aws

package

v0.13.0 Latest Latest Go to latest Published: Oct 14, 2022 License: Apache-2.0 Imports: 37 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/openshift/osdctl

Links

Open Source Insights

Documentation ¶

Index ¶

func CheckIAMUserExists(awsClient Client, username *string) (bool, error)
func CreateIAMUserAndAttachPolicy(awsClient Client, username, policyArn *string) error
func DeleteS3BucketsWithPrefix(awsClient Client, prefix string) error
func DeleteUserAccessKeys(awsClient Client, username *string) error
func GenerateRoleARN(accountId, roleName string) string
func GetAssumeRoleCredentials(awsClient Client, durationSeconds *int64, roleSessionName, roleArn *string) (*sts.Credentials, error)
func GetAwsPartition(awsClient Client) (string, error)
func GetConsoleUrl(partition string) (string, error)
func GetFederationEndpointUrl(partition string) (string, error)
func NewAwsSession(profile, region, configFile string) (*session.Session, error)
func RefreshIAMPolicy(awsClient Client, federatedRole *awsv1alpha1.AWSFederatedRole, ...) error
func RequestSignInToken(awsClient Client, durationSeconds *int64, sessionName, roleArn *string) (string, error)
type AwsClient
type AwsClientInput
type Client
- func NewAwsClient(profile, region, configFile string) (Client, error)
- func NewAwsClientWithInput(input *AwsClientInput) (Client, error)
type FactoryOptions

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func CheckIAMUserExists ¶

func CheckIAMUserExists(awsClient Client, username *string) (bool, error)

func CreateIAMUserAndAttachPolicy ¶

func CreateIAMUserAndAttachPolicy(awsClient Client, username, policyArn *string) error

func DeleteS3BucketsWithPrefix ¶

func DeleteS3BucketsWithPrefix(awsClient Client, prefix string) error

Delete all S3 buckets with the specified prefix

func DeleteUserAccessKeys ¶

func DeleteUserAccessKeys(awsClient Client, username *string) error

func GenerateRoleARN ¶ added in v0.13.0

func GenerateRoleARN(accountId, roleName string) string

func GetAssumeRoleCredentials ¶

func GetAssumeRoleCredentials(awsClient Client, durationSeconds *int64, roleSessionName, roleArn *string) (*sts.Credentials, error)

GetAssumeRoleCredentials gets the assume role credentials from AWS.

func GetAwsPartition ¶ added in v0.9.4

func GetAwsPartition(awsClient Client) (string, error)

GetAwsPartition uses sts GetCallerIdentity to determine the AWS partition we're in

func GetConsoleUrl ¶ added in v0.9.4

func GetConsoleUrl(partition string) (string, error)

GetConsoleUrl returns the default AWS Console base URL for a given partition

func GetFederationEndpointUrl ¶ added in v0.9.4

func GetFederationEndpointUrl(partition string) (string, error)

GetFederationEndpointUrl returns the default AWS Sign-In Federation endpoint for a given partition

func NewAwsSession ¶ added in v0.9.4

func NewAwsSession(profile, region, configFile string) (*session.Session, error)

func RefreshIAMPolicy ¶

func RefreshIAMPolicy(awsClient Client, federatedRole *awsv1alpha1.AWSFederatedRole, awsAccountID, uid string) error

func RequestSignInToken ¶

func RequestSignInToken(awsClient Client, durationSeconds *int64, sessionName, roleArn *string) (string, error)

RequestSignInToken makes an HTTP request to retrieve an AWS Sign-In Token via the AWS Federation endpoint

