Documentation
¶
Index ¶
Constants ¶
View Source
const (
DefaultInitialRoleArn = "arn:aws:iam::922711891673:role/SRE-Support-Role"
)
View Source
const EnvBrowserDefault = "BACKPLANE_DEFAULT_OPEN_BROWSER"
Environment variable that indicates if open by browser is set as default
Variables ¶
View Source
var AssumeCmd = &cobra.Command{ Use: "assume [CLUSTERID|EXTERNAL_ID|CLUSTER_NAME|CLUSTER_NAME_SEARCH]", Short: "Performs the assume role chaining necessary to generate temporary access to the customer's AWS account", Long: `Performs the assume role chaining necessary to generate temporary access to the customer's AWS account This command is the equivalent of running "aws sts assume-role-with-web-identity --initial-role-arn [role-arn] --web-identity-token [ocm token] --role-session-name [email from OCM token]" behind the scenes, where the ocm token used is the result of running "ocm token". Then, the command makes a call to the backplane API to get the necessary jump roles for the cluster's account. It then calls the equivalent of "aws sts assume-role --initial-role-arn [role-arn] --role-session-name [email from OCM token]" repeatedly for each role arn in the chain, using the previous role's credentials to assume the next role in the chain. This command will output sts credentials for the target role in the given cluster in formatted JSON. If no "role-arn" is provided, a default role will be used. `, Example: `With default role: backplane cloud assume e3b2fdc5-d9a7-435e-8870-312689cfb29c -oenv With given role: backplane cloud assume e3b2fdc5-d9a7-435e-8870-312689cfb29c --initial-role-arn arn:aws:iam::1234567890:role/read-only -oenv With a debug file: backplane cloud assume e3b2fdc5-d9a7-435e-8870-312689cfb29c --debug-file test_arns As console url: backplane cloud assume e3b2fdc5-d9a7-435e-8870-312689cfb29c --console`, Args: cobra.MaximumNArgs(1), RunE: runAssume, }
View Source
var AssumeRoleSequence = awsutil.AssumeRoleSequence
View Source
var AssumeRoleWithJWT = awsutil.AssumeRoleWithJWT
View Source
var CloudCmd = &cobra.Command{ Use: "cloud", Short: "Cluster cloud provider access", Args: cobra.NoArgs, DisableAutoGenTag: true, Run: help, }
View Source
var ConsoleCmd = &cobra.Command{ Use: "console [CLUSTERID|EXTERNAL_ID|CLUSTER_NAME|CLUSTER_NAME_SEARCH]", Short: "Requests a link to cluster's cloud provider's console", Long: `Requests a link that utilizes temporary cloud credentials for the cluster's cloud provider's web console. This allows us to be able to perform operations such as debugging an issue, troubleshooting a customer misconfiguration, or directly access the underlying cloud infrastructure. If no cluster identifier is provided, the currently logged in cluster will be used.`, Example: " backplane cloud console\n backplane cloud console <id>\n backplane cloud console %test%\n backplane cloud console <external_id>", Args: cobra.RangeArgs(0, 1), Aliases: []string{"link", "web"}, RunE: runConsole, SilenceUsage: true, }
ConsoleCmd represents the cloud credentials command
View Source
var CredentialsCmd = &cobra.Command{ Use: "credentials [CLUSTERID|EXTERNAL_ID|CLUSTER_NAME|CLUSTER_NAME_SEARCH]", Short: "Requests a set of temporary cloud credentials for the cluster's cloud provider", Long: `Requests a set of temporary cloud credentials for the cluster's cloud provider. This allows us to be able to perform operations such as debugging an issue, troubleshooting a customer misconfiguration, or directly access the underlying cloud infrastructure. If no cluster identifier is provided, the currently logged in cluster will be used.`, Example: " backplane cloud credentials\n backplane cloud credentials <id>\n backplane cloud credentials %test%\n backplane cloud credentials <external_id>", Args: cobra.RangeArgs(0, 1), Aliases: []string{"creds", "cred"}, RunE: runCredentials, SilenceUsage: true, }
CredentialsCmd represents the cloud credentials command
View Source
var GetBackplaneClusterFromConfig = utils.DefaultClusterUtils.GetBackplaneClusterFromConfig
View Source
var GetBackplaneConfiguration = bpconfig.GetBackplaneConfiguration
View Source
var NewStaticCredentialsProvider = credentials.NewStaticCredentialsProvider
View Source
var StsClientWithProxy = awsutil.StsClientWithProxy
View Source
var TokenCmd = &cobra.Command{ Use: "token", Short: "Generates a session token for the given role ARN", Long: `Generates a session token for the given role ARN. This command is the equivalent of running "aws sts assume-role-with-web-identity --role-arn [role-arn] --web-identity-token [ocm token] --role-session-name [email from OCM token]" behind the scenes, where the ocm token used is the result of running "ocm token". This command will output the "Credentials" property of that call in formatted JSON.`, Example: "backplane cloud token --role-arn arn:aws:iam::1234567890:role/read-only -oenv", Args: cobra.NoArgs, RunE: runToken, }
Functions ¶
Types ¶
type AWSCredentialsResponse ¶
type AWSCredentialsResponse struct {
AccessKeyID string `json:"AccessKeyID" yaml:"AccessKeyID"`
SecretAccessKey string `json:"SecretAccessKey" yaml:"SecretAccessKey"`
SessionToken string `json:"SessionToken" yaml:"SessionToken"`
Region string `json:"Region" yaml:"Region"`
Expiration string `json:"Expiration" yaml:"Expiration"`
}
func (*AWSCredentialsResponse) AWSV2Config ¶ added in v0.1.3
func (r *AWSCredentialsResponse) AWSV2Config() (aws.Config, error)
AWSV2Config returns an aws-sdk-go-v2 config that can be used to programmatically access the AWS API
func (*AWSCredentialsResponse) String ¶
func (r *AWSCredentialsResponse) String() string
type ConsoleResponse ¶
type ConsoleResponse struct {
ConsoleLink string `json:"ConsoleLink" yaml:"ConsoleLink"`
}
func (*ConsoleResponse) String ¶
func (r *ConsoleResponse) String() string
type CredentialsResponse ¶
type CredentialsResponse interface {
// String returns a friendly message outlining how users can setup cloud environment access
String() string
// contains filtered or unexported methods
}
type GCPCredentialsResponse ¶
type GCPCredentialsResponse struct {
ProjectID string `json:"project_id" yaml:"project_id"`
}
func (*GCPCredentialsResponse) String ¶
func (r *GCPCredentialsResponse) String() string
Source Files
Click to show internal directories.
Click to hide internal directories.