aws

package
v0.32.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jun 4, 2024 License: Apache-2.0 Imports: 32 Imported by: 0

Documentation

Index

Constants

View Source
const (
	ProxyConfigKey = "aws_proxy"
	NoProxyFlag    = "skip-aws-proxy-check"
)
View Source
const (
	PartitionID      = "aws"        // AWS Standard partition.
	UsGovPartitionID = "aws-us-gov" // AWS GovCloud (US) partition.
)

Variables

This section is empty.

Functions

func CheckIAMUserExists

func CheckIAMUserExists(awsClient Client, username *string) (bool, error)

func CreateIAMUserAndAttachPolicy

func CreateIAMUserAndAttachPolicy(awsClient Client, username, policyArn *string) error

func DeleteS3BucketsWithPrefix

func DeleteS3BucketsWithPrefix(awsClient Client, prefix string) error

DeleteS3BucketsWithPrefix Delete all S3 buckets with the specified prefix

func DeleteUserAccessKeys

func DeleteUserAccessKeys(awsClient Client, username *string) error

func GenerateRoleARN added in v0.13.0

func GenerateRoleARN(accountId, roleName string) string

func GetAssumeRoleCredentials

func GetAssumeRoleCredentials(awsClient Client, durationSeconds *int32, roleSessionName, roleArn *string) (*types.Credentials, error)

GetAssumeRoleCredentials gets the assume role credentials from AWS.

func GetAwsPartition added in v0.9.4

func GetAwsPartition(awsClient Client) (string, error)

GetAwsPartition uses sts GetCallerIdentity to determine the AWS partition we're in

func GetConsoleUrl added in v0.9.4

func GetConsoleUrl(partition string) (string, error)

GetConsoleUrl returns the default AWS Console base URL for a given partition

func GetFederationEndpointUrl added in v0.9.4

func GetFederationEndpointUrl(partition string) (string, error)

GetFederationEndpointUrl returns the default AWS Sign-In Federation endpoint for a given partition

func NewAwsConfig added in v0.18.0

func NewAwsConfig(profile, region, configFile string) (*aws.Config, error)

func RequestSignInToken

func RequestSignInToken(awsClient Client, durationSeconds *int32, sessionName, roleArn *string) (string, error)

RequestSignInToken makes an HTTP request to retrieve an AWS Sign-In Token via the AWS Federation endpoint

Types

type AwsClient

type AwsClient struct {
	// contains filtered or unexported fields
}

func (*AwsClient) AssumeRole

func (c *AwsClient) AssumeRole(input *sts.AssumeRoleInput) (*sts.AssumeRoleOutput, error)

func (*AwsClient) AttachRolePolicy

func (c *AwsClient) AttachRolePolicy(input *iam.AttachRolePolicyInput) (*iam.AttachRolePolicyOutput, error)

func (*AwsClient) AttachUserPolicy

func (c *AwsClient) AttachUserPolicy(input *iam.AttachUserPolicyInput) (*iam.AttachUserPolicyOutput, error)

func (*AwsClient) CreateAccessKey

func (c *AwsClient) CreateAccessKey(input *iam.CreateAccessKeyInput) (*iam.CreateAccessKeyOutput, error)

func (*AwsClient) CreateAccount added in v0.5.0

func (*AwsClient) CreatePolicy

func (c *AwsClient) CreatePolicy(input *iam.CreatePolicyInput) (*iam.CreatePolicyOutput, error)

func (*AwsClient) CreateUser

func (c *AwsClient) CreateUser(input *iam.CreateUserInput) (*iam.CreateUserOutput, error)

func (*AwsClient) DeleteAccessKey

func (c *AwsClient) DeleteAccessKey(input *iam.DeleteAccessKeyInput) (*iam.DeleteAccessKeyOutput, error)

func (*AwsClient) DeleteBucket

func (c *AwsClient) DeleteBucket(input *s3.DeleteBucketInput) (*s3.DeleteBucketOutput, error)

func (*AwsClient) DeleteLoginProfile added in v0.5.0

func (c *AwsClient) DeleteLoginProfile(input *iam.DeleteLoginProfileInput) (*iam.DeleteLoginProfileOutput, error)

func (*AwsClient) DeleteObjects

func (c *AwsClient) DeleteObjects(input *s3.DeleteObjectsInput) (*s3.DeleteObjectsOutput, error)

func (*AwsClient) DeletePolicy

func (c *AwsClient) DeletePolicy(input *iam.DeletePolicyInput) (*iam.DeletePolicyOutput, error)

func (*AwsClient) DeleteRole added in v0.5.0

func (c *AwsClient) DeleteRole(input *iam.DeleteRoleInput) (*iam.DeleteRoleOutput, error)

func (*AwsClient) DeleteSigningCertificate added in v0.5.0

func (c *AwsClient) DeleteSigningCertificate(input *iam.DeleteSigningCertificateInput) (*iam.DeleteSigningCertificateOutput, error)

func (*AwsClient) DeleteUser added in v0.5.0

func (c *AwsClient) DeleteUser(input *iam.DeleteUserInput) (*iam.DeleteUserOutput, error)

func (*AwsClient) DeleteUserPolicy added in v0.5.0

func (c *AwsClient) DeleteUserPolicy(input *iam.DeleteUserPolicyInput) (*iam.DeleteUserPolicyOutput, error)

func (*AwsClient) DescribeAccount added in v0.9.6

func (*AwsClient) DescribeCreateAccountStatus added in v0.5.0

func (*AwsClient) DescribeInstances added in v0.5.0

func (c *AwsClient) DescribeInstances(input *ec2.DescribeInstancesInput) (*ec2.DescribeInstancesOutput, error)

func (*AwsClient) DescribeLoadBalancers added in v0.18.0

func (*AwsClient) DescribeRouteTables added in v0.13.2

func (c *AwsClient) DescribeRouteTables(input *ec2.DescribeRouteTablesInput) (*ec2.DescribeRouteTablesOutput, error)

func (*AwsClient) DescribeSubnets added in v0.13.2

func (c *AwsClient) DescribeSubnets(input *ec2.DescribeSubnetsInput) (*ec2.DescribeSubnetsOutput, error)

func (*AwsClient) DescribeTags added in v0.18.0

func (*AwsClient) DescribeV2Tags added in v0.18.0

func (*AwsClient) DescribeVpcEndpointConnections added in v0.18.0

func (*AwsClient) DescribeVpcEndpointServices added in v0.18.0

func (c *AwsClient) DescribeVpcEndpointServices(input *ec2.DescribeVpcEndpointServicesInput) (*ec2.DescribeVpcEndpointServicesOutput, error)

func (*AwsClient) DescribeVpcEndpoints added in v0.18.0

func (c *AwsClient) DescribeVpcEndpoints(input *ec2.DescribeVpcEndpointsInput) (*ec2.DescribeVpcEndpointsOutput, error)

func (*AwsClient) DescribeVpcs added in v0.13.2

func (c *AwsClient) DescribeVpcs(input *ec2.DescribeVpcsInput) (*ec2.DescribeVpcsOutput, error)

func (*AwsClient) DetachRolePolicy

func (c *AwsClient) DetachRolePolicy(input *iam.DetachRolePolicyInput) (*iam.DetachRolePolicyOutput, error)

func (*AwsClient) DetachUserPolicy added in v0.5.0

func (c *AwsClient) DetachUserPolicy(input *iam.DetachUserPolicyInput) (*iam.DetachUserPolicyOutput, error)

func (*AwsClient) GetCallerIdentity

func (c *AwsClient) GetCallerIdentity(input *sts.GetCallerIdentityInput) (*sts.GetCallerIdentityOutput, error)

func (*AwsClient) GetCostAndUsage

func (*AwsClient) GetFederationToken

func (c *AwsClient) GetFederationToken(input *sts.GetFederationTokenInput) (*sts.GetFederationTokenOutput, error)

func (*AwsClient) GetResources added in v0.5.0

func (*AwsClient) GetUser

func (c *AwsClient) GetUser(input *iam.GetUserInput) (*iam.GetUserOutput, error)

func (*AwsClient) ListAccessKeys

func (c *AwsClient) ListAccessKeys(input *iam.ListAccessKeysInput) (*iam.ListAccessKeysOutput, error)

func (*AwsClient) ListAccounts added in v0.5.0

func (*AwsClient) ListAttachedRolePolicies

func (c *AwsClient) ListAttachedRolePolicies(input *iam.ListAttachedRolePoliciesInput) (*iam.ListAttachedRolePoliciesOutput, error)

func (*AwsClient) ListAttachedUserPolicies added in v0.5.0

func (c *AwsClient) ListAttachedUserPolicies(input *iam.ListAttachedUserPoliciesInput) (*iam.ListAttachedUserPoliciesOutput, error)

func (*AwsClient) ListBuckets

func (c *AwsClient) ListBuckets(input *s3.ListBucketsInput) (*s3.ListBucketsOutput, error)

func (*AwsClient) ListChildren added in v0.13.5

func (*AwsClient) ListGroupsForUser added in v0.5.0

func (c *AwsClient) ListGroupsForUser(input *iam.ListGroupsForUserInput) (*iam.ListGroupsForUserOutput, error)

func (*AwsClient) ListHostedZones added in v0.18.0

func (*AwsClient) ListObjects

func (c *AwsClient) ListObjects(input *s3.ListObjectsInput) (*s3.ListObjectsOutput, error)

func (*AwsClient) ListParents added in v0.6.0

func (*AwsClient) ListPolicies added in v0.8.0

func (c *AwsClient) ListPolicies(input *iam.ListPoliciesInput) (*iam.ListPoliciesOutput, error)

func (*AwsClient) ListResourceRecordSets added in v0.18.0

func (*AwsClient) ListRoles added in v0.5.0

func (c *AwsClient) ListRoles(input *iam.ListRolesInput) (*iam.ListRolesOutput, error)

func (*AwsClient) ListRoots added in v0.6.0

func (*AwsClient) ListSigningCertificates added in v0.5.0

func (c *AwsClient) ListSigningCertificates(input *iam.ListSigningCertificatesInput) (*iam.ListSigningCertificatesOutput, error)

func (*AwsClient) ListTagsForResource added in v0.5.0

func (*AwsClient) ListUserPolicies added in v0.5.0

func (c *AwsClient) ListUserPolicies(input *iam.ListUserPoliciesInput) (*iam.ListUserPoliciesOutput, error)

func (*AwsClient) ListUsers

func (c *AwsClient) ListUsers(input *iam.ListUsersInput) (*iam.ListUsersOutput, error)

func (*AwsClient) LookupEvents added in v0.13.0

func (*AwsClient) ModifyInstanceAttribute added in v0.13.0

func (c *AwsClient) ModifyInstanceAttribute(input *ec2.ModifyInstanceAttributeInput) (*ec2.ModifyInstanceAttributeOutput, error)

func (*AwsClient) MoveAccount added in v0.5.0

func (*AwsClient) RemoveUserFromGroup added in v0.5.0

func (c *AwsClient) RemoveUserFromGroup(input *iam.RemoveUserFromGroupInput) (*iam.RemoveUserFromGroupOutput, error)

func (*AwsClient) StartInstances added in v0.13.0

func (c *AwsClient) StartInstances(input *ec2.StartInstancesInput) (*ec2.StartInstancesOutput, error)

func (*AwsClient) StopInstances added in v0.13.0

func (c *AwsClient) StopInstances(input *ec2.StopInstancesInput) (*ec2.StopInstancesOutput, error)

func (*AwsClient) TagResource added in v0.5.0

func (*AwsClient) UntagResource added in v0.5.0

type Client

type Client interface {
	// sts
	AssumeRole(*sts.AssumeRoleInput) (*sts.AssumeRoleOutput, error)
	GetCallerIdentity(*sts.GetCallerIdentityInput) (*sts.GetCallerIdentityOutput, error)
	GetFederationToken(*sts.GetFederationTokenInput) (*sts.GetFederationTokenOutput, error)

	// S3
	ListBuckets(*s3.ListBucketsInput) (*s3.ListBucketsOutput, error)
	DeleteBucket(*s3.DeleteBucketInput) (*s3.DeleteBucketOutput, error)
	ListObjects(*s3.ListObjectsInput) (*s3.ListObjectsOutput, error)
	DeleteObjects(*s3.DeleteObjectsInput) (*s3.DeleteObjectsOutput, error)

	//iam
	CreateAccessKey(*iam.CreateAccessKeyInput) (*iam.CreateAccessKeyOutput, error)
	DeleteAccessKey(*iam.DeleteAccessKeyInput) (*iam.DeleteAccessKeyOutput, error)
	ListAccessKeys(*iam.ListAccessKeysInput) (*iam.ListAccessKeysOutput, error)
	GetUser(*iam.GetUserInput) (*iam.GetUserOutput, error)
	CreateUser(*iam.CreateUserInput) (*iam.CreateUserOutput, error)
	ListUsers(*iam.ListUsersInput) (*iam.ListUsersOutput, error)
	AttachUserPolicy(*iam.AttachUserPolicyInput) (*iam.AttachUserPolicyOutput, error)
	CreatePolicy(*iam.CreatePolicyInput) (*iam.CreatePolicyOutput, error)
	DeletePolicy(*iam.DeletePolicyInput) (*iam.DeletePolicyOutput, error)
	AttachRolePolicy(*iam.AttachRolePolicyInput) (*iam.AttachRolePolicyOutput, error)
	DetachRolePolicy(*iam.DetachRolePolicyInput) (*iam.DetachRolePolicyOutput, error)
	ListAttachedRolePolicies(*iam.ListAttachedRolePoliciesInput) (*iam.ListAttachedRolePoliciesOutput, error)
	DeleteLoginProfile(*iam.DeleteLoginProfileInput) (*iam.DeleteLoginProfileOutput, error)
	ListSigningCertificates(*iam.ListSigningCertificatesInput) (*iam.ListSigningCertificatesOutput, error)
	DeleteSigningCertificate(*iam.DeleteSigningCertificateInput) (*iam.DeleteSigningCertificateOutput, error)
	ListUserPolicies(*iam.ListUserPoliciesInput) (*iam.ListUserPoliciesOutput, error)
	ListPolicies(*iam.ListPoliciesInput) (*iam.ListPoliciesOutput, error)
	DeleteUserPolicy(*iam.DeleteUserPolicyInput) (*iam.DeleteUserPolicyOutput, error)
	ListAttachedUserPolicies(*iam.ListAttachedUserPoliciesInput) (*iam.ListAttachedUserPoliciesOutput, error)
	DetachUserPolicy(*iam.DetachUserPolicyInput) (*iam.DetachUserPolicyOutput, error)
	ListGroupsForUser(*iam.ListGroupsForUserInput) (*iam.ListGroupsForUserOutput, error)
	RemoveUserFromGroup(*iam.RemoveUserFromGroupInput) (*iam.RemoveUserFromGroupOutput, error)
	ListRoles(*iam.ListRolesInput) (*iam.ListRolesOutput, error)
	DeleteRole(*iam.DeleteRoleInput) (*iam.DeleteRoleOutput, error)
	DeleteUser(*iam.DeleteUserInput) (*iam.DeleteUserOutput, error)

	//ec2
	DescribeInstances(*ec2.DescribeInstancesInput) (*ec2.DescribeInstancesOutput, error)
	DescribeRouteTables(*ec2.DescribeRouteTablesInput) (*ec2.DescribeRouteTablesOutput, error)
	DescribeSubnets(*ec2.DescribeSubnetsInput) (*ec2.DescribeSubnetsOutput, error)
	DescribeVpcs(*ec2.DescribeVpcsInput) (*ec2.DescribeVpcsOutput, error)
	DescribeVpcEndpoints(*ec2.DescribeVpcEndpointsInput) (*ec2.DescribeVpcEndpointsOutput, error)
	DescribeVpcEndpointConnections(*ec2.DescribeVpcEndpointConnectionsInput) (*ec2.DescribeVpcEndpointConnectionsOutput, error)
	DescribeVpcEndpointServices(*ec2.DescribeVpcEndpointServicesInput) (*ec2.DescribeVpcEndpointServicesOutput, error)

	// Service Quotas
	ListServiceQuotas(*servicequotas.ListServiceQuotasInput) (*servicequotas.ListServiceQuotasOutput, error)
	RequestServiceQuotaIncrease(*servicequotas.RequestServiceQuotaIncreaseInput) (*servicequotas.RequestServiceQuotaIncreaseOutput, error)

	// Organizations
	CreateAccount(input *organizations.CreateAccountInput) (*organizations.CreateAccountOutput, error)
	DescribeCreateAccountStatus(input *organizations.DescribeCreateAccountStatusInput) (*organizations.DescribeCreateAccountStatusOutput, error)
	ListAccounts(input *organizations.ListAccountsInput) (*organizations.ListAccountsOutput, error)
	ListParents(input *organizations.ListParentsInput) (*organizations.ListParentsOutput, error)
	ListChildren(input *organizations.ListChildrenInput) (*organizations.ListChildrenOutput, error)
	ListRoots(input *organizations.ListRootsInput) (*organizations.ListRootsOutput, error)
	ListAccountsForParent(input *organizations.ListAccountsForParentInput) (*organizations.ListAccountsForParentOutput, error)
	ListOrganizationalUnitsForParent(input *organizations.ListOrganizationalUnitsForParentInput) (*organizations.ListOrganizationalUnitsForParentOutput, error)
	DescribeOrganizationalUnit(input *organizations.DescribeOrganizationalUnitInput) (*organizations.DescribeOrganizationalUnitOutput, error)
	TagResource(input *organizations.TagResourceInput) (*organizations.TagResourceOutput, error)
	UntagResource(input *organizations.UntagResourceInput) (*organizations.UntagResourceOutput, error)
	ListTagsForResource(input *organizations.ListTagsForResourceInput) (*organizations.ListTagsForResourceOutput, error)
	MoveAccount(input *organizations.MoveAccountInput) (*organizations.MoveAccountOutput, error)
	DescribeAccount(input *organizations.DescribeAccountInput) (*organizations.DescribeAccountOutput, error)

	// Resources
	GetResources(input *resourcegroupstaggingapi.GetResourcesInput) (*resourcegroupstaggingapi.GetResourcesOutput, error)

	// Cost Explorer
	GetCostAndUsage(input *costexplorer.GetCostAndUsageInput) (*costexplorer.GetCostAndUsageOutput, error)
	CreateCostCategoryDefinition(input *costexplorer.CreateCostCategoryDefinitionInput) (*costexplorer.CreateCostCategoryDefinitionOutput, error)
	ListCostCategoryDefinitions(input *costexplorer.ListCostCategoryDefinitionsInput) (*costexplorer.ListCostCategoryDefinitionsOutput, error)

	// Cloudtrail
	LookupEvents(input *cloudtrail.LookupEventsInput) (*cloudtrail.LookupEventsOutput, error)

	// Route53
	ListHostedZones(input *route53.ListHostedZonesInput) (*route53.ListHostedZonesOutput, error)
	ListResourceRecordSets(input *route53.ListResourceRecordSetsInput) (*route53.ListResourceRecordSetsOutput, error)

	// ELB
	DescribeLoadBalancers(input *elasticloadbalancing.DescribeLoadBalancersInput) (*elasticloadbalancing.DescribeLoadBalancersOutput, error)
	DescribeTags(input *elasticloadbalancing.DescribeTagsInput) (*elasticloadbalancing.DescribeTagsOutput, error)
	DescribeV2LoadBalancers(input *elasticloadbalancingv2.DescribeLoadBalancersInput) (*elasticloadbalancingv2.DescribeLoadBalancersOutput, error)
	DescribeV2Tags(input *elasticloadbalancingv2.DescribeTagsInput) (*elasticloadbalancingv2.DescribeTagsOutput, error)
}

TODO: Add more methods when needed

func NewAwsClient

func NewAwsClient(profile, region, configFile string) (Client, error)

NewAwsClient creates an AWS client with credentials in the environment

func NewAwsClientWithInput

func NewAwsClientWithInput(input *ClientInput) (Client, error)

NewAwsClientWithInput creates an AWS client with input credentials

type ClientInput added in v0.18.0

type ClientInput struct {
	AccessKeyID     string
	SecretAccessKey string
	SessionToken    string
	Region          string
}

ClientInput input for new aws client

Directories

Path Synopsis
Package mock is a generated GoMock package.
Package mock is a generated GoMock package.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL