aws

package
v1.0.9 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 15, 2021 License: Apache-2.0 Imports: 32 Imported by: 4

Documentation

Index

Constants

View Source 
const (
	AdminUserName        = "osdCcsAdmin"
	OsdCcsAdminStackName = "osdCcsAdminIAMUser"

	// Since CloudFormation stacks are region-dependent, we hard-code OCM's default region and
	// then use it to ensure that the user always gets the stack from the same region.
	DefaultRegion = "us-east-1"
)

Name of the AWS user that will be used to create all the resources of the cluster:

Variables

This section is empty.

Functions

func CheckStackReadyForCreateCluster added in v1.0.8 

func CheckStackReadyForCreateCluster(reporter *rprtr.Object, logger *logrus.Logger)

Validations will validate if CF stack/users exist

func GetRegion 

func GetRegion(region string) (string, error)

GetRegion will return a region selected by the user or given as a default to the AWS client. If the region given is empty, it will first attempt to use the default, and, failing that, will prompt for user input.

func GetServiceQuota 

func GetServiceQuota(serviceQuotas []*servicequotas.ServiceQuota,
	quotaCode string) (*servicequotas.ServiceQuota, error)

GetServiceQuota extract service quota for the list of service quotas

func ListServiceQuotas 

func ListServiceQuotas(client *awsClient, serviceCode string) ([]*servicequotas.ServiceQuota, error)

ListServiceQuotas list available quotas for service

Types

type AccessKey 

type AccessKey struct {
	AccessKeyID     string
	SecretAccessKey string
}

type Client 

type Client interface {
	CheckAdminUserNotExisting(userName string) (err error)
	CheckStackReadyOrNotExisting(stackName string) (stackReady bool, stackStatus *string, err error)
	GetIAMCredentials() (credentials.Value, error)
	GetRegion() string
	ValidateCredentials() (isValid bool, isSTS bool, err error)
	EnsureOsdCcsAdminUser(stackName string, adminUserName string, awsRegion string) (bool, error)
	DeleteOsdCcsAdminUser(stackName string) error
	GetAWSAccessKeys() (*AccessKey, error)
	GetCreator() (*Creator, error)
	ValidateSCP(*string) (bool, error)
	GetSubnetIDs() ([]*ec2.Subnet, error)
	ValidateQuota() (bool, error)
	TagUserRegion(username string, region string) error
	GetClusterRegionTagForUser(username string) (string, error)
}

Client defines a client interface

func GetAWSClientForUserRegion added in v1.0.8 

func GetAWSClientForUserRegion(reporter *rprtr.Object, logger *logrus.Logger) Client

* Currently user can rosa init using the region from their config or using --region When checking for cloud formation we need to check in the region used by the user

func New 

func New(
	logger *logrus.Logger,
	iamClient iamiface.IAMAPI,
	ec2Client ec2iface.EC2API,
	orgClient organizationsiface.OrganizationsAPI,
	stsClient stsiface.STSAPI,
	cfClient cloudformationiface.CloudFormationAPI,
	servicequotasClient servicequotasiface.ServiceQuotasAPI,
	awsSession *session.Session,
	awsAccessKeys *AccessKey,

) Client

type ClientBuilder 

type ClientBuilder struct {
	// contains filtered or unexported fields
}

ClientBuilder contains the information and logic needed to build a new AWS client.

func NewClient 

func NewClient() *ClientBuilder

NewClient creates a builder that can then be used to configure and build a new AWS client.

func (*ClientBuilder) AccessKeys 

func (b *ClientBuilder) AccessKeys(value *AccessKey) *ClientBuilder

func (*ClientBuilder) Build 

func (b *ClientBuilder) Build() (Client, error)

Build uses the information stored in the builder to build a new AWS client.

func (*ClientBuilder) BuildSessionWithOptions 

func (b *ClientBuilder) BuildSessionWithOptions() (*session.Session, error)

func (*ClientBuilder) BuildSessionWithOptionsCredentials 

func (b *ClientBuilder) BuildSessionWithOptionsCredentials(value *AccessKey) (*session.Session, error)

Create AWS session with a specific set of credentials

func (*ClientBuilder) Logger 

func (b *ClientBuilder) Logger(value *logrus.Logger) *ClientBuilder

Logger sets the logger that the AWS client will use to send messages to the log.

func (*ClientBuilder) Region 

func (b *ClientBuilder) Region(value string) *ClientBuilder

type Creator 

type Creator struct {
	ARN       string
	AccountID string
	IsSTS     bool
}

type PolicyDocument 

type PolicyDocument struct {
	Version   string            `json:"version,omitempty"`
	ID        string            `json:"id,omitempty"`
	Statement []PolicyStatement `json:"statement"`
}

PolicyDocument models an AWS IAM policy document

type PolicyStatement 

type PolicyStatement struct {
	Sid string `json:"sid,omitempty"`
	// Effect indicates if this policy statement is to Allow or Deny.
	Effect string `json:"effect"`
	// Action describes the particular AWS service actions that should be allowed or denied.
	// (i.e. ec2:StartInstances, iam:ChangePassword)
	Action []string `json:"action"`
	// Resource specifies the object(s) this statement should apply to. (or "*" for all)
	Resource interface{} `json:"resource"`
}

PolicyStatement models an AWS policy statement entry.

type SimulateParams 

type SimulateParams struct {
	Region string
}

SimulateParams captures any additional details that should be used when simulating permissions.

Source Files

View all Source files

Directories

Path Synopsis
Package mocks is a generated GoMock package.
 Package mocks is a generated GoMock package.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.