Documentation ¶
Overview ¶
Code generated by MockGen. DO NOT EDIT. Source: client.go
Generated by this command:
mockgen -source=client.go -package=aws -destination=client_mock.go
Package aws is a generated GoMock package.
Index ¶
- Constants
- Variables
- func ARNPathValidator(input interface{}) error
- func ARNValidator(input interface{}) error
- func BuildOperatorRoleCommands(prefix string, partition string, accountID string, awsClient Client, ...) []string
- func BuildOperatorRolePolicies(prefix string, accountID string, partition string, awsClient Client, ...) []string
- func ComputeOperatorRoleArn(prefix string, operator *cmv1.STSOperator, creator *Creator, path string) string
- func Ec2ResourceHasTag(tags []ec2types.Tag, tagName, tagValue string) bool
- func FindOperatorRoleBySTSOperator(operatorRoles []*cmv1.OperatorIAMRole, operator *cmv1.STSOperator) string
- func FindOperatorRoleNameBySTSOperator(cluster *cmv1.Cluster, operator *cmv1.STSOperator) (string, bool)
- func GenerateAccountRolePolicyFiles(reporter *rprtr.Object, env string, policies map[string]*cmv1.AWSSTSPolicy, ...) error
- func GenerateAddonPolicyDoc(partition string, cluster *cmv1.Cluster, accountID string, ...) (string, error)
- func GenerateOperatorRolePolicyDoc(partition string, cluster *cmv1.Cluster, accountID string, ...) (string, error)
- func GenerateOperatorRolePolicyDocByOidcEndpointUrl(partition string, oidcEndpointURL string, accountID string, ...) (string, error)
- func GenerateOperatorRolePolicyFiles(reporter *rprtr.Object, policies map[string]*cmv1.AWSSTSPolicy, ...) error
- func GenerateRolePolicyDoc(partition, oidcEndpointUrl, accountID, serviceAccounts, policyDetails string) (string, error)
- func GetAccountRoleName(cluster *cmv1.Cluster, accountRole string) (string, error)
- func GetAccountRolePolicyKeys(roleType string) []string
- func GetAccountRolesArnsMap(cluster *cmv1.Cluster) map[string]string
- func GetAdminPolicyARN(partition string, accountID string, name string, path string) string
- func GetAdminPolicyName(name string) string
- func GetFormattedFileName(filename string) string
- func GetHcpAccountRolePolicyKeys(roleType string) []string
- func GetInstallerAccountRoleName(cluster *cmv1.Cluster) (string, error)
- func GetJumpAccount(env string) string
- func GetManagedPolicyARN(policies map[string]*cmv1.AWSSTSPolicy, key string) (string, error)
- func GetOCMRoleName(prefix string, role string, postfix string) string
- func GetOIDCProviderARN(partition string, accountID string, providerURL string) string
- func GetOperatorPolicyARN(partition string, accountID string, prefix string, namespace string, ...) string
- func GetOperatorPolicyKey(roleType string, hostedCP bool, sharedVpc bool) string
- func GetOperatorPolicyName(prefix string, namespace string, name string) string
- func GetOperatorRolePolicyPrefixFromCluster(cluster *cmv1.Cluster, awsClient Client) (string, error)
- func GetPathFromARN(arnStr string) (string, error)
- func GetPathFromAccountRole(cluster *cmv1.Cluster, roleNameSuffix string) (string, error)
- func GetPolicyArn(partition string, accountID string, name string, path string) string
- func GetPolicyArnWithSuffix(partition string, accountID string, name string, path string) string
- func GetPolicyDetails(policies map[string]*cmv1.AWSSTSPolicy, key string) string
- func GetPolicyName(name string) string
- func GetPrefixFromAccountRole(cluster *cmv1.Cluster, roleNameSuffix string) (string, error)
- func GetPrefixFromInstallerAccountRole(cluster *cmv1.Cluster) (string, error)
- func GetPrefixFromOperatorRole(cluster *cmv1.Cluster) string
- func GetRegion(region string) (string, error)
- func GetResourceIdFromARN(stringARN string) (string, error)
- func GetResourceIdFromOidcProviderARN(stringARN string) (string, error)
- func GetResourceIdFromSecretArn(secretArn string) (string, error)
- func GetRoleARN(accountID string, name string, path string, partition string) string
- func GetServiceQuota(serviceQuotas []servicequotastypes.ServiceQuota, quotaCode string) (servicequotastypes.ServiceQuota, error)
- func GetTagValues(tagsValue []iamtypes.Tag) (roleType string, version string)
- func GetTagsDelimiter(tags []string) string
- func GetUserRoleName(prefix string, role string, userName string) string
- func HasDuplicates(valSlice []string) (string, bool)
- func InterpolatePolicyDocument(partition string, doc string, replacements map[string]string) string
- func IsHostedCP(cluster *cmv1.Cluster) bool
- func IsHostedCPManagedPolicies(cluster *cmv1.Cluster) bool
- func IsOCMRole(roleName *string) bool
- func IsStandardNamedAccountRole(accountRoleName, roleSuffix string) (bool, string)
- func ListServiceQuotas(client *awsClient, serviceCode string) ([]servicequotastypes.ServiceQuota, error)
- func MockOidcConfig(id string, issuerUrl string) (*cmv1.OidcConfig, error)
- func ParseOption(option string) string
- func SecretManagerArnValidator(input interface{}) error
- func SetSecurityGroupOption(securityGroup ec2types.SecurityGroup) string
- func SetSubnetOption(subnet ec2types.Subnet) string
- func SortRolesByLinkedRole(roles []Role)
- func TrimRoleSuffix(orig, sufix string) string
- func UpgradeOperatorPolicies(reporter *rprtr.Object, awsClient Client, partition string, accountID string, ...) error
- func UpgradeOperatorRolePolicies(reporter *rprtr.Object, awsClient Client, partition string, accountID string, ...) error
- func UserNoProxyDuplicateValidator(input interface{}) error
- func UserNoProxyValidator(input interface{}) error
- func UserTagDuplicateValidator(input interface{}) error
- func UserTagValidator(input interface{}) error
- type AccessKey
- type AccessKeyGetter
- type AccountRole
- type Client
- type ClientBuilder
- func (b *ClientBuilder) AccessKeys(value *AccessKey) *ClientBuilder
- func (b *ClientBuilder) Build() (Client, error)
- func (b *ClientBuilder) BuildSession() (aws.Config, error)
- func (b *ClientBuilder) BuildSessionWithOptions(logLevel aws.ClientLogMode) (aws.Config, error)
- func (b *ClientBuilder) BuildSessionWithOptionsCredentials(value *AccessKey, logLevel aws.ClientLogMode) (aws.Config, error)
- func (b *ClientBuilder) Logger(value *logrus.Logger) *ClientBuilder
- func (b *ClientBuilder) Region(value string) *ClientBuilder
- func (b *ClientBuilder) UseLocalCredentials(value bool) *ClientBuilder
- type Creator
- type MockAccessKeyGetter
- type MockAccessKeyGetterMockRecorder
- type MockClient
- func (m *MockClient) AddRoleTag(roleName, key, value string) error
- func (m *MockClient) AttachRolePolicy(reporter *reporter.Object, roleName, policyARN string) error
- func (m *MockClient) CheckAdminUserExists(userName string) error
- func (m *MockClient) CheckAdminUserNotExisting(userName string) error
- func (m *MockClient) CheckRoleExists(roleName string) (bool, string, error)
- func (m *MockClient) CheckStackReadyOrNotExisting(stackName string) (bool, *string, error)
- func (m *MockClient) CreateOpenIDConnectProvider(issuerURL, thumbprint, clusterID string) (string, error)
- func (m *MockClient) CreateS3Bucket(bucketName, region string) error
- func (m *MockClient) CreateSecretInSecretsManager(name, secret string) (string, error)
- func (m *MockClient) DeleteAccountRole(roleName, prefix string, managedPolicies, deleteHcpSharedVpcPolicies bool) error
- func (m *MockClient) DeleteInlineRolePolicies(roleName string) error
- func (m *MockClient) DeleteOCMRole(roleARN string, managedPolicies bool) error
- func (m *MockClient) DeleteOpenIDConnectProvider(providerURL string) error
- func (m *MockClient) DeleteOperatorRole(roles string, managedPolicies, deleteHcpSharedVpcPolicies bool) (map[string]bool, error)
- func (m *MockClient) DeleteOsdCcsAdminUser(stackName string) error
- func (m *MockClient) DeleteS3Bucket(bucketName string) error
- func (m *MockClient) DeleteSecretInSecretsManager(secretArn string) error
- func (m *MockClient) DeleteUserRole(roleName string) error
- func (m *MockClient) DescribeAvailabilityZones() ([]string, error)
- func (m *MockClient) DetachRolePolicies(roleName string) error
- func (m *MockClient) DetachRolePolicy(policyArn, roleName string) error
- func (m *MockClient) EXPECT() *MockClientMockRecorder
- func (m *MockClient) EnsureOsdCcsAdminUser(stackName, adminUserName, awsRegion string) (bool, error)
- func (m *MockClient) EnsurePolicy(policyArn, document, version string, tagList map[string]string, path string) (string, error)
- func (m *MockClient) EnsureRole(reporter *reporter.Object, name, policy, permissionsBoundary, version string, ...) (string, error)
- func (m *MockClient) FetchPublicSubnetMap(subnets []types.Subnet) (map[string]bool, error)
- func (m *MockClient) FilterVPCsPrivateSubnets(subnets []types.Subnet) ([]types.Subnet, error)
- func (m *MockClient) FindPolicyARN(operator Operator, version string) (string, error)
- func (m *MockClient) FindRoleARNs(roleType, version string) ([]string, error)
- func (m *MockClient) FindRoleARNsClassic(roleType, version string) ([]string, error)
- func (m *MockClient) FindRoleARNsHostedCp(roleType, version string) ([]string, error)
- func (m *MockClient) ForceEnsurePolicy(policyArn, document, version string, tagList map[string]string, path string) (string, error)
- func (m *MockClient) GetAWSAccessKeys() (*AccessKey, error)
- func (m *MockClient) GetAccountRoleARN(prefix, roleType string) (string, error)
- func (m *MockClient) GetAccountRoleByArn(roleArn string) (Role, error)
- func (m *MockClient) GetAccountRoleDefaultPolicy(roleName, prefix string) (string, error)
- func (m *MockClient) GetAccountRoleForCurrentEnv(env, roleName string) (Role, error)
- func (m *MockClient) GetAccountRoleForCurrentEnvWithPrefix(env, rolePrefix string, accountRolesMap map[string]AccountRole) ([]Role, error)
- func (m *MockClient) GetAccountRolePolicies(roles []string, prefix string) (map[string][]PolicyDetail, map[string][]PolicyDetail, error)
- func (m *MockClient) GetAccountRoleVersion(roleName string) (string, error)
- func (m *MockClient) GetAccountRolesForCurrentEnv(env, accountID string) ([]Role, error)
- func (m *MockClient) GetAttachedPolicy(role *string) ([]PolicyDetail, error)
- func (m *MockClient) GetAvailabilityZoneType(availabilityZoneName string) (string, error)
- func (m *MockClient) GetClusterRegionTagForUser(username string) (string, error)
- func (m *MockClient) GetCreator() (*Creator, error)
- func (m *MockClient) GetDefaultPolicyDocument(policyArn string) (string, error)
- func (m *MockClient) GetIAMCredentials() (aws.Credentials, error)
- func (m *MockClient) GetIAMServiceQuota(quotaCode string) (*servicequotas.GetServiceQuotaOutput, error)
- func (m *MockClient) GetInstanceProfilesForRole(role string) ([]string, error)
- func (m *MockClient) GetLocalAWSAccessKeys() (*AccessKey, error)
- func (m *MockClient) GetOpenIDConnectProviderByClusterIdTag(clusterID string) (string, error)
- func (m *MockClient) GetOpenIDConnectProviderByOidcEndpointUrl(oidcEndpointUrl string) (string, error)
- func (m *MockClient) GetOperatorRoleDefaultPolicy(roleName string) (string, error)
- func (m *MockClient) GetOperatorRolePolicies(roles []string) (map[string][]string, map[string][]string, error)
- func (m *MockClient) GetOperatorRolesFromAccountByClusterID(clusterID string, credRequests map[string]*v1.STSOperator) ([]string, error)
- func (m *MockClient) GetOperatorRolesFromAccountByPrefix(prefix string, credRequest map[string]*v1.STSOperator) ([]string, error)
- func (m *MockClient) GetPolicyDetailsFromRole(role *string) ([]*iam.GetPolicyOutput, error)
- func (m *MockClient) GetRegion() string
- func (m *MockClient) GetRoleARNPath(prefix string) (string, error)
- func (m *MockClient) GetRoleByARN(roleARN string) (types0.Role, error)
- func (m *MockClient) GetRoleByName(roleName string) (types0.Role, error)
- func (m *MockClient) GetSecurityGroupIds(vpcId string) ([]types.SecurityGroup, error)
- func (m *MockClient) GetSubnetAvailabilityZone(subnetID string) (string, error)
- func (m *MockClient) GetVPCPrivateSubnets(subnetID string) ([]types.Subnet, error)
- func (m *MockClient) GetVPCSubnets(subnetID string) ([]types.Subnet, error)
- func (m *MockClient) HasHostedCPPolicies(roleARN string) (bool, error)
- func (m *MockClient) HasManagedPolicies(roleARN string) (bool, error)
- func (m *MockClient) HasOpenIDConnectProvider(issuerURL, partition, accountID string) (bool, error)
- func (m *MockClient) HasPermissionsBoundary(roleName string) (bool, error)
- func (m *MockClient) IsAdminRole(roleName string) (bool, error)
- func (m *MockClient) IsLocalAvailabilityZone(availabilityZoneName string) (bool, error)
- func (m *MockClient) IsPolicyCompatible(policyArn, version string) (bool, error)
- func (m *MockClient) IsPolicyExists(policyARN string) (*iam.GetPolicyOutput, error)
- func (m *MockClient) IsRolePolicyExists(roleName, policyName string) (*iam.GetRolePolicyOutput, error)
- func (m *MockClient) IsUpgradedNeededForAccountRolePolicies(rolePrefix, version string) (bool, error)
- func (m *MockClient) IsUpgradedNeededForAccountRolePoliciesUsingCluster(clusterID *v1.Cluster, version string) (bool, error)
- func (m *MockClient) IsUpgradedNeededForOperatorRolePoliciesUsingCluster(cluster *v1.Cluster, partition, accountID, version string, ...) (bool, error)
- func (m *MockClient) IsUpgradedNeededForOperatorRolePoliciesUsingPrefix(rolePrefix, partition, accountID, version string, ...) (bool, error)
- func (m *MockClient) IsUserRole(roleName *string) (bool, error)
- func (m *MockClient) ListAccountRoles(version string) ([]Role, error)
- func (m *MockClient) ListAttachedRolePolicies(roleName string) ([]string, error)
- func (m *MockClient) ListOCMRoles() ([]Role, error)
- func (m *MockClient) ListOidcProviders(targetClusterId string, config *v1.OidcConfig) ([]OidcProviderOutput, error)
- func (m *MockClient) ListOperatorRoles(version, clusterID, prefix string) (map[string][]OperatorRoleDetail, error)
- func (m *MockClient) ListPolicyVersions(policyArn string) ([]PolicyVersion, error)
- func (m *MockClient) ListSubnets(subnetIds ...string) ([]types.Subnet, error)
- func (m *MockClient) ListUserRoles() ([]Role, error)
- func (m *MockClient) PutPublicReadObjectInS3Bucket(bucketName string, body io.ReadSeeker, key string) error
- func (m *MockClient) PutRolePolicy(roleName, policyName, policy string) error
- func (m *MockClient) TagUserRegion(username, region string) error
- func (m *MockClient) UpdateTag(roleName, defaultPolicyVersion string) error
- func (m *MockClient) ValidateAccountRoleVersionCompatibility(roleName, roleType, minVersion string) (bool, error)
- func (m *MockClient) ValidateAccountRolesManagedPolicies(prefix string, policies map[string]*v1.AWSSTSPolicy) error
- func (m *MockClient) ValidateCredentials() (bool, error)
- func (m *MockClient) ValidateHCPAccountRolesManagedPolicies(prefix string, policies map[string]*v1.AWSSTSPolicy) error
- func (m *MockClient) ValidateOperatorRolesManagedPolicies(cluster *v1.Cluster, operatorRoles map[string]*v1.STSOperator, ...) error
- func (m *MockClient) ValidateQuota() (bool, error)
- func (m *MockClient) ValidateRoleARNAccountIDMatchCallerAccountID(roleARN string) error
- func (m *MockClient) ValidateRoleNameAvailable(name string) error
- func (m *MockClient) ValidateSCP(arg0 *string, arg1 map[string]*v1.AWSSTSPolicy) (bool, error)
- type MockClientMockRecorder
- func (mr *MockClientMockRecorder) AddRoleTag(roleName, key, value any) *gomock.Call
- func (mr *MockClientMockRecorder) AttachRolePolicy(reporter, roleName, policyARN any) *gomock.Call
- func (mr *MockClientMockRecorder) CheckAdminUserExists(userName any) *gomock.Call
- func (mr *MockClientMockRecorder) CheckAdminUserNotExisting(userName any) *gomock.Call
- func (mr *MockClientMockRecorder) CheckRoleExists(roleName any) *gomock.Call
- func (mr *MockClientMockRecorder) CheckStackReadyOrNotExisting(stackName any) *gomock.Call
- func (mr *MockClientMockRecorder) CreateOpenIDConnectProvider(issuerURL, thumbprint, clusterID any) *gomock.Call
- func (mr *MockClientMockRecorder) CreateS3Bucket(bucketName, region any) *gomock.Call
- func (mr *MockClientMockRecorder) CreateSecretInSecretsManager(name, secret any) *gomock.Call
- func (mr *MockClientMockRecorder) DeleteAccountRole(roleName, prefix, managedPolicies, deleteHcpSharedVpcPolicies any) *gomock.Call
- func (mr *MockClientMockRecorder) DeleteInlineRolePolicies(roleName any) *gomock.Call
- func (mr *MockClientMockRecorder) DeleteOCMRole(roleARN, managedPolicies any) *gomock.Call
- func (mr *MockClientMockRecorder) DeleteOpenIDConnectProvider(providerURL any) *gomock.Call
- func (mr *MockClientMockRecorder) DeleteOperatorRole(roles, managedPolicies, deleteHcpSharedVpcPolicies any) *gomock.Call
- func (mr *MockClientMockRecorder) DeleteOsdCcsAdminUser(stackName any) *gomock.Call
- func (mr *MockClientMockRecorder) DeleteS3Bucket(bucketName any) *gomock.Call
- func (mr *MockClientMockRecorder) DeleteSecretInSecretsManager(secretArn any) *gomock.Call
- func (mr *MockClientMockRecorder) DeleteUserRole(roleName any) *gomock.Call
- func (mr *MockClientMockRecorder) DescribeAvailabilityZones() *gomock.Call
- func (mr *MockClientMockRecorder) DetachRolePolicies(roleName any) *gomock.Call
- func (mr *MockClientMockRecorder) DetachRolePolicy(policyArn, roleName any) *gomock.Call
- func (mr *MockClientMockRecorder) EnsureOsdCcsAdminUser(stackName, adminUserName, awsRegion any) *gomock.Call
- func (mr *MockClientMockRecorder) EnsurePolicy(policyArn, document, version, tagList, path any) *gomock.Call
- func (mr *MockClientMockRecorder) EnsureRole(reporter, name, policy, permissionsBoundary, version, tagList, path, ... any) *gomock.Call
- func (mr *MockClientMockRecorder) FetchPublicSubnetMap(subnets any) *gomock.Call
- func (mr *MockClientMockRecorder) FilterVPCsPrivateSubnets(subnets any) *gomock.Call
- func (mr *MockClientMockRecorder) FindPolicyARN(operator, version any) *gomock.Call
- func (mr *MockClientMockRecorder) FindRoleARNs(roleType, version any) *gomock.Call
- func (mr *MockClientMockRecorder) FindRoleARNsClassic(roleType, version any) *gomock.Call
- func (mr *MockClientMockRecorder) FindRoleARNsHostedCp(roleType, version any) *gomock.Call
- func (mr *MockClientMockRecorder) ForceEnsurePolicy(policyArn, document, version, tagList, path any) *gomock.Call
- func (mr *MockClientMockRecorder) GetAWSAccessKeys() *gomock.Call
- func (mr *MockClientMockRecorder) GetAccountRoleARN(prefix, roleType any) *gomock.Call
- func (mr *MockClientMockRecorder) GetAccountRoleByArn(roleArn any) *gomock.Call
- func (mr *MockClientMockRecorder) GetAccountRoleDefaultPolicy(roleName, prefix any) *gomock.Call
- func (mr *MockClientMockRecorder) GetAccountRoleForCurrentEnv(env, roleName any) *gomock.Call
- func (mr *MockClientMockRecorder) GetAccountRoleForCurrentEnvWithPrefix(env, rolePrefix, accountRolesMap any) *gomock.Call
- func (mr *MockClientMockRecorder) GetAccountRolePolicies(roles, prefix any) *gomock.Call
- func (mr *MockClientMockRecorder) GetAccountRoleVersion(roleName any) *gomock.Call
- func (mr *MockClientMockRecorder) GetAccountRolesForCurrentEnv(env, accountID any) *gomock.Call
- func (mr *MockClientMockRecorder) GetAttachedPolicy(role any) *gomock.Call
- func (mr *MockClientMockRecorder) GetAvailabilityZoneType(availabilityZoneName any) *gomock.Call
- func (mr *MockClientMockRecorder) GetClusterRegionTagForUser(username any) *gomock.Call
- func (mr *MockClientMockRecorder) GetCreator() *gomock.Call
- func (mr *MockClientMockRecorder) GetDefaultPolicyDocument(policyArn any) *gomock.Call
- func (mr *MockClientMockRecorder) GetIAMCredentials() *gomock.Call
- func (mr *MockClientMockRecorder) GetIAMServiceQuota(quotaCode any) *gomock.Call
- func (mr *MockClientMockRecorder) GetInstanceProfilesForRole(role any) *gomock.Call
- func (mr *MockClientMockRecorder) GetLocalAWSAccessKeys() *gomock.Call
- func (mr *MockClientMockRecorder) GetOpenIDConnectProviderByClusterIdTag(clusterID any) *gomock.Call
- func (mr *MockClientMockRecorder) GetOpenIDConnectProviderByOidcEndpointUrl(oidcEndpointUrl any) *gomock.Call
- func (mr *MockClientMockRecorder) GetOperatorRoleDefaultPolicy(roleName any) *gomock.Call
- func (mr *MockClientMockRecorder) GetOperatorRolePolicies(roles any) *gomock.Call
- func (mr *MockClientMockRecorder) GetOperatorRolesFromAccountByClusterID(clusterID, credRequests any) *gomock.Call
- func (mr *MockClientMockRecorder) GetOperatorRolesFromAccountByPrefix(prefix, credRequest any) *gomock.Call
- func (mr *MockClientMockRecorder) GetPolicyDetailsFromRole(role any) *gomock.Call
- func (mr *MockClientMockRecorder) GetRegion() *gomock.Call
- func (mr *MockClientMockRecorder) GetRoleARNPath(prefix any) *gomock.Call
- func (mr *MockClientMockRecorder) GetRoleByARN(roleARN any) *gomock.Call
- func (mr *MockClientMockRecorder) GetRoleByName(roleName any) *gomock.Call
- func (mr *MockClientMockRecorder) GetSecurityGroupIds(vpcId any) *gomock.Call
- func (mr *MockClientMockRecorder) GetSubnetAvailabilityZone(subnetID any) *gomock.Call
- func (mr *MockClientMockRecorder) GetVPCPrivateSubnets(subnetID any) *gomock.Call
- func (mr *MockClientMockRecorder) GetVPCSubnets(subnetID any) *gomock.Call
- func (mr *MockClientMockRecorder) HasHostedCPPolicies(roleARN any) *gomock.Call
- func (mr *MockClientMockRecorder) HasManagedPolicies(roleARN any) *gomock.Call
- func (mr *MockClientMockRecorder) HasOpenIDConnectProvider(issuerURL, partition, accountID any) *gomock.Call
- func (mr *MockClientMockRecorder) HasPermissionsBoundary(roleName any) *gomock.Call
- func (mr *MockClientMockRecorder) IsAdminRole(roleName any) *gomock.Call
- func (mr *MockClientMockRecorder) IsLocalAvailabilityZone(availabilityZoneName any) *gomock.Call
- func (mr *MockClientMockRecorder) IsPolicyCompatible(policyArn, version any) *gomock.Call
- func (mr *MockClientMockRecorder) IsPolicyExists(policyARN any) *gomock.Call
- func (mr *MockClientMockRecorder) IsRolePolicyExists(roleName, policyName any) *gomock.Call
- func (mr *MockClientMockRecorder) IsUpgradedNeededForAccountRolePolicies(rolePrefix, version any) *gomock.Call
- func (mr *MockClientMockRecorder) IsUpgradedNeededForAccountRolePoliciesUsingCluster(clusterID, version any) *gomock.Call
- func (mr *MockClientMockRecorder) IsUpgradedNeededForOperatorRolePoliciesUsingCluster(...) *gomock.Call
- func (mr *MockClientMockRecorder) IsUpgradedNeededForOperatorRolePoliciesUsingPrefix(rolePrefix, partition, accountID, version, credRequests, path any) *gomock.Call
- func (mr *MockClientMockRecorder) IsUserRole(roleName any) *gomock.Call
- func (mr *MockClientMockRecorder) ListAccountRoles(version any) *gomock.Call
- func (mr *MockClientMockRecorder) ListAttachedRolePolicies(roleName any) *gomock.Call
- func (mr *MockClientMockRecorder) ListOCMRoles() *gomock.Call
- func (mr *MockClientMockRecorder) ListOidcProviders(targetClusterId, config any) *gomock.Call
- func (mr *MockClientMockRecorder) ListOperatorRoles(version, clusterID, prefix any) *gomock.Call
- func (mr *MockClientMockRecorder) ListPolicyVersions(policyArn any) *gomock.Call
- func (mr *MockClientMockRecorder) ListSubnets(subnetIds ...any) *gomock.Call
- func (mr *MockClientMockRecorder) ListUserRoles() *gomock.Call
- func (mr *MockClientMockRecorder) PutPublicReadObjectInS3Bucket(bucketName, body, key any) *gomock.Call
- func (mr *MockClientMockRecorder) PutRolePolicy(roleName, policyName, policy any) *gomock.Call
- func (mr *MockClientMockRecorder) TagUserRegion(username, region any) *gomock.Call
- func (mr *MockClientMockRecorder) UpdateTag(roleName, defaultPolicyVersion any) *gomock.Call
- func (mr *MockClientMockRecorder) ValidateAccountRoleVersionCompatibility(roleName, roleType, minVersion any) *gomock.Call
- func (mr *MockClientMockRecorder) ValidateAccountRolesManagedPolicies(prefix, policies any) *gomock.Call
- func (mr *MockClientMockRecorder) ValidateCredentials() *gomock.Call
- func (mr *MockClientMockRecorder) ValidateHCPAccountRolesManagedPolicies(prefix, policies any) *gomock.Call
- func (mr *MockClientMockRecorder) ValidateOperatorRolesManagedPolicies(cluster, operatorRoles, policies, hostedCPPolicies any) *gomock.Call
- func (mr *MockClientMockRecorder) ValidateQuota() *gomock.Call
- func (mr *MockClientMockRecorder) ValidateRoleARNAccountIDMatchCallerAccountID(roleARN any) *gomock.Call
- func (mr *MockClientMockRecorder) ValidateRoleNameAvailable(name any) *gomock.Call
- func (mr *MockClientMockRecorder) ValidateSCP(arg0, arg1 any) *gomock.Call
- type OidcProviderOutput
- type Operator
- type OperatorRoleDetail
- type Policy
- type PolicyDetail
- type PolicyDocument
- type PolicyStatement
- type PolicyStatementPrincipal
- type PolicyVersion
- type Role
- type SimulateParams
- type Subnet
Constants ¶
const ( AdminUserName = "osdCcsAdmin" OsdCcsAdminStackName = "osdCcsAdminIAMUser" AssumeRolePolicyPrefix = "%s-assume-role" // Since CloudFormation stacks are region-dependent, we hard-code OCM's default region and // then use it to ensure that the user always gets the stack from the same region. DefaultRegion = "us-east-1" Inline = "inline" Attached = "attached" LocalZone = "local-zone" WavelengthZone = "wavelength-zone" IAMServiceRegion = "us-east-1" )
Name of the AWS user that will be used to create all the resources of the cluster:
const ( OIDCClientIDOpenShift = "openshift" OIDCClientIDSTSAWS = "sts.amazonaws.com" )
const ( InstallerAccountRole = "installer" InstallerAccountRoleType = "Installer" ControlPlaneAccountRole = "instance_controlplane" ControlPlaneAccountRoleType = "Control plane" WorkerAccountRole = "instance_worker" WorkerAccountRoleType = "Worker" SupportAccountRole = "support" SupportAccountRoleType = "Support" HCPInstallerRole = "installer" HCPWorkerRole = "instance_worker" HCPSupportRole = "support" OCMRole = "OCM" OCMUserRole = "User" // AWS preferred suffix for ROSA related account roles - HCP only HCPSuffixPattern = "HCP-ROSA" IngressOperatorCloudCredentialsRoleType = "ingress_operator_cloud_credentials" ControlPlaneCloudCredentialsRoleType = "control_plane_operator_credentials" "\"Action\": \"sts:AssumeRole\",\n \"Resource\": [\n \"%{shared_vpc_role_arn}\"\n ]\n }\n}\n" TrueString = "true" )
const ( InstallerCoreKey = "sts_installer_core_permission_policy" InstallerVPCKey = "sts_installer_vpc_permission_policy" InstallerPrivateLinkKey = "sts_installer_privatelink_permission_policy" WorkerEC2RegistryKey = "sts_hcp_ec2_registry_permission_policy" )
const IAMServiceCode = "iam"
const ReadOnlyAnonUserPolicyTemplate = `` /* 220-byte string literal not displayed */
const (
SecretsManager = "secretsmanager"
)
Variables ¶
var ARNPath = regexp.MustCompile(`^\/[a-zA-Z0-9\/]*\/$`)
var AccountRoles = map[string]AccountRole{ InstallerAccountRole: {Name: "Installer", Flag: "role-arn"}, ControlPlaneAccountRole: {Name: "ControlPlane", Flag: "controlplane-iam-role"}, WorkerAccountRole: {Name: "Worker", Flag: "worker-iam-role"}, SupportAccountRole: {Name: "Support", Flag: "support-role-arn"}, }
var (
DefaultPrefix = "ManagedOpenShift"
)
var HCPAccountRoles = map[string]AccountRole{ HCPInstallerRole: {Name: fmt.Sprintf("%s-Installer", HCPSuffixPattern), Flag: "role-arn"}, HCPSupportRole: {Name: fmt.Sprintf("%s-Support", HCPSuffixPattern), Flag: "support-role-arn"}, HCPWorkerRole: {Name: fmt.Sprintf("%s-Worker", HCPSuffixPattern), Flag: "worker-iam-role"}, }
var JumpAccounts = map[string]string{
"production": "710019948333",
"staging": "644306948063",
"integration": "896164604406",
"local": "765374464689",
"local-proxy": "765374464689",
"crc": "765374464689",
}
JumpAccounts are the various of AWS accounts used for the installer jump role in the various OCM environments
var OCMAdminRolePolicyFile = "ocm_admin"
var OCMRolePolicyFile = "ocm"
var OCMUserRolePolicyFile = "ocm_user"
var PolicyArnRE = regexp.MustCompile(
`^arn:aws[\w-]*:iam::(\d{12}|aws):policy(?:\/+[\w+=,.@-]+)+$`,
)
var RoleArnRE = regexp.MustCompile(
`^arn:aws[\w-]*:iam::\d{12}:role(?:\/+[\w+=,.@-]+)+$`,
)
AWS accepted arn format: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html
var RoleNameRE = regexp.MustCompile(`^[\w+=,.@-]+$`)
AWS accepted role name: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-role.html
var UserNoProxyRE = regexp.MustCompile(
`^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$|^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(3[0-2]|[1-2][0-9]|[0-9]))$|^(.?[a-z0-9](?:[a-z0-9-]{0,61}[a-z0-9])?\.)+[a-z0-9][a-z0-9-]{0,61}[a-z0-9]$|^""$`,
)
the following regex defines five different patterns: first pattern is to validate IPv4 address second,is for IPv4 CIDR range validation third pattern is to validate domains and the fifth petterrn is to be able to remove the existing no-proxy value by typing empty string (""). nolint
var UserTagKeyRE = regexp.MustCompile(`^[\pL\pZ\pN_.:/=+\-@]{1,128}$`)
UserTagKeyRE , UserTagValueRE - https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html#tag-conventions
var UserTagValueRE = regexp.MustCompile(`^[\pL\pZ\pN_.:/=+\-@]{0,256}$`)
Functions ¶
func ARNPathValidator ¶ added in v1.2.7
func ARNPathValidator(input interface{}) error
func ARNValidator ¶ added in v1.1.1
func ARNValidator(input interface{}) error
func BuildOperatorRoleCommands ¶ added in v1.1.12
func BuildOperatorRolePolicies ¶ added in v1.2.0
func ComputeOperatorRoleArn ¶ added in v1.2.16
func Ec2ResourceHasTag ¶ added in v1.2.37
func FindOperatorRoleBySTSOperator ¶ added in v1.2.9
func FindOperatorRoleBySTSOperator(operatorRoles []*cmv1.OperatorIAMRole, operator *cmv1.STSOperator) string
func FindOperatorRoleNameBySTSOperator ¶ added in v1.2.12
func GenerateAccountRolePolicyFiles ¶ added in v1.2.32
func GenerateAddonPolicyDoc ¶ added in v1.2.4
func GenerateOperatorRolePolicyDoc ¶ added in v1.2.4
func GenerateOperatorRolePolicyDocByOidcEndpointUrl ¶ added in v1.2.16
func GenerateOperatorRolePolicyFiles ¶ added in v1.2.32
func GenerateRolePolicyDoc ¶ added in v1.1.12
func GetAccountRoleName ¶ added in v1.1.6
func GetAccountRolePolicyKeys ¶ added in v1.2.15
GetAccountRolePolicyKeys returns the policy key for fetching the managed policy ARN
func GetAccountRolesArnsMap ¶ added in v1.2.9
func GetAdminPolicyARN ¶ added in v1.2.9
func GetAdminPolicyName ¶ added in v1.2.9
func GetFormattedFileName ¶ added in v1.2.0
func GetHcpAccountRolePolicyKeys ¶ added in v1.2.48
GetAccountRolePolicyKeys returns the policy key for fetching the managed policy ARN
func GetInstallerAccountRoleName ¶ added in v1.2.9
func GetJumpAccount ¶ added in v1.2.5
func GetManagedPolicyARN ¶ added in v1.2.11
func GetOCMRoleName ¶ added in v1.1.7
func GetOIDCProviderARN ¶ added in v1.2.5
func GetOperatorPolicyARN ¶ added in v1.1.6
func GetOperatorPolicyKey ¶ added in v1.2.16
func GetOperatorPolicyName ¶ added in v1.2.9
func GetOperatorRolePolicyPrefixFromCluster ¶ added in v1.2.9
func GetPathFromARN ¶ added in v1.2.7
func GetPathFromAccountRole ¶ added in v1.2.9
func GetPolicyArn ¶ added in v1.2.49
func GetPolicyArnWithSuffix ¶ added in v1.2.49
func GetPolicyDetails ¶ added in v1.2.11
func GetPolicyDetails(policies map[string]*cmv1.AWSSTSPolicy, key string) string
GetPolicyDetails retrieves from the map the policy details for unmanaged and managed policies.
func GetPolicyName ¶ added in v1.1.6
func GetPrefixFromAccountRole ¶ added in v1.1.6
func GetPrefixFromInstallerAccountRole ¶ added in v1.2.9
func GetPrefixFromOperatorRole ¶ added in v1.2.3
func GetRegion ¶
GetRegion will return a region selected by the user or given as a default to the AWS client. If the region given is empty, it will first attempt to use the default, and, failing that, will prompt for user input.
func GetResourceIdFromARN ¶ added in v1.2.7
GetResourceIdFromARN function takes a full AWS ARN, parses it and extracts the last part of the resource field e.g. arn:partition:service:region:account-id:resource-type/<some-path>/resource-id an assumption is made that there is always a resource-type if resource-id is empty then error is returned
func GetResourceIdFromOidcProviderARN ¶ added in v1.2.23
func GetResourceIdFromSecretArn ¶ added in v1.2.14
func GetRoleARN ¶ added in v1.1.6
func GetServiceQuota ¶
func GetServiceQuota(serviceQuotas []servicequotastypes.ServiceQuota, quotaCode string) (servicequotastypes.ServiceQuota, error)
GetServiceQuota extract service quota for the list of service quotas
func GetTagValues ¶ added in v1.1.3
func GetTagsDelimiter ¶ added in v1.2.24
func GetUserRoleName ¶ added in v1.1.6
func HasDuplicates ¶ added in v1.2.3
func InterpolatePolicyDocument ¶ added in v1.2.3
func IsHostedCP ¶ added in v1.2.23
func IsHostedCPManagedPolicies ¶ added in v1.2.16
func IsStandardNamedAccountRole ¶ added in v1.2.16
func ListServiceQuotas ¶
func ListServiceQuotas(client *awsClient, serviceCode string) ([]servicequotastypes.ServiceQuota, error)
ListServiceQuotas list available quotas for service
func MockOidcConfig ¶ added in v1.2.36
func MockOidcConfig(id string, issuerUrl string) (*cmv1.OidcConfig, error)
func ParseOption ¶ added in v1.2.28
Parse option expects the actual option as the first token followed by a space
func SecretManagerArnValidator ¶ added in v1.2.26
func SecretManagerArnValidator(input interface{}) error
func SetSecurityGroupOption ¶ added in v1.2.28
func SetSecurityGroupOption(securityGroup ec2types.SecurityGroup) string
SetSecurityGroupOption Creates a security group option using a predefined template.
func SetSubnetOption ¶ added in v1.2.4
SetSubnetOption Creates a subnet option using a predefined template.
func SortRolesByLinkedRole ¶ added in v1.1.12
func SortRolesByLinkedRole(roles []Role)
func TrimRoleSuffix ¶ added in v1.2.3
Role names can be truncated if they are over 64 chars, so we need to make sure we aren't missing a truncated suffix
func UpgradeOperatorPolicies ¶ added in v1.1.12
func UpgradeOperatorRolePolicies ¶ added in v1.2.9
func UserNoProxyDuplicateValidator ¶ added in v1.2.3
func UserNoProxyDuplicateValidator(input interface{}) error
func UserNoProxyValidator ¶ added in v1.2.3
func UserNoProxyValidator(input interface{}) error
func UserTagDuplicateValidator ¶ added in v1.1.2
func UserTagDuplicateValidator(input interface{}) error
func UserTagValidator ¶ added in v1.1.2
func UserTagValidator(input interface{}) error
Types ¶
type AccessKeyGetter ¶ added in v1.2.36
type AccountRole ¶ added in v1.1.0
type Client ¶
type Client interface { CheckAdminUserNotExisting(userName string) (err error) CheckAdminUserExists(userName string) (err error) CheckStackReadyOrNotExisting(stackName string) (stackReady bool, stackStatus *string, err error) CheckRoleExists(roleName string) (bool, string, error) ValidateRoleARNAccountIDMatchCallerAccountID(roleARN string) error GetIAMCredentials() (aws.Credentials, error) GetRegion() string ValidateCredentials() (isValid bool, err error) EnsureOsdCcsAdminUser(stackName string, adminUserName string, awsRegion string) (bool, error) DeleteOsdCcsAdminUser(stackName string) error AccessKeyGetter GetCreator() (*Creator, error) ValidateSCP(*string, map[string]*cmv1.AWSSTSPolicy) (bool, error) ListSubnets(subnetIds ...string) ([]ec2types.Subnet, error) GetSubnetAvailabilityZone(subnetID string) (string, error) GetAvailabilityZoneType(availabilityZoneName string) (string, error) GetVPCSubnets(subnetID string) ([]ec2types.Subnet, error) GetVPCPrivateSubnets(subnetID string) ([]ec2types.Subnet, error) FilterVPCsPrivateSubnets(subnets []ec2types.Subnet) ([]ec2types.Subnet, error) ValidateQuota() (bool, error) TagUserRegion(username string, region string) error GetClusterRegionTagForUser(username string) (string, error) EnsureRole(reporter *reporter.Object, name string, policy string, permissionsBoundary string, version string, tagList map[string]string, path string, managedPolicies bool) (string, error) ValidateRoleNameAvailable(name string) (err error) PutRolePolicy(roleName string, policyName string, policy string) error ForceEnsurePolicy(policyArn string, document string, version string, tagList map[string]string, path string) (string, error) EnsurePolicy(policyArn string, document string, version string, tagList map[string]string, path string) (string, error) AttachRolePolicy(reporter *reporter.Object, roleName string, policyARN string) error CreateOpenIDConnectProvider(issuerURL string, thumbprint string, clusterID string) (string, error) DeleteOpenIDConnectProvider(providerURL string) error HasOpenIDConnectProvider(issuerURL string, partition string, accountID string) (bool, error) FindRoleARNs(roleType string, version string) ([]string, error) FindRoleARNsClassic(roleType string, version string) ([]string, error) FindRoleARNsHostedCp(roleType string, version string) ([]string, error) FindPolicyARN(operator Operator, version string) (string, error) ListUserRoles() ([]Role, error) ListOCMRoles() ([]Role, error) ListAccountRoles(version string) ([]Role, error) ListOperatorRoles(version string, clusterID string, prefix string) (map[string][]OperatorRoleDetail, error) ListAttachedRolePolicies(roleName string) ([]string, error) ListOidcProviders(targetClusterId string, config *cmv1.OidcConfig) ([]OidcProviderOutput, error) GetRoleByARN(roleARN string) (iamtypes.Role, error) GetRoleByName(roleName string) (iamtypes.Role, error) DeleteOperatorRole(roles string, managedPolicies bool, deleteHcpSharedVpcPolicies bool) (map[string]bool, error) GetOperatorRolesFromAccountByClusterID( clusterID string, credRequests map[string]*cmv1.STSOperator, ) ([]string, error) GetOperatorRolesFromAccountByPrefix(prefix string, credRequest map[string]*cmv1.STSOperator) ([]string, error) GetOperatorRolePolicies(roles []string) (map[string][]string, map[string][]string, error) GetAccountRolesForCurrentEnv(env string, accountID string) ([]Role, error) GetAccountRoleForCurrentEnv(env string, roleName string) (Role, error) GetAccountRoleForCurrentEnvWithPrefix(env string, rolePrefix string, accountRolesMap map[string]AccountRole) ([]Role, error) DeleteAccountRole(roleName string, prefix string, managedPolicies bool, deleteHcpSharedVpcPolicies bool) error DeleteOCMRole(roleARN string, managedPolicies bool) error DeleteUserRole(roleName string) error GetAccountRolePolicies(roles []string, prefix string) (map[string][]PolicyDetail, map[string][]PolicyDetail, error) GetAttachedPolicy(role *string) ([]PolicyDetail, error) GetPolicyDetailsFromRole(role *string) ([]*iam.GetPolicyOutput, error) HasPermissionsBoundary(roleName string) (bool, error) GetOpenIDConnectProviderByClusterIdTag(clusterID string) (string, error) GetOpenIDConnectProviderByOidcEndpointUrl(oidcEndpointUrl string) (string, error) GetInstanceProfilesForRole(role string) ([]string, error) IsUpgradedNeededForAccountRolePolicies(rolePrefix string, version string) (bool, error) IsUpgradedNeededForAccountRolePoliciesUsingCluster(clusterID *cmv1.Cluster, version string) (bool, error) IsUpgradedNeededForOperatorRolePoliciesUsingCluster( cluster *cmv1.Cluster, partition string, accountID string, version string, credRequests map[string]*cmv1.STSOperator, operatorRolePolicyPrefix string, ) (bool, error) IsUpgradedNeededForOperatorRolePoliciesUsingPrefix( rolePrefix string, partition string, accountID string, version string, credRequests map[string]*cmv1.STSOperator, path string, ) (bool, error) UpdateTag(roleName string, defaultPolicyVersion string) error AddRoleTag(roleName string, key string, value string) error IsPolicyCompatible(policyArn string, version string) (bool, error) GetAccountRoleVersion(roleName string) (string, error) IsPolicyExists(policyARN string) (*iam.GetPolicyOutput, error) IsRolePolicyExists(roleName string, policyName string) (*iam.GetRolePolicyOutput, error) IsAdminRole(roleName string) (bool, error) DeleteInlineRolePolicies(roleName string) error IsUserRole(roleName *string) (bool, error) GetRoleARNPath(prefix string) (string, error) DescribeAvailabilityZones() ([]string, error) IsLocalAvailabilityZone(availabilityZoneName string) (bool, error) DetachRolePolicies(roleName string) error DetachRolePolicy(policyArn string, roleName string) error HasManagedPolicies(roleARN string) (bool, error) HasHostedCPPolicies(roleARN string) (bool, error) GetAccountRoleARN(prefix string, roleType string) (string, error) ValidateAccountRolesManagedPolicies(prefix string, policies map[string]*cmv1.AWSSTSPolicy) error ValidateHCPAccountRolesManagedPolicies(prefix string, policies map[string]*cmv1.AWSSTSPolicy) error ValidateOperatorRolesManagedPolicies(cluster *cmv1.Cluster, operatorRoles map[string]*cmv1.STSOperator, policies map[string]*cmv1.AWSSTSPolicy, hostedCPPolicies bool) error CreateS3Bucket(bucketName string, region string) error DeleteS3Bucket(bucketName string) error PutPublicReadObjectInS3Bucket(bucketName string, body io.ReadSeeker, key string) error CreateSecretInSecretsManager(name string, secret string) (string, error) DeleteSecretInSecretsManager(secretArn string) error ValidateAccountRoleVersionCompatibility(roleName string, roleType string, minVersion string) (bool, error) GetDefaultPolicyDocument(policyArn string) (string, error) GetAccountRoleByArn(roleArn string) (Role, error) GetSecurityGroupIds(vpcId string) ([]ec2types.SecurityGroup, error) FetchPublicSubnetMap(subnets []ec2types.Subnet) (map[string]bool, error) GetIAMServiceQuota(quotaCode string) (*servicequotas.GetServiceQuotaOutput, error) GetAccountRoleDefaultPolicy(roleName string, prefix string) (string, error) GetOperatorRoleDefaultPolicy(roleName string) (string, error) ListPolicyVersions(policyArn string) ([]PolicyVersion, error) }
Client defines a client interface
func CreateNewClientOrExit ¶ added in v1.1.10
func GetAWSClientForUserRegion ¶ added in v1.0.8
func GetAWSClientForUserRegion(reporter *rprtr.Object, logger *logrus.Logger, supportedRegions []string, useLocalCreds bool) Client
Currently user can rosa init using the region from their config or using --region When checking for cloud formation we need to check in the region used by the user
func New ¶
func New( cfg aws.Config, logger *logrus.Logger, iamClient client.IamApiClient, ec2Client client.Ec2ApiClient, orgClient client.OrganizationsApiClient, s3Client client.S3ApiClient, smClient client.SecretsManagerApiClient, stsClient client.StsApiClient, cfClient client.CloudFormationApiClient, serviceQuotasClient client.ServiceQuotasApiClient, iamQuotaClient client.ServiceQuotasApiClient, awsAccessKeys *AccessKey, useLocalCredentials bool, ) Client
type ClientBuilder ¶
type ClientBuilder struct {
// contains filtered or unexported fields
}
ClientBuilder contains the information and logic needed to build a new AWS client.
func NewClient ¶
func NewClient() *ClientBuilder
NewClient creates a builder that can then be used to configure and build a new AWS client.
func (*ClientBuilder) AccessKeys ¶
func (b *ClientBuilder) AccessKeys(value *AccessKey) *ClientBuilder
func (*ClientBuilder) Build ¶
func (b *ClientBuilder) Build() (Client, error)
Build uses the information stored in the builder to build a new AWS client.
func (*ClientBuilder) BuildSession ¶ added in v1.2.37
func (b *ClientBuilder) BuildSession() (aws.Config, error)
func (*ClientBuilder) BuildSessionWithOptions ¶
func (b *ClientBuilder) BuildSessionWithOptions(logLevel aws.ClientLogMode) (aws.Config, error)
func (*ClientBuilder) BuildSessionWithOptionsCredentials ¶
func (b *ClientBuilder) BuildSessionWithOptionsCredentials(value *AccessKey, logLevel aws.ClientLogMode) (aws.Config, error)
Create AWS session with a specific set of credentials
func (*ClientBuilder) Logger ¶
func (b *ClientBuilder) Logger(value *logrus.Logger) *ClientBuilder
Logger sets the logger that the AWS client will use to send messages to the log.
func (*ClientBuilder) Region ¶
func (b *ClientBuilder) Region(value string) *ClientBuilder
func (*ClientBuilder) UseLocalCredentials ¶ added in v1.2.25
func (b *ClientBuilder) UseLocalCredentials(value bool) *ClientBuilder
type Creator ¶
func CreatorForCallerIdentity ¶ added in v1.2.36
func CreatorForCallerIdentity(identity *sts.GetCallerIdentityOutput) (*Creator, error)
CreatorForCallerIdentity adapts an STS CallerIdentity to the ROSA *Creator
type MockAccessKeyGetter ¶ added in v1.2.36
type MockAccessKeyGetter struct {
// contains filtered or unexported fields
}
MockAccessKeyGetter is a mock of AccessKeyGetter interface.
func NewMockAccessKeyGetter ¶ added in v1.2.36
func NewMockAccessKeyGetter(ctrl *gomock.Controller) *MockAccessKeyGetter
NewMockAccessKeyGetter creates a new mock instance.
func (*MockAccessKeyGetter) EXPECT ¶ added in v1.2.36
func (m *MockAccessKeyGetter) EXPECT() *MockAccessKeyGetterMockRecorder
EXPECT returns an object that allows the caller to indicate expected use.
func (*MockAccessKeyGetter) GetAWSAccessKeys ¶ added in v1.2.36
func (m *MockAccessKeyGetter) GetAWSAccessKeys() (*AccessKey, error)
GetAWSAccessKeys mocks base method.
func (*MockAccessKeyGetter) GetLocalAWSAccessKeys ¶ added in v1.2.36
func (m *MockAccessKeyGetter) GetLocalAWSAccessKeys() (*AccessKey, error)
GetLocalAWSAccessKeys mocks base method.
type MockAccessKeyGetterMockRecorder ¶ added in v1.2.36
type MockAccessKeyGetterMockRecorder struct {
// contains filtered or unexported fields
}
MockAccessKeyGetterMockRecorder is the mock recorder for MockAccessKeyGetter.
func (*MockAccessKeyGetterMockRecorder) GetAWSAccessKeys ¶ added in v1.2.36
func (mr *MockAccessKeyGetterMockRecorder) GetAWSAccessKeys() *gomock.Call
GetAWSAccessKeys indicates an expected call of GetAWSAccessKeys.
func (*MockAccessKeyGetterMockRecorder) GetLocalAWSAccessKeys ¶ added in v1.2.36
func (mr *MockAccessKeyGetterMockRecorder) GetLocalAWSAccessKeys() *gomock.Call
GetLocalAWSAccessKeys indicates an expected call of GetLocalAWSAccessKeys.
type MockClient ¶ added in v1.2.36
type MockClient struct {
// contains filtered or unexported fields
}
MockClient is a mock of Client interface.
func NewMockClient ¶ added in v1.2.36
func NewMockClient(ctrl *gomock.Controller) *MockClient
NewMockClient creates a new mock instance.
func (*MockClient) AddRoleTag ¶ added in v1.2.36
func (m *MockClient) AddRoleTag(roleName, key, value string) error
AddRoleTag mocks base method.
func (*MockClient) AttachRolePolicy ¶ added in v1.2.36
func (m *MockClient) AttachRolePolicy(reporter *reporter.Object, roleName, policyARN string) error
AttachRolePolicy mocks base method.
func (*MockClient) CheckAdminUserExists ¶ added in v1.2.36
func (m *MockClient) CheckAdminUserExists(userName string) error
CheckAdminUserExists mocks base method.
func (*MockClient) CheckAdminUserNotExisting ¶ added in v1.2.36
func (m *MockClient) CheckAdminUserNotExisting(userName string) error
CheckAdminUserNotExisting mocks base method.
func (*MockClient) CheckRoleExists ¶ added in v1.2.36
func (m *MockClient) CheckRoleExists(roleName string) (bool, string, error)
CheckRoleExists mocks base method.
func (*MockClient) CheckStackReadyOrNotExisting ¶ added in v1.2.36
func (m *MockClient) CheckStackReadyOrNotExisting(stackName string) (bool, *string, error)
CheckStackReadyOrNotExisting mocks base method.
func (*MockClient) CreateOpenIDConnectProvider ¶ added in v1.2.36
func (m *MockClient) CreateOpenIDConnectProvider(issuerURL, thumbprint, clusterID string) (string, error)
CreateOpenIDConnectProvider mocks base method.
func (*MockClient) CreateS3Bucket ¶ added in v1.2.36
func (m *MockClient) CreateS3Bucket(bucketName, region string) error
CreateS3Bucket mocks base method.
func (*MockClient) CreateSecretInSecretsManager ¶ added in v1.2.36
func (m *MockClient) CreateSecretInSecretsManager(name, secret string) (string, error)
CreateSecretInSecretsManager mocks base method.
func (*MockClient) DeleteAccountRole ¶ added in v1.2.36
func (m *MockClient) DeleteAccountRole(roleName, prefix string, managedPolicies, deleteHcpSharedVpcPolicies bool) error
DeleteAccountRole mocks base method.
func (*MockClient) DeleteInlineRolePolicies ¶ added in v1.2.36
func (m *MockClient) DeleteInlineRolePolicies(roleName string) error
DeleteInlineRolePolicies mocks base method.
func (*MockClient) DeleteOCMRole ¶ added in v1.2.36
func (m *MockClient) DeleteOCMRole(roleARN string, managedPolicies bool) error
DeleteOCMRole mocks base method.
func (*MockClient) DeleteOpenIDConnectProvider ¶ added in v1.2.36
func (m *MockClient) DeleteOpenIDConnectProvider(providerURL string) error
DeleteOpenIDConnectProvider mocks base method.
func (*MockClient) DeleteOperatorRole ¶ added in v1.2.36
func (m *MockClient) DeleteOperatorRole(roles string, managedPolicies, deleteHcpSharedVpcPolicies bool) (map[string]bool, error)
DeleteOperatorRole mocks base method.
func (*MockClient) DeleteOsdCcsAdminUser ¶ added in v1.2.36
func (m *MockClient) DeleteOsdCcsAdminUser(stackName string) error
DeleteOsdCcsAdminUser mocks base method.
func (*MockClient) DeleteS3Bucket ¶ added in v1.2.36
func (m *MockClient) DeleteS3Bucket(bucketName string) error
DeleteS3Bucket mocks base method.
func (*MockClient) DeleteSecretInSecretsManager ¶ added in v1.2.36
func (m *MockClient) DeleteSecretInSecretsManager(secretArn string) error
DeleteSecretInSecretsManager mocks base method.
func (*MockClient) DeleteUserRole ¶ added in v1.2.36
func (m *MockClient) DeleteUserRole(roleName string) error
DeleteUserRole mocks base method.
func (*MockClient) DescribeAvailabilityZones ¶ added in v1.2.36
func (m *MockClient) DescribeAvailabilityZones() ([]string, error)
DescribeAvailabilityZones mocks base method.
func (*MockClient) DetachRolePolicies ¶ added in v1.2.36
func (m *MockClient) DetachRolePolicies(roleName string) error
DetachRolePolicies mocks base method.
func (*MockClient) DetachRolePolicy ¶ added in v1.2.39
func (m *MockClient) DetachRolePolicy(policyArn, roleName string) error
DetachRolePolicy mocks base method.
func (*MockClient) EXPECT ¶ added in v1.2.36
func (m *MockClient) EXPECT() *MockClientMockRecorder
EXPECT returns an object that allows the caller to indicate expected use.
func (*MockClient) EnsureOsdCcsAdminUser ¶ added in v1.2.36
func (m *MockClient) EnsureOsdCcsAdminUser(stackName, adminUserName, awsRegion string) (bool, error)
EnsureOsdCcsAdminUser mocks base method.
func (*MockClient) EnsurePolicy ¶ added in v1.2.36
func (m *MockClient) EnsurePolicy(policyArn, document, version string, tagList map[string]string, path string) (string, error)
EnsurePolicy mocks base method.
func (*MockClient) EnsureRole ¶ added in v1.2.36
func (m *MockClient) EnsureRole(reporter *reporter.Object, name, policy, permissionsBoundary, version string, tagList map[string]string, path string, managedPolicies bool) (string, error)
EnsureRole mocks base method.
func (*MockClient) FetchPublicSubnetMap ¶ added in v1.2.36
FetchPublicSubnetMap mocks base method.
func (*MockClient) FilterVPCsPrivateSubnets ¶ added in v1.2.36
FilterVPCsPrivateSubnets mocks base method.
func (*MockClient) FindPolicyARN ¶ added in v1.2.36
func (m *MockClient) FindPolicyARN(operator Operator, version string) (string, error)
FindPolicyARN mocks base method.
func (*MockClient) FindRoleARNs ¶ added in v1.2.36
func (m *MockClient) FindRoleARNs(roleType, version string) ([]string, error)
FindRoleARNs mocks base method.
func (*MockClient) FindRoleARNsClassic ¶ added in v1.2.36
func (m *MockClient) FindRoleARNsClassic(roleType, version string) ([]string, error)
FindRoleARNsClassic mocks base method.
func (*MockClient) FindRoleARNsHostedCp ¶ added in v1.2.36
func (m *MockClient) FindRoleARNsHostedCp(roleType, version string) ([]string, error)
FindRoleARNsHostedCp mocks base method.
func (*MockClient) ForceEnsurePolicy ¶ added in v1.2.36
func (m *MockClient) ForceEnsurePolicy(policyArn, document, version string, tagList map[string]string, path string) (string, error)
ForceEnsurePolicy mocks base method.
func (*MockClient) GetAWSAccessKeys ¶ added in v1.2.36
func (m *MockClient) GetAWSAccessKeys() (*AccessKey, error)
GetAWSAccessKeys mocks base method.
func (*MockClient) GetAccountRoleARN ¶ added in v1.2.36
func (m *MockClient) GetAccountRoleARN(prefix, roleType string) (string, error)
GetAccountRoleARN mocks base method.
func (*MockClient) GetAccountRoleByArn ¶ added in v1.2.36
func (m *MockClient) GetAccountRoleByArn(roleArn string) (Role, error)
GetAccountRoleByArn mocks base method.
func (*MockClient) GetAccountRoleDefaultPolicy ¶ added in v1.2.40
func (m *MockClient) GetAccountRoleDefaultPolicy(roleName, prefix string) (string, error)
GetAccountRoleDefaultPolicy mocks base method.
func (*MockClient) GetAccountRoleForCurrentEnv ¶ added in v1.2.36
func (m *MockClient) GetAccountRoleForCurrentEnv(env, roleName string) (Role, error)
GetAccountRoleForCurrentEnv mocks base method.
func (*MockClient) GetAccountRoleForCurrentEnvWithPrefix ¶ added in v1.2.36
func (m *MockClient) GetAccountRoleForCurrentEnvWithPrefix(env, rolePrefix string, accountRolesMap map[string]AccountRole) ([]Role, error)
GetAccountRoleForCurrentEnvWithPrefix mocks base method.
func (*MockClient) GetAccountRolePolicies ¶ added in v1.2.36
func (m *MockClient) GetAccountRolePolicies(roles []string, prefix string) (map[string][]PolicyDetail, map[string][]PolicyDetail, error)
GetAccountRolePolicies mocks base method.
func (*MockClient) GetAccountRoleVersion ¶ added in v1.2.36
func (m *MockClient) GetAccountRoleVersion(roleName string) (string, error)
GetAccountRoleVersion mocks base method.
func (*MockClient) GetAccountRolesForCurrentEnv ¶ added in v1.2.36
func (m *MockClient) GetAccountRolesForCurrentEnv(env, accountID string) ([]Role, error)
GetAccountRolesForCurrentEnv mocks base method.
func (*MockClient) GetAttachedPolicy ¶ added in v1.2.36
func (m *MockClient) GetAttachedPolicy(role *string) ([]PolicyDetail, error)
GetAttachedPolicy mocks base method.
func (*MockClient) GetAvailabilityZoneType ¶ added in v1.2.37
func (m *MockClient) GetAvailabilityZoneType(availabilityZoneName string) (string, error)
GetAvailabilityZoneType mocks base method.
func (*MockClient) GetClusterRegionTagForUser ¶ added in v1.2.36
func (m *MockClient) GetClusterRegionTagForUser(username string) (string, error)
GetClusterRegionTagForUser mocks base method.
func (*MockClient) GetCreator ¶ added in v1.2.36
func (m *MockClient) GetCreator() (*Creator, error)
GetCreator mocks base method.
func (*MockClient) GetDefaultPolicyDocument ¶ added in v1.2.36
func (m *MockClient) GetDefaultPolicyDocument(policyArn string) (string, error)
GetDefaultPolicyDocument mocks base method.
func (*MockClient) GetIAMCredentials ¶ added in v1.2.36
func (m *MockClient) GetIAMCredentials() (aws.Credentials, error)
GetIAMCredentials mocks base method.
func (*MockClient) GetIAMServiceQuota ¶ added in v1.2.39
func (m *MockClient) GetIAMServiceQuota(quotaCode string) (*servicequotas.GetServiceQuotaOutput, error)
GetIAMServiceQuota mocks base method.
func (*MockClient) GetInstanceProfilesForRole ¶ added in v1.2.36
func (m *MockClient) GetInstanceProfilesForRole(role string) ([]string, error)
GetInstanceProfilesForRole mocks base method.
func (*MockClient) GetLocalAWSAccessKeys ¶ added in v1.2.36
func (m *MockClient) GetLocalAWSAccessKeys() (*AccessKey, error)
GetLocalAWSAccessKeys mocks base method.
func (*MockClient) GetOpenIDConnectProviderByClusterIdTag ¶ added in v1.2.36
func (m *MockClient) GetOpenIDConnectProviderByClusterIdTag(clusterID string) (string, error)
GetOpenIDConnectProviderByClusterIdTag mocks base method.
func (*MockClient) GetOpenIDConnectProviderByOidcEndpointUrl ¶ added in v1.2.36
func (m *MockClient) GetOpenIDConnectProviderByOidcEndpointUrl(oidcEndpointUrl string) (string, error)
GetOpenIDConnectProviderByOidcEndpointUrl mocks base method.
func (*MockClient) GetOperatorRoleDefaultPolicy ¶ added in v1.2.40
func (m *MockClient) GetOperatorRoleDefaultPolicy(roleName string) (string, error)
GetOperatorRoleDefaultPolicy mocks base method.
func (*MockClient) GetOperatorRolePolicies ¶ added in v1.2.40
func (m *MockClient) GetOperatorRolePolicies(roles []string) (map[string][]string, map[string][]string, error)
GetOperatorRolePolicies mocks base method.
func (*MockClient) GetOperatorRolesFromAccountByClusterID ¶ added in v1.2.36
func (m *MockClient) GetOperatorRolesFromAccountByClusterID(clusterID string, credRequests map[string]*v1.STSOperator) ([]string, error)
GetOperatorRolesFromAccountByClusterID mocks base method.
func (*MockClient) GetOperatorRolesFromAccountByPrefix ¶ added in v1.2.36
func (m *MockClient) GetOperatorRolesFromAccountByPrefix(prefix string, credRequest map[string]*v1.STSOperator) ([]string, error)
GetOperatorRolesFromAccountByPrefix mocks base method.
func (*MockClient) GetPolicyDetailsFromRole ¶ added in v1.2.49
func (m *MockClient) GetPolicyDetailsFromRole(role *string) ([]*iam.GetPolicyOutput, error)
GetPolicyDetailsFromRole mocks base method.
func (*MockClient) GetRegion ¶ added in v1.2.36
func (m *MockClient) GetRegion() string
GetRegion mocks base method.
func (*MockClient) GetRoleARNPath ¶ added in v1.2.36
func (m *MockClient) GetRoleARNPath(prefix string) (string, error)
GetRoleARNPath mocks base method.
func (*MockClient) GetRoleByARN ¶ added in v1.2.36
func (m *MockClient) GetRoleByARN(roleARN string) (types0.Role, error)
GetRoleByARN mocks base method.
func (*MockClient) GetRoleByName ¶ added in v1.2.39
func (m *MockClient) GetRoleByName(roleName string) (types0.Role, error)
GetRoleByName mocks base method.
func (*MockClient) GetSecurityGroupIds ¶ added in v1.2.36
func (m *MockClient) GetSecurityGroupIds(vpcId string) ([]types.SecurityGroup, error)
GetSecurityGroupIds mocks base method.
func (*MockClient) GetSubnetAvailabilityZone ¶ added in v1.2.36
func (m *MockClient) GetSubnetAvailabilityZone(subnetID string) (string, error)
GetSubnetAvailabilityZone mocks base method.
func (*MockClient) GetVPCPrivateSubnets ¶ added in v1.2.36
func (m *MockClient) GetVPCPrivateSubnets(subnetID string) ([]types.Subnet, error)
GetVPCPrivateSubnets mocks base method.
func (*MockClient) GetVPCSubnets ¶ added in v1.2.36
func (m *MockClient) GetVPCSubnets(subnetID string) ([]types.Subnet, error)
GetVPCSubnets mocks base method.
func (*MockClient) HasHostedCPPolicies ¶ added in v1.2.36
func (m *MockClient) HasHostedCPPolicies(roleARN string) (bool, error)
HasHostedCPPolicies mocks base method.
func (*MockClient) HasManagedPolicies ¶ added in v1.2.36
func (m *MockClient) HasManagedPolicies(roleARN string) (bool, error)
HasManagedPolicies mocks base method.
func (*MockClient) HasOpenIDConnectProvider ¶ added in v1.2.36
func (m *MockClient) HasOpenIDConnectProvider(issuerURL, partition, accountID string) (bool, error)
HasOpenIDConnectProvider mocks base method.
func (*MockClient) HasPermissionsBoundary ¶ added in v1.2.36
func (m *MockClient) HasPermissionsBoundary(roleName string) (bool, error)
HasPermissionsBoundary mocks base method.
func (*MockClient) IsAdminRole ¶ added in v1.2.36
func (m *MockClient) IsAdminRole(roleName string) (bool, error)
IsAdminRole mocks base method.
func (*MockClient) IsLocalAvailabilityZone ¶ added in v1.2.36
func (m *MockClient) IsLocalAvailabilityZone(availabilityZoneName string) (bool, error)
IsLocalAvailabilityZone mocks base method.
func (*MockClient) IsPolicyCompatible ¶ added in v1.2.36
func (m *MockClient) IsPolicyCompatible(policyArn, version string) (bool, error)
IsPolicyCompatible mocks base method.
func (*MockClient) IsPolicyExists ¶ added in v1.2.36
func (m *MockClient) IsPolicyExists(policyARN string) (*iam.GetPolicyOutput, error)
IsPolicyExists mocks base method.
func (*MockClient) IsRolePolicyExists ¶ added in v1.2.36
func (m *MockClient) IsRolePolicyExists(roleName, policyName string) (*iam.GetRolePolicyOutput, error)
IsRolePolicyExists mocks base method.
func (*MockClient) IsUpgradedNeededForAccountRolePolicies ¶ added in v1.2.36
func (m *MockClient) IsUpgradedNeededForAccountRolePolicies(rolePrefix, version string) (bool, error)
IsUpgradedNeededForAccountRolePolicies mocks base method.
func (*MockClient) IsUpgradedNeededForAccountRolePoliciesUsingCluster ¶ added in v1.2.36
func (m *MockClient) IsUpgradedNeededForAccountRolePoliciesUsingCluster(clusterID *v1.Cluster, version string) (bool, error)
IsUpgradedNeededForAccountRolePoliciesUsingCluster mocks base method.
func (*MockClient) IsUpgradedNeededForOperatorRolePoliciesUsingCluster ¶ added in v1.2.36
func (m *MockClient) IsUpgradedNeededForOperatorRolePoliciesUsingCluster(cluster *v1.Cluster, partition, accountID, version string, credRequests map[string]*v1.STSOperator, operatorRolePolicyPrefix string) (bool, error)
IsUpgradedNeededForOperatorRolePoliciesUsingCluster mocks base method.
func (*MockClient) IsUpgradedNeededForOperatorRolePoliciesUsingPrefix ¶ added in v1.2.36
func (m *MockClient) IsUpgradedNeededForOperatorRolePoliciesUsingPrefix(rolePrefix, partition, accountID, version string, credRequests map[string]*v1.STSOperator, path string) (bool, error)
IsUpgradedNeededForOperatorRolePoliciesUsingPrefix mocks base method.
func (*MockClient) IsUserRole ¶ added in v1.2.36
func (m *MockClient) IsUserRole(roleName *string) (bool, error)
IsUserRole mocks base method.
func (*MockClient) ListAccountRoles ¶ added in v1.2.36
func (m *MockClient) ListAccountRoles(version string) ([]Role, error)
ListAccountRoles mocks base method.
func (*MockClient) ListAttachedRolePolicies ¶ added in v1.2.40
func (m *MockClient) ListAttachedRolePolicies(roleName string) ([]string, error)
ListAttachedRolePolicies mocks base method.
func (*MockClient) ListOCMRoles ¶ added in v1.2.36
func (m *MockClient) ListOCMRoles() ([]Role, error)
ListOCMRoles mocks base method.
func (*MockClient) ListOidcProviders ¶ added in v1.2.36
func (m *MockClient) ListOidcProviders(targetClusterId string, config *v1.OidcConfig) ([]OidcProviderOutput, error)
ListOidcProviders mocks base method.
func (*MockClient) ListOperatorRoles ¶ added in v1.2.36
func (m *MockClient) ListOperatorRoles(version, clusterID, prefix string) (map[string][]OperatorRoleDetail, error)
ListOperatorRoles mocks base method.
func (*MockClient) ListPolicyVersions ¶ added in v1.2.48
func (m *MockClient) ListPolicyVersions(policyArn string) ([]PolicyVersion, error)
ListPolicyVersions mocks base method.
func (*MockClient) ListSubnets ¶ added in v1.2.36
func (m *MockClient) ListSubnets(subnetIds ...string) ([]types.Subnet, error)
ListSubnets mocks base method.
func (*MockClient) ListUserRoles ¶ added in v1.2.36
func (m *MockClient) ListUserRoles() ([]Role, error)
ListUserRoles mocks base method.
func (*MockClient) PutPublicReadObjectInS3Bucket ¶ added in v1.2.36
func (m *MockClient) PutPublicReadObjectInS3Bucket(bucketName string, body io.ReadSeeker, key string) error
PutPublicReadObjectInS3Bucket mocks base method.
func (*MockClient) PutRolePolicy ¶ added in v1.2.36
func (m *MockClient) PutRolePolicy(roleName, policyName, policy string) error
PutRolePolicy mocks base method.
func (*MockClient) TagUserRegion ¶ added in v1.2.36
func (m *MockClient) TagUserRegion(username, region string) error
TagUserRegion mocks base method.
func (*MockClient) UpdateTag ¶ added in v1.2.36
func (m *MockClient) UpdateTag(roleName, defaultPolicyVersion string) error
UpdateTag mocks base method.
func (*MockClient) ValidateAccountRoleVersionCompatibility ¶ added in v1.2.36
func (m *MockClient) ValidateAccountRoleVersionCompatibility(roleName, roleType, minVersion string) (bool, error)
ValidateAccountRoleVersionCompatibility mocks base method.
func (*MockClient) ValidateAccountRolesManagedPolicies ¶ added in v1.2.36
func (m *MockClient) ValidateAccountRolesManagedPolicies(prefix string, policies map[string]*v1.AWSSTSPolicy) error
ValidateAccountRolesManagedPolicies mocks base method.
func (*MockClient) ValidateCredentials ¶ added in v1.2.36
func (m *MockClient) ValidateCredentials() (bool, error)
ValidateCredentials mocks base method.
func (*MockClient) ValidateHCPAccountRolesManagedPolicies ¶ added in v1.2.36
func (m *MockClient) ValidateHCPAccountRolesManagedPolicies(prefix string, policies map[string]*v1.AWSSTSPolicy) error
ValidateHCPAccountRolesManagedPolicies mocks base method.
func (*MockClient) ValidateOperatorRolesManagedPolicies ¶ added in v1.2.36
func (m *MockClient) ValidateOperatorRolesManagedPolicies(cluster *v1.Cluster, operatorRoles map[string]*v1.STSOperator, policies map[string]*v1.AWSSTSPolicy, hostedCPPolicies bool) error
ValidateOperatorRolesManagedPolicies mocks base method.
func (*MockClient) ValidateQuota ¶ added in v1.2.36
func (m *MockClient) ValidateQuota() (bool, error)
ValidateQuota mocks base method.
func (*MockClient) ValidateRoleARNAccountIDMatchCallerAccountID ¶ added in v1.2.36
func (m *MockClient) ValidateRoleARNAccountIDMatchCallerAccountID(roleARN string) error
ValidateRoleARNAccountIDMatchCallerAccountID mocks base method.
func (*MockClient) ValidateRoleNameAvailable ¶ added in v1.2.36
func (m *MockClient) ValidateRoleNameAvailable(name string) error
ValidateRoleNameAvailable mocks base method.
func (*MockClient) ValidateSCP ¶ added in v1.2.36
func (m *MockClient) ValidateSCP(arg0 *string, arg1 map[string]*v1.AWSSTSPolicy) (bool, error)
ValidateSCP mocks base method.
type MockClientMockRecorder ¶ added in v1.2.36
type MockClientMockRecorder struct {
// contains filtered or unexported fields
}
MockClientMockRecorder is the mock recorder for MockClient.
func (*MockClientMockRecorder) AddRoleTag ¶ added in v1.2.36
func (mr *MockClientMockRecorder) AddRoleTag(roleName, key, value any) *gomock.Call
AddRoleTag indicates an expected call of AddRoleTag.
func (*MockClientMockRecorder) AttachRolePolicy ¶ added in v1.2.36
func (mr *MockClientMockRecorder) AttachRolePolicy(reporter, roleName, policyARN any) *gomock.Call
AttachRolePolicy indicates an expected call of AttachRolePolicy.
func (*MockClientMockRecorder) CheckAdminUserExists ¶ added in v1.2.36
func (mr *MockClientMockRecorder) CheckAdminUserExists(userName any) *gomock.Call
CheckAdminUserExists indicates an expected call of CheckAdminUserExists.
func (*MockClientMockRecorder) CheckAdminUserNotExisting ¶ added in v1.2.36
func (mr *MockClientMockRecorder) CheckAdminUserNotExisting(userName any) *gomock.Call
CheckAdminUserNotExisting indicates an expected call of CheckAdminUserNotExisting.
func (*MockClientMockRecorder) CheckRoleExists ¶ added in v1.2.36
func (mr *MockClientMockRecorder) CheckRoleExists(roleName any) *gomock.Call
CheckRoleExists indicates an expected call of CheckRoleExists.
func (*MockClientMockRecorder) CheckStackReadyOrNotExisting ¶ added in v1.2.36
func (mr *MockClientMockRecorder) CheckStackReadyOrNotExisting(stackName any) *gomock.Call
CheckStackReadyOrNotExisting indicates an expected call of CheckStackReadyOrNotExisting.
func (*MockClientMockRecorder) CreateOpenIDConnectProvider ¶ added in v1.2.36
func (mr *MockClientMockRecorder) CreateOpenIDConnectProvider(issuerURL, thumbprint, clusterID any) *gomock.Call
CreateOpenIDConnectProvider indicates an expected call of CreateOpenIDConnectProvider.
func (*MockClientMockRecorder) CreateS3Bucket ¶ added in v1.2.36
func (mr *MockClientMockRecorder) CreateS3Bucket(bucketName, region any) *gomock.Call
CreateS3Bucket indicates an expected call of CreateS3Bucket.
func (*MockClientMockRecorder) CreateSecretInSecretsManager ¶ added in v1.2.36
func (mr *MockClientMockRecorder) CreateSecretInSecretsManager(name, secret any) *gomock.Call
CreateSecretInSecretsManager indicates an expected call of CreateSecretInSecretsManager.
func (*MockClientMockRecorder) DeleteAccountRole ¶ added in v1.2.36
func (mr *MockClientMockRecorder) DeleteAccountRole(roleName, prefix, managedPolicies, deleteHcpSharedVpcPolicies any) *gomock.Call
DeleteAccountRole indicates an expected call of DeleteAccountRole.
func (*MockClientMockRecorder) DeleteInlineRolePolicies ¶ added in v1.2.36
func (mr *MockClientMockRecorder) DeleteInlineRolePolicies(roleName any) *gomock.Call
DeleteInlineRolePolicies indicates an expected call of DeleteInlineRolePolicies.
func (*MockClientMockRecorder) DeleteOCMRole ¶ added in v1.2.36
func (mr *MockClientMockRecorder) DeleteOCMRole(roleARN, managedPolicies any) *gomock.Call
DeleteOCMRole indicates an expected call of DeleteOCMRole.
func (*MockClientMockRecorder) DeleteOpenIDConnectProvider ¶ added in v1.2.36
func (mr *MockClientMockRecorder) DeleteOpenIDConnectProvider(providerURL any) *gomock.Call
DeleteOpenIDConnectProvider indicates an expected call of DeleteOpenIDConnectProvider.
func (*MockClientMockRecorder) DeleteOperatorRole ¶ added in v1.2.36
func (mr *MockClientMockRecorder) DeleteOperatorRole(roles, managedPolicies, deleteHcpSharedVpcPolicies any) *gomock.Call
DeleteOperatorRole indicates an expected call of DeleteOperatorRole.
func (*MockClientMockRecorder) DeleteOsdCcsAdminUser ¶ added in v1.2.36
func (mr *MockClientMockRecorder) DeleteOsdCcsAdminUser(stackName any) *gomock.Call
DeleteOsdCcsAdminUser indicates an expected call of DeleteOsdCcsAdminUser.
func (*MockClientMockRecorder) DeleteS3Bucket ¶ added in v1.2.36
func (mr *MockClientMockRecorder) DeleteS3Bucket(bucketName any) *gomock.Call
DeleteS3Bucket indicates an expected call of DeleteS3Bucket.
func (*MockClientMockRecorder) DeleteSecretInSecretsManager ¶ added in v1.2.36
func (mr *MockClientMockRecorder) DeleteSecretInSecretsManager(secretArn any) *gomock.Call
DeleteSecretInSecretsManager indicates an expected call of DeleteSecretInSecretsManager.
func (*MockClientMockRecorder) DeleteUserRole ¶ added in v1.2.36
func (mr *MockClientMockRecorder) DeleteUserRole(roleName any) *gomock.Call
DeleteUserRole indicates an expected call of DeleteUserRole.
func (*MockClientMockRecorder) DescribeAvailabilityZones ¶ added in v1.2.36
func (mr *MockClientMockRecorder) DescribeAvailabilityZones() *gomock.Call
DescribeAvailabilityZones indicates an expected call of DescribeAvailabilityZones.
func (*MockClientMockRecorder) DetachRolePolicies ¶ added in v1.2.36
func (mr *MockClientMockRecorder) DetachRolePolicies(roleName any) *gomock.Call
DetachRolePolicies indicates an expected call of DetachRolePolicies.
func (*MockClientMockRecorder) DetachRolePolicy ¶ added in v1.2.39
func (mr *MockClientMockRecorder) DetachRolePolicy(policyArn, roleName any) *gomock.Call
DetachRolePolicy indicates an expected call of DetachRolePolicy.
func (*MockClientMockRecorder) EnsureOsdCcsAdminUser ¶ added in v1.2.36
func (mr *MockClientMockRecorder) EnsureOsdCcsAdminUser(stackName, adminUserName, awsRegion any) *gomock.Call
EnsureOsdCcsAdminUser indicates an expected call of EnsureOsdCcsAdminUser.
func (*MockClientMockRecorder) EnsurePolicy ¶ added in v1.2.36
func (mr *MockClientMockRecorder) EnsurePolicy(policyArn, document, version, tagList, path any) *gomock.Call
EnsurePolicy indicates an expected call of EnsurePolicy.
func (*MockClientMockRecorder) EnsureRole ¶ added in v1.2.36
func (mr *MockClientMockRecorder) EnsureRole(reporter, name, policy, permissionsBoundary, version, tagList, path, managedPolicies any) *gomock.Call
EnsureRole indicates an expected call of EnsureRole.
func (*MockClientMockRecorder) FetchPublicSubnetMap ¶ added in v1.2.36
func (mr *MockClientMockRecorder) FetchPublicSubnetMap(subnets any) *gomock.Call
FetchPublicSubnetMap indicates an expected call of FetchPublicSubnetMap.
func (*MockClientMockRecorder) FilterVPCsPrivateSubnets ¶ added in v1.2.36
func (mr *MockClientMockRecorder) FilterVPCsPrivateSubnets(subnets any) *gomock.Call
FilterVPCsPrivateSubnets indicates an expected call of FilterVPCsPrivateSubnets.
func (*MockClientMockRecorder) FindPolicyARN ¶ added in v1.2.36
func (mr *MockClientMockRecorder) FindPolicyARN(operator, version any) *gomock.Call
FindPolicyARN indicates an expected call of FindPolicyARN.
func (*MockClientMockRecorder) FindRoleARNs ¶ added in v1.2.36
func (mr *MockClientMockRecorder) FindRoleARNs(roleType, version any) *gomock.Call
FindRoleARNs indicates an expected call of FindRoleARNs.
func (*MockClientMockRecorder) FindRoleARNsClassic ¶ added in v1.2.36
func (mr *MockClientMockRecorder) FindRoleARNsClassic(roleType, version any) *gomock.Call
FindRoleARNsClassic indicates an expected call of FindRoleARNsClassic.
func (*MockClientMockRecorder) FindRoleARNsHostedCp ¶ added in v1.2.36
func (mr *MockClientMockRecorder) FindRoleARNsHostedCp(roleType, version any) *gomock.Call
FindRoleARNsHostedCp indicates an expected call of FindRoleARNsHostedCp.
func (*MockClientMockRecorder) ForceEnsurePolicy ¶ added in v1.2.36
func (mr *MockClientMockRecorder) ForceEnsurePolicy(policyArn, document, version, tagList, path any) *gomock.Call
ForceEnsurePolicy indicates an expected call of ForceEnsurePolicy.
func (*MockClientMockRecorder) GetAWSAccessKeys ¶ added in v1.2.36
func (mr *MockClientMockRecorder) GetAWSAccessKeys() *gomock.Call
GetAWSAccessKeys indicates an expected call of GetAWSAccessKeys.
func (*MockClientMockRecorder) GetAccountRoleARN ¶ added in v1.2.36
func (mr *MockClientMockRecorder) GetAccountRoleARN(prefix, roleType any) *gomock.Call
GetAccountRoleARN indicates an expected call of GetAccountRoleARN.
func (*MockClientMockRecorder) GetAccountRoleByArn ¶ added in v1.2.36
func (mr *MockClientMockRecorder) GetAccountRoleByArn(roleArn any) *gomock.Call
GetAccountRoleByArn indicates an expected call of GetAccountRoleByArn.
func (*MockClientMockRecorder) GetAccountRoleDefaultPolicy ¶ added in v1.2.40
func (mr *MockClientMockRecorder) GetAccountRoleDefaultPolicy(roleName, prefix any) *gomock.Call
GetAccountRoleDefaultPolicy indicates an expected call of GetAccountRoleDefaultPolicy.
func (*MockClientMockRecorder) GetAccountRoleForCurrentEnv ¶ added in v1.2.36
func (mr *MockClientMockRecorder) GetAccountRoleForCurrentEnv(env, roleName any) *gomock.Call
GetAccountRoleForCurrentEnv indicates an expected call of GetAccountRoleForCurrentEnv.
func (*MockClientMockRecorder) GetAccountRoleForCurrentEnvWithPrefix ¶ added in v1.2.36
func (mr *MockClientMockRecorder) GetAccountRoleForCurrentEnvWithPrefix(env, rolePrefix, accountRolesMap any) *gomock.Call
GetAccountRoleForCurrentEnvWithPrefix indicates an expected call of GetAccountRoleForCurrentEnvWithPrefix.
func (*MockClientMockRecorder) GetAccountRolePolicies ¶ added in v1.2.36
func (mr *MockClientMockRecorder) GetAccountRolePolicies(roles, prefix any) *gomock.Call
GetAccountRolePolicies indicates an expected call of GetAccountRolePolicies.
func (*MockClientMockRecorder) GetAccountRoleVersion ¶ added in v1.2.36
func (mr *MockClientMockRecorder) GetAccountRoleVersion(roleName any) *gomock.Call
GetAccountRoleVersion indicates an expected call of GetAccountRoleVersion.
func (*MockClientMockRecorder) GetAccountRolesForCurrentEnv ¶ added in v1.2.36
func (mr *MockClientMockRecorder) GetAccountRolesForCurrentEnv(env, accountID any) *gomock.Call
GetAccountRolesForCurrentEnv indicates an expected call of GetAccountRolesForCurrentEnv.
func (*MockClientMockRecorder) GetAttachedPolicy ¶ added in v1.2.36
func (mr *MockClientMockRecorder) GetAttachedPolicy(role any) *gomock.Call
GetAttachedPolicy indicates an expected call of GetAttachedPolicy.
func (*MockClientMockRecorder) GetAvailabilityZoneType ¶ added in v1.2.37
func (mr *MockClientMockRecorder) GetAvailabilityZoneType(availabilityZoneName any) *gomock.Call
GetAvailabilityZoneType indicates an expected call of GetAvailabilityZoneType.
func (*MockClientMockRecorder) GetClusterRegionTagForUser ¶ added in v1.2.36
func (mr *MockClientMockRecorder) GetClusterRegionTagForUser(username any) *gomock.Call
GetClusterRegionTagForUser indicates an expected call of GetClusterRegionTagForUser.
func (*MockClientMockRecorder) GetCreator ¶ added in v1.2.36
func (mr *MockClientMockRecorder) GetCreator() *gomock.Call
GetCreator indicates an expected call of GetCreator.
func (*MockClientMockRecorder) GetDefaultPolicyDocument ¶ added in v1.2.36
func (mr *MockClientMockRecorder) GetDefaultPolicyDocument(policyArn any) *gomock.Call
GetDefaultPolicyDocument indicates an expected call of GetDefaultPolicyDocument.
func (*MockClientMockRecorder) GetIAMCredentials ¶ added in v1.2.36
func (mr *MockClientMockRecorder) GetIAMCredentials() *gomock.Call
GetIAMCredentials indicates an expected call of GetIAMCredentials.
func (*MockClientMockRecorder) GetIAMServiceQuota ¶ added in v1.2.39
func (mr *MockClientMockRecorder) GetIAMServiceQuota(quotaCode any) *gomock.Call
GetIAMServiceQuota indicates an expected call of GetIAMServiceQuota.
func (*MockClientMockRecorder) GetInstanceProfilesForRole ¶ added in v1.2.36
func (mr *MockClientMockRecorder) GetInstanceProfilesForRole(role any) *gomock.Call
GetInstanceProfilesForRole indicates an expected call of GetInstanceProfilesForRole.
func (*MockClientMockRecorder) GetLocalAWSAccessKeys ¶ added in v1.2.36
func (mr *MockClientMockRecorder) GetLocalAWSAccessKeys() *gomock.Call
GetLocalAWSAccessKeys indicates an expected call of GetLocalAWSAccessKeys.
func (*MockClientMockRecorder) GetOpenIDConnectProviderByClusterIdTag ¶ added in v1.2.36
func (mr *MockClientMockRecorder) GetOpenIDConnectProviderByClusterIdTag(clusterID any) *gomock.Call
GetOpenIDConnectProviderByClusterIdTag indicates an expected call of GetOpenIDConnectProviderByClusterIdTag.
func (*MockClientMockRecorder) GetOpenIDConnectProviderByOidcEndpointUrl ¶ added in v1.2.36
func (mr *MockClientMockRecorder) GetOpenIDConnectProviderByOidcEndpointUrl(oidcEndpointUrl any) *gomock.Call
GetOpenIDConnectProviderByOidcEndpointUrl indicates an expected call of GetOpenIDConnectProviderByOidcEndpointUrl.
func (*MockClientMockRecorder) GetOperatorRoleDefaultPolicy ¶ added in v1.2.40
func (mr *MockClientMockRecorder) GetOperatorRoleDefaultPolicy(roleName any) *gomock.Call
GetOperatorRoleDefaultPolicy indicates an expected call of GetOperatorRoleDefaultPolicy.
func (*MockClientMockRecorder) GetOperatorRolePolicies ¶ added in v1.2.40
func (mr *MockClientMockRecorder) GetOperatorRolePolicies(roles any) *gomock.Call
GetOperatorRolePolicies indicates an expected call of GetOperatorRolePolicies.
func (*MockClientMockRecorder) GetOperatorRolesFromAccountByClusterID ¶ added in v1.2.36
func (mr *MockClientMockRecorder) GetOperatorRolesFromAccountByClusterID(clusterID, credRequests any) *gomock.Call
GetOperatorRolesFromAccountByClusterID indicates an expected call of GetOperatorRolesFromAccountByClusterID.
func (*MockClientMockRecorder) GetOperatorRolesFromAccountByPrefix ¶ added in v1.2.36
func (mr *MockClientMockRecorder) GetOperatorRolesFromAccountByPrefix(prefix, credRequest any) *gomock.Call
GetOperatorRolesFromAccountByPrefix indicates an expected call of GetOperatorRolesFromAccountByPrefix.
func (*MockClientMockRecorder) GetPolicyDetailsFromRole ¶ added in v1.2.49
func (mr *MockClientMockRecorder) GetPolicyDetailsFromRole(role any) *gomock.Call
GetPolicyDetailsFromRole indicates an expected call of GetPolicyDetailsFromRole.
func (*MockClientMockRecorder) GetRegion ¶ added in v1.2.36
func (mr *MockClientMockRecorder) GetRegion() *gomock.Call
GetRegion indicates an expected call of GetRegion.
func (*MockClientMockRecorder) GetRoleARNPath ¶ added in v1.2.36
func (mr *MockClientMockRecorder) GetRoleARNPath(prefix any) *gomock.Call
GetRoleARNPath indicates an expected call of GetRoleARNPath.
func (*MockClientMockRecorder) GetRoleByARN ¶ added in v1.2.36
func (mr *MockClientMockRecorder) GetRoleByARN(roleARN any) *gomock.Call
GetRoleByARN indicates an expected call of GetRoleByARN.
func (*MockClientMockRecorder) GetRoleByName ¶ added in v1.2.39
func (mr *MockClientMockRecorder) GetRoleByName(roleName any) *gomock.Call
GetRoleByName indicates an expected call of GetRoleByName.
func (*MockClientMockRecorder) GetSecurityGroupIds ¶ added in v1.2.36
func (mr *MockClientMockRecorder) GetSecurityGroupIds(vpcId any) *gomock.Call
GetSecurityGroupIds indicates an expected call of GetSecurityGroupIds.
func (*MockClientMockRecorder) GetSubnetAvailabilityZone ¶ added in v1.2.36
func (mr *MockClientMockRecorder) GetSubnetAvailabilityZone(subnetID any) *gomock.Call
GetSubnetAvailabilityZone indicates an expected call of GetSubnetAvailabilityZone.
func (*MockClientMockRecorder) GetVPCPrivateSubnets ¶ added in v1.2.36
func (mr *MockClientMockRecorder) GetVPCPrivateSubnets(subnetID any) *gomock.Call
GetVPCPrivateSubnets indicates an expected call of GetVPCPrivateSubnets.
func (*MockClientMockRecorder) GetVPCSubnets ¶ added in v1.2.36
func (mr *MockClientMockRecorder) GetVPCSubnets(subnetID any) *gomock.Call
GetVPCSubnets indicates an expected call of GetVPCSubnets.
func (*MockClientMockRecorder) HasHostedCPPolicies ¶ added in v1.2.36
func (mr *MockClientMockRecorder) HasHostedCPPolicies(roleARN any) *gomock.Call
HasHostedCPPolicies indicates an expected call of HasHostedCPPolicies.
func (*MockClientMockRecorder) HasManagedPolicies ¶ added in v1.2.36
func (mr *MockClientMockRecorder) HasManagedPolicies(roleARN any) *gomock.Call
HasManagedPolicies indicates an expected call of HasManagedPolicies.
func (*MockClientMockRecorder) HasOpenIDConnectProvider ¶ added in v1.2.36
func (mr *MockClientMockRecorder) HasOpenIDConnectProvider(issuerURL, partition, accountID any) *gomock.Call
HasOpenIDConnectProvider indicates an expected call of HasOpenIDConnectProvider.
func (*MockClientMockRecorder) HasPermissionsBoundary ¶ added in v1.2.36
func (mr *MockClientMockRecorder) HasPermissionsBoundary(roleName any) *gomock.Call
HasPermissionsBoundary indicates an expected call of HasPermissionsBoundary.
func (*MockClientMockRecorder) IsAdminRole ¶ added in v1.2.36
func (mr *MockClientMockRecorder) IsAdminRole(roleName any) *gomock.Call
IsAdminRole indicates an expected call of IsAdminRole.
func (*MockClientMockRecorder) IsLocalAvailabilityZone ¶ added in v1.2.36
func (mr *MockClientMockRecorder) IsLocalAvailabilityZone(availabilityZoneName any) *gomock.Call
IsLocalAvailabilityZone indicates an expected call of IsLocalAvailabilityZone.
func (*MockClientMockRecorder) IsPolicyCompatible ¶ added in v1.2.36
func (mr *MockClientMockRecorder) IsPolicyCompatible(policyArn, version any) *gomock.Call
IsPolicyCompatible indicates an expected call of IsPolicyCompatible.
func (*MockClientMockRecorder) IsPolicyExists ¶ added in v1.2.36
func (mr *MockClientMockRecorder) IsPolicyExists(policyARN any) *gomock.Call
IsPolicyExists indicates an expected call of IsPolicyExists.
func (*MockClientMockRecorder) IsRolePolicyExists ¶ added in v1.2.36
func (mr *MockClientMockRecorder) IsRolePolicyExists(roleName, policyName any) *gomock.Call
IsRolePolicyExists indicates an expected call of IsRolePolicyExists.
func (*MockClientMockRecorder) IsUpgradedNeededForAccountRolePolicies ¶ added in v1.2.36
func (mr *MockClientMockRecorder) IsUpgradedNeededForAccountRolePolicies(rolePrefix, version any) *gomock.Call
IsUpgradedNeededForAccountRolePolicies indicates an expected call of IsUpgradedNeededForAccountRolePolicies.
func (*MockClientMockRecorder) IsUpgradedNeededForAccountRolePoliciesUsingCluster ¶ added in v1.2.36
func (mr *MockClientMockRecorder) IsUpgradedNeededForAccountRolePoliciesUsingCluster(clusterID, version any) *gomock.Call
IsUpgradedNeededForAccountRolePoliciesUsingCluster indicates an expected call of IsUpgradedNeededForAccountRolePoliciesUsingCluster.
func (*MockClientMockRecorder) IsUpgradedNeededForOperatorRolePoliciesUsingCluster ¶ added in v1.2.36
func (mr *MockClientMockRecorder) IsUpgradedNeededForOperatorRolePoliciesUsingCluster(cluster, partition, accountID, version, credRequests, operatorRolePolicyPrefix any) *gomock.Call
IsUpgradedNeededForOperatorRolePoliciesUsingCluster indicates an expected call of IsUpgradedNeededForOperatorRolePoliciesUsingCluster.
func (*MockClientMockRecorder) IsUpgradedNeededForOperatorRolePoliciesUsingPrefix ¶ added in v1.2.36
func (mr *MockClientMockRecorder) IsUpgradedNeededForOperatorRolePoliciesUsingPrefix(rolePrefix, partition, accountID, version, credRequests, path any) *gomock.Call
IsUpgradedNeededForOperatorRolePoliciesUsingPrefix indicates an expected call of IsUpgradedNeededForOperatorRolePoliciesUsingPrefix.
func (*MockClientMockRecorder) IsUserRole ¶ added in v1.2.36
func (mr *MockClientMockRecorder) IsUserRole(roleName any) *gomock.Call
IsUserRole indicates an expected call of IsUserRole.
func (*MockClientMockRecorder) ListAccountRoles ¶ added in v1.2.36
func (mr *MockClientMockRecorder) ListAccountRoles(version any) *gomock.Call
ListAccountRoles indicates an expected call of ListAccountRoles.
func (*MockClientMockRecorder) ListAttachedRolePolicies ¶ added in v1.2.40
func (mr *MockClientMockRecorder) ListAttachedRolePolicies(roleName any) *gomock.Call
ListAttachedRolePolicies indicates an expected call of ListAttachedRolePolicies.
func (*MockClientMockRecorder) ListOCMRoles ¶ added in v1.2.36
func (mr *MockClientMockRecorder) ListOCMRoles() *gomock.Call
ListOCMRoles indicates an expected call of ListOCMRoles.
func (*MockClientMockRecorder) ListOidcProviders ¶ added in v1.2.36
func (mr *MockClientMockRecorder) ListOidcProviders(targetClusterId, config any) *gomock.Call
ListOidcProviders indicates an expected call of ListOidcProviders.
func (*MockClientMockRecorder) ListOperatorRoles ¶ added in v1.2.36
func (mr *MockClientMockRecorder) ListOperatorRoles(version, clusterID, prefix any) *gomock.Call
ListOperatorRoles indicates an expected call of ListOperatorRoles.
func (*MockClientMockRecorder) ListPolicyVersions ¶ added in v1.2.48
func (mr *MockClientMockRecorder) ListPolicyVersions(policyArn any) *gomock.Call
ListPolicyVersions indicates an expected call of ListPolicyVersions.
func (*MockClientMockRecorder) ListSubnets ¶ added in v1.2.36
func (mr *MockClientMockRecorder) ListSubnets(subnetIds ...any) *gomock.Call
ListSubnets indicates an expected call of ListSubnets.
func (*MockClientMockRecorder) ListUserRoles ¶ added in v1.2.36
func (mr *MockClientMockRecorder) ListUserRoles() *gomock.Call
ListUserRoles indicates an expected call of ListUserRoles.
func (*MockClientMockRecorder) PutPublicReadObjectInS3Bucket ¶ added in v1.2.36
func (mr *MockClientMockRecorder) PutPublicReadObjectInS3Bucket(bucketName, body, key any) *gomock.Call
PutPublicReadObjectInS3Bucket indicates an expected call of PutPublicReadObjectInS3Bucket.
func (*MockClientMockRecorder) PutRolePolicy ¶ added in v1.2.36
func (mr *MockClientMockRecorder) PutRolePolicy(roleName, policyName, policy any) *gomock.Call
PutRolePolicy indicates an expected call of PutRolePolicy.
func (*MockClientMockRecorder) TagUserRegion ¶ added in v1.2.36
func (mr *MockClientMockRecorder) TagUserRegion(username, region any) *gomock.Call
TagUserRegion indicates an expected call of TagUserRegion.
func (*MockClientMockRecorder) UpdateTag ¶ added in v1.2.36
func (mr *MockClientMockRecorder) UpdateTag(roleName, defaultPolicyVersion any) *gomock.Call
UpdateTag indicates an expected call of UpdateTag.
func (*MockClientMockRecorder) ValidateAccountRoleVersionCompatibility ¶ added in v1.2.36
func (mr *MockClientMockRecorder) ValidateAccountRoleVersionCompatibility(roleName, roleType, minVersion any) *gomock.Call
ValidateAccountRoleVersionCompatibility indicates an expected call of ValidateAccountRoleVersionCompatibility.
func (*MockClientMockRecorder) ValidateAccountRolesManagedPolicies ¶ added in v1.2.36
func (mr *MockClientMockRecorder) ValidateAccountRolesManagedPolicies(prefix, policies any) *gomock.Call
ValidateAccountRolesManagedPolicies indicates an expected call of ValidateAccountRolesManagedPolicies.
func (*MockClientMockRecorder) ValidateCredentials ¶ added in v1.2.36
func (mr *MockClientMockRecorder) ValidateCredentials() *gomock.Call
ValidateCredentials indicates an expected call of ValidateCredentials.
func (*MockClientMockRecorder) ValidateHCPAccountRolesManagedPolicies ¶ added in v1.2.36
func (mr *MockClientMockRecorder) ValidateHCPAccountRolesManagedPolicies(prefix, policies any) *gomock.Call
ValidateHCPAccountRolesManagedPolicies indicates an expected call of ValidateHCPAccountRolesManagedPolicies.
func (*MockClientMockRecorder) ValidateOperatorRolesManagedPolicies ¶ added in v1.2.36
func (mr *MockClientMockRecorder) ValidateOperatorRolesManagedPolicies(cluster, operatorRoles, policies, hostedCPPolicies any) *gomock.Call
ValidateOperatorRolesManagedPolicies indicates an expected call of ValidateOperatorRolesManagedPolicies.
func (*MockClientMockRecorder) ValidateQuota ¶ added in v1.2.36
func (mr *MockClientMockRecorder) ValidateQuota() *gomock.Call
ValidateQuota indicates an expected call of ValidateQuota.
func (*MockClientMockRecorder) ValidateRoleARNAccountIDMatchCallerAccountID ¶ added in v1.2.36
func (mr *MockClientMockRecorder) ValidateRoleARNAccountIDMatchCallerAccountID(roleARN any) *gomock.Call
ValidateRoleARNAccountIDMatchCallerAccountID indicates an expected call of ValidateRoleARNAccountIDMatchCallerAccountID.
func (*MockClientMockRecorder) ValidateRoleNameAvailable ¶ added in v1.2.36
func (mr *MockClientMockRecorder) ValidateRoleNameAvailable(name any) *gomock.Call
ValidateRoleNameAvailable indicates an expected call of ValidateRoleNameAvailable.
func (*MockClientMockRecorder) ValidateSCP ¶ added in v1.2.36
func (mr *MockClientMockRecorder) ValidateSCP(arg0, arg1 any) *gomock.Call
ValidateSCP indicates an expected call of ValidateSCP.
type OidcProviderOutput ¶ added in v1.2.23
type OperatorRoleDetail ¶ added in v1.2.26
type OperatorRoleDetail struct { OperatorName string `json:"Name,omitempty"` OperatorNamespace string `json:"Namespace,omitempty"` Version string `json:"Version,omitempty"` RoleName string `json:"RoleName,omitempty"` RoleARN string `json:"RoleARN,omitempty"` ClusterID string `json:"ClusterID,omitempty"` AttachedPolicies []string `json:"Policy,omitempty"` ManagedPolicy bool `json:"ManagedPolicy,omitempty"` }
type Policy ¶ added in v1.1.3
type Policy struct { PolicyName string `json:"PolicyName,omitempty"` PolicyDocument PolicyDocument `json:"PolicyDocument,omitempty"` }
type PolicyDetail ¶ added in v1.1.5
func FindAllAttachedPolicyDetails ¶ added in v1.2.9
func FindAllAttachedPolicyDetails(policiesDetails []PolicyDetail) []PolicyDetail
func FindFirstAttachedPolicy ¶ added in v1.2.9
func FindFirstAttachedPolicy(policiesDetails []PolicyDetail) PolicyDetail
type PolicyDocument ¶
type PolicyDocument struct { ID string `json:"Id,omitempty"` // Specify the version of the policy language that you want to use. // As a best practice, use the latest 2012-10-17 version. Version string `json:"Version,omitempty"` // Use this main policy element as a container for the following elements. // You can include more than one statement in a policy. Statement []PolicyStatement `json:"Statement"` }
PolicyDocument models an AWS IAM policy document
func NewPolicyDocument ¶ added in v1.2.3
func NewPolicyDocument() *PolicyDocument
func ParsePolicyDocument ¶ added in v1.2.3
func ParsePolicyDocument(doc string) (*PolicyDocument, error)
func (*PolicyDocument) AllowActions ¶ added in v1.2.3
func (p *PolicyDocument) AllowActions(actions ...string)
AllowActions adds a statement to a policy allowing the provided actions for all Resources. If you need a more compilex statement it is better to construct it manually.
func (*PolicyDocument) GetAllowedActions ¶ added in v1.2.3
func (p *PolicyDocument) GetAllowedActions() []string
func (*PolicyDocument) IsActionAllowed ¶ added in v1.2.3
func (p *PolicyDocument) IsActionAllowed(wanted string) bool
IsActionAllowed checks if any of the statements in the document allows the wanted action. It does not take into account Resource or Principal constraints on the action.
func (PolicyDocument) String ¶ added in v1.2.3
func (p PolicyDocument) String() string
type PolicyStatement ¶
type PolicyStatement struct { // Include an optional statement ID to differentiate between your statements. Sid string `json:"Sid,omitempty"` // Use `Allow` or `Deny` to indicate whether the policy allows or denies access. Effect string `json:"Effect"` // If you create a resource-based policy, you must indicate the account, user, role, or // federated user to which you would like to allow or deny access. If you are creating an // IAM permissions policy to attach to a user or role, you cannot include this element. // The principal is implied as that user or role. Principal *PolicyStatementPrincipal `json:"Principal,omitempty"` // Include a list of actions that the policy allows or denies. // (i.e. ec2:StartInstances, iam:ChangePassword) Action interface{} `json:"Action,omitempty"` // If you create an IAM permissions policy, you must specify a list of resources to which // the actions apply. If you create a resource-based policy, this element is optional. If // you do not include this element, then the resource to which the action applies is the // resource to which the policy is attached. Resource interface{} `json:"Resource,omitempty"` }
PolicyStatement models an AWS policy statement entry.
func (*PolicyStatement) GetAWSPrincipals ¶ added in v1.2.3
func (p *PolicyStatement) GetAWSPrincipals() []string
type PolicyStatementPrincipal ¶ added in v1.1.0
type PolicyStatementPrincipal struct { // A service principal is an identifier that is used to grant permissions to a service. // The identifier for a service principal includes the service name, and is usually in the // following format: service-name.amazonaws.com Service []string `json:"Service,omitempty"` // You can specify an individual IAM role ARN (or array of role ARNs) as the principal. // In IAM roles, the Principal element in the role's trust policy specifies who can assume the role. // When you specify more than one principal in the element, you grant permissions to each principal. AWS interface{} `json:"AWS,omitempty"` // A federated principal uses a web identity token or SAML federation Federated string `json:"Federated,omitempty"` }
type PolicyVersion ¶ added in v1.2.48
type Role ¶ added in v1.1.3
type Role struct { RoleType string `json:"RoleType,omitempty"` Version string `json:"Version,omitempty"` RolePrefix string `json:"RolePrefix,omitempty"` RoleName string `json:"RoleName,omitempty"` RoleARN string `json:"RoleARN,omitempty"` Linked string `json:"Linked,omitempty"` Admin string `json:"Admin,omitempty"` ManagedPolicy bool `json:"ManagedPolicy,omitempty"` ClusterID string `json:"ClusterID,omitempty"` }
type SimulateParams ¶
type SimulateParams struct {
Region string
}
SimulateParams captures any additional details that should be used when simulating permissions.
Source Files ¶
Directories ¶
Path | Synopsis |
---|---|
Package mocks is a generated GoMock package.
|
Package mocks is a generated GoMock package. |