Types ¶

type AwsClient ¶

type AwsClient struct {
	// contains filtered or unexported fields
}

func (*AwsClient) AssumeRole ¶

func (c *AwsClient) AssumeRole(input *sts.AssumeRoleInput) (*sts.AssumeRoleOutput, error)

func (*AwsClient) AttachRolePolicy ¶

func (c *AwsClient) AttachRolePolicy(input *iam.AttachRolePolicyInput) (*iam.AttachRolePolicyOutput, error)

func (*AwsClient) AttachUserPolicy ¶

func (c *AwsClient) AttachUserPolicy(input *iam.AttachUserPolicyInput) (*iam.AttachUserPolicyOutput, error)

func (*AwsClient) CreateAccessKey ¶

func (c *AwsClient) CreateAccessKey(input *iam.CreateAccessKeyInput) (*iam.CreateAccessKeyOutput, error)

func (*AwsClient) CreateAccount ¶ added in v0.5.0

func (c *AwsClient) CreateAccount(input *organizations.CreateAccountInput) (*organizations.CreateAccountOutput, error)

func (*AwsClient) CreateCostCategoryDefinition ¶

func (c *AwsClient) CreateCostCategoryDefinition(input *costexplorer.CreateCostCategoryDefinitionInput) (*costexplorer.CreateCostCategoryDefinitionOutput, error)

func (*AwsClient) CreatePolicy ¶

func (c *AwsClient) CreatePolicy(input *iam.CreatePolicyInput) (*iam.CreatePolicyOutput, error)

func (*AwsClient) CreateUser ¶

func (c *AwsClient) CreateUser(input *iam.CreateUserInput) (*iam.CreateUserOutput, error)

func (*AwsClient) DeleteAccessKey ¶

func (c *AwsClient) DeleteAccessKey(input *iam.DeleteAccessKeyInput) (*iam.DeleteAccessKeyOutput, error)

func (*AwsClient) DeleteBucket ¶

func (c *AwsClient) DeleteBucket(input *s3.DeleteBucketInput) (*s3.DeleteBucketOutput, error)

func (*AwsClient) DeleteLoginProfile ¶ added in v0.5.0

func (c *AwsClient) DeleteLoginProfile(input *iam.DeleteLoginProfileInput) (*iam.DeleteLoginProfileOutput, error)

func (*AwsClient) DeleteObjects ¶

func (c *AwsClient) DeleteObjects(input *s3.DeleteObjectsInput) (*s3.DeleteObjectsOutput, error)

func (*AwsClient) DeletePolicy ¶

func (c *AwsClient) DeletePolicy(input *iam.DeletePolicyInput) (*iam.DeletePolicyOutput, error)

func (*AwsClient) DeleteRole ¶ added in v0.5.0

func (c *AwsClient) DeleteRole(input *iam.DeleteRoleInput) (*iam.DeleteRoleOutput, error)

func (*AwsClient) DeleteSigningCertificate ¶ added in v0.5.0

func (c *AwsClient) DeleteSigningCertificate(input *iam.DeleteSigningCertificateInput) (*iam.DeleteSigningCertificateOutput, error)

func (*AwsClient) DeleteUser ¶ added in v0.5.0

func (c *AwsClient) DeleteUser(input *iam.DeleteUserInput) (*iam.DeleteUserOutput, error)

func (*AwsClient) DeleteUserPolicy ¶ added in v0.5.0

func (c *AwsClient) DeleteUserPolicy(input *iam.DeleteUserPolicyInput) (*iam.DeleteUserPolicyOutput, error)

func (*AwsClient) DescribeAccount ¶ added in v0.9.6

func (c *AwsClient) DescribeAccount(input *organizations.DescribeAccountInput) (*organizations.DescribeAccountOutput, error)

func (*AwsClient) DescribeCreateAccountStatus ¶ added in v0.5.0

func (c *AwsClient) DescribeCreateAccountStatus(input *organizations.DescribeCreateAccountStatusInput) (*organizations.DescribeCreateAccountStatusOutput, error)

func (*AwsClient) DescribeInstances ¶ added in v0.5.0

func (c *AwsClient) DescribeInstances(input *ec2.DescribeInstancesInput) (*ec2.DescribeInstancesOutput, error)

func (*AwsClient) DescribeOrganizationalUnit ¶

func (c *AwsClient) DescribeOrganizationalUnit(input *organizations.DescribeOrganizationalUnitInput) (*organizations.DescribeOrganizationalUnitOutput, error)

func (*AwsClient) DetachRolePolicy ¶

func (c *AwsClient) DetachRolePolicy(input *iam.DetachRolePolicyInput) (*iam.DetachRolePolicyOutput, error)

func (*AwsClient) DetachUserPolicy ¶ added in v0.5.0

func (c *AwsClient) DetachUserPolicy(input *iam.DetachUserPolicyInput) (*iam.DetachUserPolicyOutput, error)

func (*AwsClient) GetCallerIdentity ¶

func (c *AwsClient) GetCallerIdentity(input *sts.GetCallerIdentityInput) (*sts.GetCallerIdentityOutput, error)

func (*AwsClient) GetCostAndUsage ¶

func (c *AwsClient) GetCostAndUsage(input *costexplorer.GetCostAndUsageInput) (*costexplorer.GetCostAndUsageOutput, error)

func (*AwsClient) GetFederationToken ¶

func (c *AwsClient) GetFederationToken(input *sts.GetFederationTokenInput) (*sts.GetFederationTokenOutput, error)

func (*AwsClient) GetResources ¶ added in v0.5.0

func (c *AwsClient) GetResources(input *resourcegroupstaggingapi.GetResourcesInput) (*resourcegroupstaggingapi.GetResourcesOutput, error)

func (*AwsClient) GetUser ¶

func (c *AwsClient) GetUser(input *iam.GetUserInput) (*iam.GetUserOutput, error)

func (*AwsClient) ListAccessKeys ¶

func (c *AwsClient) ListAccessKeys(input *iam.ListAccessKeysInput) (*iam.ListAccessKeysOutput, error)

func (*AwsClient) ListAccounts ¶ added in v0.5.0

func (c *AwsClient) ListAccounts(input *organizations.ListAccountsInput) (*organizations.ListAccountsOutput, error)

func (*AwsClient) ListAccountsForParent ¶

func (c *AwsClient) ListAccountsForParent(input *organizations.ListAccountsForParentInput) (*organizations.ListAccountsForParentOutput, error)

func (*AwsClient) ListAttachedRolePolicies ¶

func (c *AwsClient) ListAttachedRolePolicies(input *iam.ListAttachedRolePoliciesInput) (*iam.ListAttachedRolePoliciesOutput, error)

func (*AwsClient) ListAttachedUserPolicies ¶ added in v0.5.0

func (c *AwsClient) ListAttachedUserPolicies(input *iam.ListAttachedUserPoliciesInput) (*iam.ListAttachedUserPoliciesOutput, error)

func (*AwsClient) ListBuckets ¶

func (c *AwsClient) ListBuckets(input *s3.ListBucketsInput) (*s3.ListBucketsOutput, error)

func (*AwsClient) ListCostCategoryDefinitions ¶

func (c *AwsClient) ListCostCategoryDefinitions(input *costexplorer.ListCostCategoryDefinitionsInput) (*costexplorer.ListCostCategoryDefinitionsOutput, error)

func (*AwsClient) ListGroupsForUser ¶ added in v0.5.0

func (c *AwsClient) ListGroupsForUser(input *iam.ListGroupsForUserInput) (*iam.ListGroupsForUserOutput, error)

func (*AwsClient) ListObjects ¶

func (c *AwsClient) ListObjects(input *s3.ListObjectsInput) (*s3.ListObjectsOutput, error)

func (*AwsClient) ListOrganizationalUnitsForParent ¶

func (c *AwsClient) ListOrganizationalUnitsForParent(input *organizations.ListOrganizationalUnitsForParentInput) (*organizations.ListOrganizationalUnitsForParentOutput, error)

func (*AwsClient) ListParents ¶ added in v0.6.0

func (c *AwsClient) ListParents(input *organizations.ListParentsInput) (*organizations.ListParentsOutput, error)

func (*AwsClient) ListPolicies ¶ added in v0.8.0

func (c *AwsClient) ListPolicies(input *iam.ListPoliciesInput) (*iam.ListPoliciesOutput, error)

func (*AwsClient) ListRoles ¶ added in v0.5.0

func (c *AwsClient) ListRoles(input *iam.ListRolesInput) (*iam.ListRolesOutput, error)

func (*AwsClient) ListRoots ¶ added in v0.6.0

func (c *AwsClient) ListRoots(input *organizations.ListRootsInput) (*organizations.ListRootsOutput, error)

func (*AwsClient) ListServiceQuotas ¶

func (c *AwsClient) ListServiceQuotas(input *servicequotas.ListServiceQuotasInput) (*servicequotas.ListServiceQuotasOutput, error)

func (*AwsClient) ListSigningCertificates ¶ added in v0.5.0

func (c *AwsClient) ListSigningCertificates(input *iam.ListSigningCertificatesInput) (*iam.ListSigningCertificatesOutput, error)

func (*AwsClient) ListTagsForResource ¶ added in v0.5.0

func (c *AwsClient) ListTagsForResource(input *organizations.ListTagsForResourceInput) (*organizations.ListTagsForResourceOutput, error)

func (*AwsClient) ListUserPolicies ¶ added in v0.5.0

func (c *AwsClient) ListUserPolicies(input *iam.ListUserPoliciesInput) (*iam.ListUserPoliciesOutput, error)

func (*AwsClient) ListUsers ¶

func (c *AwsClient) ListUsers(input *iam.ListUsersInput) (*iam.ListUsersOutput, error)

func (*AwsClient) LookupEvents ¶ added in v0.13.0

func (c *AwsClient) LookupEvents(input *cloudtrail.LookupEventsInput) (*cloudtrail.LookupEventsOutput, error)

func (*AwsClient) ModifyInstanceAttribute ¶ added in v0.13.0

func (c *AwsClient) ModifyInstanceAttribute(input *ec2.ModifyInstanceAttributeInput) (*ec2.ModifyInstanceAttributeOutput, error)

func (*AwsClient) MoveAccount ¶ added in v0.5.0

func (c *AwsClient) MoveAccount(input *organizations.MoveAccountInput) (*organizations.MoveAccountOutput, error)

func (*AwsClient) RemoveUserFromGroup ¶ added in v0.5.0

func (c *AwsClient) RemoveUserFromGroup(input *iam.RemoveUserFromGroupInput) (*iam.RemoveUserFromGroupOutput, error)

func (*AwsClient) RequestServiceQuotaIncrease ¶

func (c *AwsClient) RequestServiceQuotaIncrease(input *servicequotas.RequestServiceQuotaIncreaseInput) (*servicequotas.RequestServiceQuotaIncreaseOutput, error)

func (*AwsClient) StartInstances ¶ added in v0.13.0

func (c *AwsClient) StartInstances(input *ec2.StartInstancesInput) (*ec2.StartInstancesOutput, error)

func (*AwsClient) StopInstances ¶ added in v0.13.0

func (c *AwsClient) StopInstances(input *ec2.StopInstancesInput) (*ec2.StopInstancesOutput, error)

func (*AwsClient) TagResource ¶ added in v0.5.0

func (c *AwsClient) TagResource(input *organizations.TagResourceInput) (*organizations.TagResourceOutput, error)

func (*AwsClient) UntagResource ¶ added in v0.5.0

func (c *AwsClient) UntagResource(input *organizations.UntagResourceInput) (*organizations.UntagResourceOutput, error)

func (*AwsClient) WaitUntilInstanceRunning ¶ added in v0.13.0

func (c *AwsClient) WaitUntilInstanceRunning(input *ec2.DescribeInstancesInput) error

func (*AwsClient) WaitUntilInstanceStopped ¶ added in v0.13.0

func (c *AwsClient) WaitUntilInstanceStopped(input *ec2.DescribeInstancesInput) error

type AwsClientInput ¶

type AwsClientInput struct {
	AccessKeyID     string
	SecretAccessKey string
	SessionToken    string
	Region          string
}

AwsClientInput input for new aws client

type Client ¶

type Client interface {
	// sts
	AssumeRole(*sts.AssumeRoleInput) (*sts.AssumeRoleOutput, error)
	GetCallerIdentity(*sts.GetCallerIdentityInput) (*sts.GetCallerIdentityOutput, error)
	GetFederationToken(*sts.GetFederationTokenInput) (*sts.GetFederationTokenOutput, error)

	// S3
	ListBuckets(*s3.ListBucketsInput) (*s3.ListBucketsOutput, error)
	DeleteBucket(*s3.DeleteBucketInput) (*s3.DeleteBucketOutput, error)
	ListObjects(*s3.ListObjectsInput) (*s3.ListObjectsOutput, error)
	DeleteObjects(*s3.DeleteObjectsInput) (*s3.DeleteObjectsOutput, error)

	//iam
	CreateAccessKey(*iam.CreateAccessKeyInput) (*iam.CreateAccessKeyOutput, error)
	DeleteAccessKey(*iam.DeleteAccessKeyInput) (*iam.DeleteAccessKeyOutput, error)
	ListAccessKeys(*iam.ListAccessKeysInput) (*iam.ListAccessKeysOutput, error)
	GetUser(*iam.GetUserInput) (*iam.GetUserOutput, error)
	CreateUser(*iam.CreateUserInput) (*iam.CreateUserOutput, error)
	ListUsers(*iam.ListUsersInput) (*iam.ListUsersOutput, error)
	AttachUserPolicy(*iam.AttachUserPolicyInput) (*iam.AttachUserPolicyOutput, error)
	CreatePolicy(*iam.CreatePolicyInput) (*iam.CreatePolicyOutput, error)
	DeletePolicy(*iam.DeletePolicyInput) (*iam.DeletePolicyOutput, error)
	AttachRolePolicy(*iam.AttachRolePolicyInput) (*iam.AttachRolePolicyOutput, error)
	DetachRolePolicy(*iam.DetachRolePolicyInput) (*iam.DetachRolePolicyOutput, error)
	ListAttachedRolePolicies(*iam.ListAttachedRolePoliciesInput) (*iam.ListAttachedRolePoliciesOutput, error)
	DeleteLoginProfile(*iam.DeleteLoginProfileInput) (*iam.DeleteLoginProfileOutput, error)
	ListSigningCertificates(*iam.ListSigningCertificatesInput) (*iam.ListSigningCertificatesOutput, error)
	DeleteSigningCertificate(*iam.DeleteSigningCertificateInput) (*iam.DeleteSigningCertificateOutput, error)
	ListUserPolicies(*iam.ListUserPoliciesInput) (*iam.ListUserPoliciesOutput, error)
	ListPolicies(*iam.ListPoliciesInput) (*iam.ListPoliciesOutput, error)
	DeleteUserPolicy(*iam.DeleteUserPolicyInput) (*iam.DeleteUserPolicyOutput, error)
	ListAttachedUserPolicies(*iam.ListAttachedUserPoliciesInput) (*iam.ListAttachedUserPoliciesOutput, error)
	DetachUserPolicy(*iam.DetachUserPolicyInput) (*iam.DetachUserPolicyOutput, error)
	ListGroupsForUser(*iam.ListGroupsForUserInput) (*iam.ListGroupsForUserOutput, error)
	RemoveUserFromGroup(*iam.RemoveUserFromGroupInput) (*iam.RemoveUserFromGroupOutput, error)
	ListRoles(*iam.ListRolesInput) (*iam.ListRolesOutput, error)
	DeleteRole(*iam.DeleteRoleInput) (*iam.DeleteRoleOutput, error)
	DeleteUser(*iam.DeleteUserInput) (*iam.DeleteUserOutput, error)

	//ec2
	DescribeInstances(*ec2.DescribeInstancesInput) (*ec2.DescribeInstancesOutput, error)
	StopInstances(*ec2.StopInstancesInput) (*ec2.StopInstancesOutput, error)
	ModifyInstanceAttribute(*ec2.ModifyInstanceAttributeInput) (*ec2.ModifyInstanceAttributeOutput, error)
	StartInstances(*ec2.StartInstancesInput) (*ec2.StartInstancesOutput, error)
	WaitUntilInstanceStopped(*ec2.DescribeInstancesInput) error
	WaitUntilInstanceRunning(*ec2.DescribeInstancesInput) error

	// Service Quotas
	ListServiceQuotas(*servicequotas.ListServiceQuotasInput) (*servicequotas.ListServiceQuotasOutput, error)
	RequestServiceQuotaIncrease(*servicequotas.RequestServiceQuotaIncreaseInput) (*servicequotas.RequestServiceQuotaIncreaseOutput, error)

	// Organizations
	CreateAccount(input *organizations.CreateAccountInput) (*organizations.CreateAccountOutput, error)
	DescribeCreateAccountStatus(input *organizations.DescribeCreateAccountStatusInput) (*organizations.DescribeCreateAccountStatusOutput, error)
	ListAccounts(input *organizations.ListAccountsInput) (*organizations.ListAccountsOutput, error)
	ListParents(input *organizations.ListParentsInput) (*organizations.ListParentsOutput, error)
	ListRoots(input *organizations.ListRootsInput) (*organizations.ListRootsOutput, error)
	ListAccountsForParent(input *organizations.ListAccountsForParentInput) (*organizations.ListAccountsForParentOutput, error)
	ListOrganizationalUnitsForParent(input *organizations.ListOrganizationalUnitsForParentInput) (*organizations.ListOrganizationalUnitsForParentOutput, error)
	DescribeOrganizationalUnit(input *organizations.DescribeOrganizationalUnitInput) (*organizations.DescribeOrganizationalUnitOutput, error)
	TagResource(input *organizations.TagResourceInput) (*organizations.TagResourceOutput, error)
	UntagResource(input *organizations.UntagResourceInput) (*organizations.UntagResourceOutput, error)
	ListTagsForResource(input *organizations.ListTagsForResourceInput) (*organizations.ListTagsForResourceOutput, error)
	MoveAccount(input *organizations.MoveAccountInput) (*organizations.MoveAccountOutput, error)
	DescribeAccount(input *organizations.DescribeAccountInput) (*organizations.DescribeAccountOutput, error)

	// Resources
	GetResources(input *resourcegroupstaggingapi.GetResourcesInput) (*resourcegroupstaggingapi.GetResourcesOutput, error)

	// Cost Explorer
	GetCostAndUsage(input *costexplorer.GetCostAndUsageInput) (*costexplorer.GetCostAndUsageOutput, error)
	CreateCostCategoryDefinition(input *costexplorer.CreateCostCategoryDefinitionInput) (*costexplorer.CreateCostCategoryDefinitionOutput, error)
	ListCostCategoryDefinitions(input *costexplorer.ListCostCategoryDefinitionsInput) (*costexplorer.ListCostCategoryDefinitionsOutput, error)

	// Cloudtrail
	LookupEvents(input *cloudtrail.LookupEventsInput) (*cloudtrail.LookupEventsOutput, error)
}

TODO: Add more methods when needed

func NewAwsClient ¶

func NewAwsClient(profile, region, configFile string) (Client, error)

NewAwsClient creates an AWS client with credentials in the environment

func NewAwsClientWithInput ¶

func NewAwsClientWithInput(input *AwsClientInput) (Client, error)

NewAwsClientWithInput creates an AWS client with input credentials

type FactoryOptions ¶

type FactoryOptions struct {
	Region     string
	Profile    string
	ConfigFile string

	RoleName    string
	SessionName string

	ConsoleDuration int64

	Credentials *sts.Credentials

	CallerIdentity *sts.GetCallerIdentityOutput
}

FactoryOptions defines the struct for running list account command

func (*FactoryOptions) AttachCobraCliFlags ¶

func (factory *FactoryOptions) AttachCobraCliFlags(cmd *cobra.Command)

AttachCobraCliFlags adds cobra cli flags to cobra command

func (*FactoryOptions) NewAwsClient ¶

func (factory *FactoryOptions) NewAwsClient() (Client, error)

NewAwsClient checks for presence and validity of account identifiers

func (*FactoryOptions) ValidateIdentifiers ¶

func (factory *FactoryOptions) ValidateIdentifiers() (bool, error)

ValidateIdentifiers checks for presence and validity of account identifiers

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
mock Package mock is a generated GoMock package.	Package mock is a generated GoMock package.

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL