iam

package
v0.0.6 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Nov 5, 2024 License: Apache-2.0 Imports: 36 Imported by: 0

Documentation

Index

Constants

View Source
const (
	UserResourceType    string = "user"
	GroupResourceType   string = "group"
	RoleResourceType    string = "role"
	SsoRoleResourceType string = "ssorole"
)

Variables

This section is empty.

Functions

func CreateWhatFromPolicyDocument

func CreateWhatFromPolicyDocument(policy *awspolicy.Policy, policyName string, account string, cfg *config.ConfigMap) ([]sync_from_target.WhatItem, bool)

func CreateWhoAndWhatFromAccessPointPolicy

func CreateWhoAndWhatFromAccessPointPolicy(policy *awspolicy.Policy, bucketName string, name string, account string, cfg *config.ConfigMap) (*sync_from_target.WhoItem, []sync_from_target.WhatItem, bool)

func CreateWhoFromTrustPolicyDocument

func CreateWhoFromTrustPolicyDocument(policy *awspolicy.Policy, role string, account string) (*sync_from_target.WhoItem, bool)

Types

type AwsIamRepository

type AwsIamRepository struct {
	// contains filtered or unexported fields
}

func NewAwsIamRepository

func NewAwsIamRepository(configMap *config.ConfigMap) *AwsIamRepository

func (*AwsIamRepository) AddAttachedEntitiesToManagedPolicy

func (repo *AwsIamRepository) AddAttachedEntitiesToManagedPolicy(ctx context.Context, client *iam.Client, policy *model.PolicyEntity) error

func (*AwsIamRepository) AttachGroupToManagedPolicy

func (repo *AwsIamRepository) AttachGroupToManagedPolicy(ctx context.Context, policyArn string, groupNames []string) error

func (*AwsIamRepository) AttachRoleToManagedPolicy

func (repo *AwsIamRepository) AttachRoleToManagedPolicy(ctx context.Context, policyArn string, roleNames []string) error

func (*AwsIamRepository) AttachUserToManagedPolicy

func (repo *AwsIamRepository) AttachUserToManagedPolicy(ctx context.Context, policyArn string, userNames []string) error

func (*AwsIamRepository) ClearCache added in v0.0.4

func (repo *AwsIamRepository) ClearCache()

func (*AwsIamRepository) ClearManagedPoliciesCache

func (repo *AwsIamRepository) ClearManagedPoliciesCache()

func (*AwsIamRepository) ClearRolesCache

func (repo *AwsIamRepository) ClearRolesCache()

func (*AwsIamRepository) CreateAccessPoint

func (repo *AwsIamRepository) CreateAccessPoint(ctx context.Context, name, bucket string, region string, statements []*awspolicy.Statement) (string, error)

func (*AwsIamRepository) CreateAssumeRolePolicyDocument

func (repo *AwsIamRepository) CreateAssumeRolePolicyDocument(existingPolicyDoc *string, userNames ...string) (string, error)

func (*AwsIamRepository) CreateManagedPolicy

func (repo *AwsIamRepository) CreateManagedPolicy(ctx context.Context, policyName string, statements []*awspolicy.Statement) (*types.Policy, error)

func (*AwsIamRepository) CreateRole

func (repo *AwsIamRepository) CreateRole(ctx context.Context, name, description string, userNames []string) (bool, error)

CreateRole creates an AWS Role. Every role needs a non-empty policy document (otherwise the Role is useless). the principals input parameters define which users will be able to assume the policy initially

func (*AwsIamRepository) CreateRoleInlinePolicy

func (repo *AwsIamRepository) CreateRoleInlinePolicy(ctx context.Context, roleName string, policyName string, statements []*awspolicy.Statement) error

func (*AwsIamRepository) DeleteAccessPoint

func (repo *AwsIamRepository) DeleteAccessPoint(ctx context.Context, name string, region string) error

func (*AwsIamRepository) DeleteInlinePolicy

func (repo *AwsIamRepository) DeleteInlinePolicy(ctx context.Context, policyName, resourceName, resourceType string) error

func (*AwsIamRepository) DeleteManagedPolicy

func (repo *AwsIamRepository) DeleteManagedPolicy(ctx context.Context, policyName string, awsManaged bool) error

func (*AwsIamRepository) DeleteRole

func (repo *AwsIamRepository) DeleteRole(ctx context.Context, name string) error

func (*AwsIamRepository) DeleteRoleInlinePolicies

func (repo *AwsIamRepository) DeleteRoleInlinePolicies(ctx context.Context, roleName string) error

func (*AwsIamRepository) DetachGroupFromManagedPolicy

func (repo *AwsIamRepository) DetachGroupFromManagedPolicy(ctx context.Context, policyArn string, groupNames []string) error

func (*AwsIamRepository) DetachRoleFromManagedPolicy

func (repo *AwsIamRepository) DetachRoleFromManagedPolicy(ctx context.Context, policyArn string, roleNames []string) error

func (*AwsIamRepository) DetachUserFromManagedPolicy

func (repo *AwsIamRepository) DetachUserFromManagedPolicy(ctx context.Context, policyArn string, userNames []string) error

func (*AwsIamRepository) GetConfig

func (repo *AwsIamRepository) GetConfig() *config.ConfigMap

func (*AwsIamRepository) GetGroups

func (repo *AwsIamRepository) GetGroups(ctx context.Context) ([]model.GroupEntity, error)

func (*AwsIamRepository) GetIamClient

func (repo *AwsIamRepository) GetIamClient(ctx context.Context) (*iam.Client, error)

func (*AwsIamRepository) GetIamOrgClient

func (repo *AwsIamRepository) GetIamOrgClient(ctx context.Context) (*iam.Client, error)

func (*AwsIamRepository) GetInlinePoliciesForEntities

func (repo *AwsIamRepository) GetInlinePoliciesForEntities(ctx context.Context, entityNames []string, entityType string) (map[string][]model.PolicyEntity, error)

func (*AwsIamRepository) GetManagedPolicies

func (repo *AwsIamRepository) GetManagedPolicies(ctx context.Context) ([]model.PolicyEntity, error)

func (*AwsIamRepository) GetPolicyArn

func (repo *AwsIamRepository) GetPolicyArn(policyName string, awsManaged bool, configMap *config.ConfigMap) string

func (*AwsIamRepository) GetRoles

func (repo *AwsIamRepository) GetRoles(ctx context.Context) ([]model.RoleEntity, error)

func (*AwsIamRepository) GetSsoRoleWithPrefix

func (repo *AwsIamRepository) GetSsoRoleWithPrefix(ctx context.Context, prefixName string) (*model.RoleEntity, error)

func (*AwsIamRepository) GetUsers

func (repo *AwsIamRepository) GetUsers(ctx context.Context, withDetails bool) ([]model.UserEntity, error)

func (*AwsIamRepository) ListAccessPoints

func (repo *AwsIamRepository) ListAccessPoints(ctx context.Context, region string) ([]model.AwsS3AccessPoint, error)

func (*AwsIamRepository) UpdateAccessPoint

func (repo *AwsIamRepository) UpdateAccessPoint(ctx context.Context, name string, region string, statements []*awspolicy.Statement) error

func (*AwsIamRepository) UpdateAssumeEntities

func (repo *AwsIamRepository) UpdateAssumeEntities(ctx context.Context, roleName string, userNames []string) error

func (*AwsIamRepository) UpdateInlinePolicy

func (repo *AwsIamRepository) UpdateInlinePolicy(ctx context.Context, policyName, resourceName, resourceType string, statements []*awspolicy.Statement) error

func (*AwsIamRepository) UpdateManagedPolicy

func (repo *AwsIamRepository) UpdateManagedPolicy(ctx context.Context, policyName string, awsManaged bool, statements []*awspolicy.Statement) error

type AwsSsoIamRepository

type AwsSsoIamRepository struct {
	// contains filtered or unexported fields
}

func NewAwsSsoIamRepository

func NewAwsSsoIamRepository(configMap *config.ConfigMap, account string, client *ssoadmin.Client, identityStoreClient *identitystore.Client) (*AwsSsoIamRepository, error)

func NewSsoClient

func NewSsoClient(ctx context.Context, cfgMap *config.ConfigMap, account string) (*AwsSsoIamRepository, error)

func (*AwsSsoIamRepository) AssignPermissionSet

func (repo *AwsSsoIamRepository) AssignPermissionSet(ctx context.Context, permissionSetArn string, principalType ssoTypes.PrincipalType, principal string) error

func (*AwsSsoIamRepository) AttachAwsManagedPolicyToPermissionSet

func (repo *AwsSsoIamRepository) AttachAwsManagedPolicyToPermissionSet(ctx context.Context, permissionSetArn string, policyArn string) error

func (*AwsSsoIamRepository) AttachCustomerManagedPolicyToPermissionSet

func (repo *AwsSsoIamRepository) AttachCustomerManagedPolicyToPermissionSet(ctx context.Context, permissionSetArn string, name string, path *string) error

func (*AwsSsoIamRepository) CreateSsoRole

func (repo *AwsSsoIamRepository) CreateSsoRole(ctx context.Context, name, description string) (arn string, err error)

func (*AwsSsoIamRepository) DeleteSsoRole

func (repo *AwsSsoIamRepository) DeleteSsoRole(ctx context.Context, permissionSetArn string) error

func (*AwsSsoIamRepository) DetachAwsManagedPolicyFromPermissionSet

func (repo *AwsSsoIamRepository) DetachAwsManagedPolicyFromPermissionSet(ctx context.Context, permissionSetArn string, policyArn string) error

func (*AwsSsoIamRepository) DetachCustomerManagedPolicyFromPermissionSet

func (repo *AwsSsoIamRepository) DetachCustomerManagedPolicyFromPermissionSet(ctx context.Context, permissionSetArn string, name string, path *string) error

func (*AwsSsoIamRepository) GetGroups

func (repo *AwsSsoIamRepository) GetGroups(ctx context.Context) (bimap.Bimap[string, string], error)

func (*AwsSsoIamRepository) GetSsoRole

func (repo *AwsSsoIamRepository) GetSsoRole(ctx context.Context, permissionSetArn string) (*ssoTypes.PermissionSet, error)

func (*AwsSsoIamRepository) GetUsers

func (repo *AwsSsoIamRepository) GetUsers(ctx context.Context) (bimap.Bimap[string, string], error)

func (*AwsSsoIamRepository) HasRaitoCreatedTag

func (repo *AwsSsoIamRepository) HasRaitoCreatedTag(ctx context.Context, permissionSetArn string) (bool, error)

func (*AwsSsoIamRepository) ListAwsManagedPolicyFromPermissionSet

func (repo *AwsSsoIamRepository) ListAwsManagedPolicyFromPermissionSet(ctx context.Context, permissionSetArn string) (set.Set[string], error)

func (*AwsSsoIamRepository) ListCustomerManagedPolicyFromPermissionSet

func (repo *AwsSsoIamRepository) ListCustomerManagedPolicyFromPermissionSet(ctx context.Context, permissionSetArn string) (set.Set[string], error)

func (*AwsSsoIamRepository) ListPermissionSetAssignment

func (repo *AwsSsoIamRepository) ListPermissionSetAssignment(ctx context.Context, permissionSetArn string) ([]ssoTypes.AccountAssignment, error)

func (*AwsSsoIamRepository) ListSsoRole

func (repo *AwsSsoIamRepository) ListSsoRole(ctx context.Context) ([]string, error)

func (*AwsSsoIamRepository) ProvisionPermissionSet

func (repo *AwsSsoIamRepository) ProvisionPermissionSet(ctx context.Context, permissionSetArn string) (*ssoTypes.PermissionSetProvisioningStatus, error)

func (*AwsSsoIamRepository) ProvisionPermissionSetAndWait

func (repo *AwsSsoIamRepository) ProvisionPermissionSetAndWait(ctx context.Context, permissionSetArn string) error

func (*AwsSsoIamRepository) UnassignPermissionSet

func (repo *AwsSsoIamRepository) UnassignPermissionSet(ctx context.Context, permissionSetArn string, principalType ssoTypes.PrincipalType, principal string) error

func (*AwsSsoIamRepository) UpdateInlinePolicyToPermissionSet

func (repo *AwsSsoIamRepository) UpdateInlinePolicyToPermissionSet(ctx context.Context, permissionSetArn string, statements []*awspolicy.Statement) error

func (*AwsSsoIamRepository) UpdateSsoRole

func (repo *AwsSsoIamRepository) UpdateSsoRole(ctx context.Context, arn string, description string) error

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL