Documentation
¶
Index ¶
- Constants
- func CleanupSecurityGroup(vei verifier.ValidateEgressInput, a *AwsVerifier) *output.Output
- func GetAMIForRegion(region string) stringdeprecated
- type AwsVerifier
- func (a *AwsVerifier) AllowSecurityGroupProxyEgress(ctx context.Context, securityGroupID string, proxyURLs []string) (*ec2.AuthorizeSecurityGroupEgressOutput, error)
- func (a *AwsVerifier) CreateSecurityGroup(ctx context.Context, tags map[string]string, name, vpcId string) (*ec2.CreateSecurityGroupOutput, error)
- func (a *AwsVerifier) GetVpcIdFromSubnetId(ctx context.Context, vpcSubnetID string) (string, error)
- func (a *AwsVerifier) ValidateEgress(vei verifier.ValidateEgressInput) *output.Output
- func (a *AwsVerifier) VerifyDns(vdi verifier.VerifyDnsInput) *output.Output
Constants ¶
const ( // Base path of the config file CONFIG_PATH_FSTRING = "/app/build/config/%s.yaml" DEBUG_KEY_NAME = "onv-debug-key" )
Variables ¶
This section is empty.
Functions ¶
func CleanupSecurityGroup ¶ added in v0.4.0
func CleanupSecurityGroup(vei verifier.ValidateEgressInput, a *AwsVerifier) *output.Output
Cleans up the security groups created by network-verifier
func GetAMIForRegion
deprecated
GetAMIForRegion returns the default X86 AWS AMI for the CurlJSONProbe given a region. This is unused within this codebase, but it's exported so that consumers can access this data
Deprecated: GetAMIForRegion doesn't provide a way to check machine image IDs for platforms other than AWS, architectures other than X86, or probes other than CurlJSONProbe. It also doesn't return detailed errors. Instead, use: [probe_package].[ProbeName].GetMachineImageID(platformType, cpuArch, region)
Types ¶
type AwsVerifier ¶
type AwsVerifier struct {
AwsClient *aws.Client
Logger ocmlog.Logger
Output output.Output
// contains filtered or unexported fields
}
AwsVerifier holds an aws client and knows how to fulfill the VerifierService which contains all functions needed for verifier
func NewAwsVerifier ¶
func NewAwsVerifier(accessID, accessSecret, sessionToken, region, profile string, debug bool) (*AwsVerifier, error)
func NewAwsVerifierFromConfig ¶ added in v0.2.0
NewAwsVerifierFromConfig assembles an AwsVerifier given an aws-sdk-go-v2 config and an ocm logger
func (*AwsVerifier) AllowSecurityGroupProxyEgress ¶ added in v0.4.4
func (a *AwsVerifier) AllowSecurityGroupProxyEgress(ctx context.Context, securityGroupID string, proxyURLs []string) (*ec2.AuthorizeSecurityGroupEgressOutput, error)
AllowSecurityGroupProxyEgress adds rules to an existing security group that allow egress to the specified proxies. It returns nil if the necessary rules already exist in defaultIpPermissions
func (*AwsVerifier) CreateSecurityGroup ¶
func (a *AwsVerifier) CreateSecurityGroup(ctx context.Context, tags map[string]string, name, vpcId string) (*ec2.CreateSecurityGroupOutput, error)
CreateSecurityGroup creates a security group with the specified name and cluster tag key in a specified VPC
func (*AwsVerifier) GetVpcIdFromSubnetId ¶
GetVpcIdFromSubnetId takes in a subnet id and returns the associated VPC id
func (*AwsVerifier) ValidateEgress ¶
func (a *AwsVerifier) ValidateEgress(vei verifier.ValidateEgressInput) *output.Output
ValidateEgress performs validation process for egress Basic workflow is: - prepare for ec2 instance creation - create instance and wait till it gets ready, wait for userdata script execution - find unreachable endpoints & parse output, then terminate instance - return `a.output` which stores the execution results
func (*AwsVerifier) VerifyDns ¶
func (a *AwsVerifier) VerifyDns(vdi verifier.VerifyDnsInput) *output.Output
VerifyDns performs verification process for VPC's DNS Basic workflow is: - ask AWS API for VPC attributes - ensure they're set correctly
Source Files