.5.0 

func (i *Instance) RootVolume() *Volume

type Location added in v0.5.0 

type Location struct {
	Region string
	Vpc    string
}

func NewLocation added in v0.5.0 

func NewLocation(l string) (*Location, error)

NOTE: pattern <region>/<vpc>.

func (Location) String added in v0.5.0 

func (l Location) String() string

type Region 

type Region struct {
	Name string
	VPCs []VPC
}

type RetryableError added in v0.5.0 

type RetryableError = provider.RetryableError

type ScanScope 

type ScanScope struct {
	AllRegions  bool
	Regions     []Region
	ScanStopped bool
	// Only targets that have these tags will be selected for scanning within the selected scan scope.
	// Multiple tags will be treated as an AND operator.
	TagSelector []models.Tag
	// Targets that have these tags will be excluded from the scan, even if they match the tag selector.
	// Multiple tags will be treated as an AND operator.
	ExcludeTags []models.Tag
}

type Snapshot added in v0.5.0 

type Snapshot struct {
	ID       string
	Region   string
	Metadata provider.ScanMetadata
	VolumeID string
	// contains filtered or unexported fields
}

func (*Snapshot) Copy added in v0.5.0 

func (s *Snapshot) Copy(ctx context.Context, region string) (*Snapshot, error)

func (*Snapshot) CreateVolume added in v0.5.0 

func (s *Snapshot) CreateVolume(ctx context.Context, az string) (*Volume, error)

func (*Snapshot) Delete added in v0.5.0 

func (s *Snapshot) Delete(ctx context.Context) error

func (*Snapshot) IsReady added in v0.5.0 

func (s *Snapshot) IsReady(ctx context.Context) (bool, error)

type VPC 

type VPC struct {
	ID             string
	SecurityGroups []models.SecurityGroup
}

type Volume added in v0.5.0 

type Volume struct {
	ID     string
	Region string

	BlockDeviceName string
	Metadata        provider.ScanMetadata
	// contains filtered or unexported fields
}

func (*Volume) CreateSnapshot added in v0.5.0 

func (v *Volume) CreateSnapshot(ctx context.Context) (*Snapshot, error)

func (*Volume) Delete added in v0.5.0 

func (v *Volume) Delete(ctx context.Context) error

func (*Volume) IsAttached added in v0.5.0 

func (v *Volume) IsAttached(ctx context.Context) (bool, error)

func (*Volume) IsReady added in v0.5.0 

func (v *Volume) IsReady(ctx context.Context) (bool, error)

func (*Volume) WaitForReady added in v0.5.0 

func (v *Volume) WaitForReady(ctx context.Context, timeout time.Duration, interval time.Duration) error

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.