Documentation ¶
Index ¶
- Variables
- func NewBiqQueryClient(ctx context.Context, configMap *config.ConfigMap) (*bigquery.Client, func(), error)
- func NewDataPolicyClient(ctx context.Context, configMap *config.ConfigMap) (*datapolicies.DataPolicyClient, func(), error)
- func NewDataSourceMetaData(_ context.Context, configParams *config.ConfigMap) (*ds.MetaData, error)
- func NewIdentityStoreMetadata() *is.MetaData
- func NewPolicyTagClient(ctx context.Context, configMap *config.ConfigMap) (*datacatalog.PolicyTagManagerClient, func(), error)
- func NewRowAccessClient(service *bigquery2.Service) *bigquery2.RowAccessPoliciesService
- func NewServiceClient(ctx context.Context, configMap *config.ConfigMap) (*bigquery2.Service, error)
- type BQDataPolicy
- type BQEntity
- type BQFilter
- type BQInformationSchemaEntity
- type BQInformationSchemaReferencedTable
- type BQMaskingInformation
- type BQPolicyTag
- type BQReferencedTable
- type BigQueryRowAccessPoliciesService
- type BqFilteringService
- type BqMaskingService
- func (m *BqMaskingService) ExportMasks(ctx context.Context, accessProvider *importer.AccessProvider, ...) ([]string, error)
- func (m *BqMaskingService) ImportMasks(ctx context.Context, accessProviderHandler wrappers.AccessProviderHandler, ...) error
- func (m *BqMaskingService) MaskedBinding(_ context.Context, members []string) ([]iam.IamBinding, error)
- type DataCatalogRepository
- func (r *DataCatalogRepository) CreatePolicyTagWithDataPolicy(ctx context.Context, location string, ...) (_ *BQMaskingInformation, err error)
- func (r *DataCatalogRepository) DeletePolicyAndTag(ctx context.Context, policyTagId string) error
- func (r *DataCatalogRepository) GetFineGrainedReaderMembers(ctx context.Context, tagId string) ([]string, error)
- func (r *DataCatalogRepository) GetLocationsForDataObjects(ctx context.Context, ap *sync_to_target.AccessProvider) (map[string]string, map[string]string, error)
- func (r *DataCatalogRepository) GetMaskingInformationForDataPolicy(ctx context.Context, dataPolicyId string) (*BQMaskingInformation, error)
- func (r *DataCatalogRepository) ListDataPolicies(ctx context.Context) (map[string]BQMaskingInformation, error)
- func (r *DataCatalogRepository) UpdateAccess(ctx context.Context, maskingInformation *BQMaskingInformation, ...) error
- func (r *DataCatalogRepository) UpdatePolicyTag(ctx context.Context, location string, ...) (*BQMaskingInformation, error)
- func (r *DataCatalogRepository) UpdateWhatOfDataPolicy(ctx context.Context, policy *BQMaskingInformation, dataObjects []string, ...) error
- type DataObjectIterator
- func (it *DataObjectIterator) Bindings(ctx context.Context, config *ds.DataSourceSyncConfig, ...) error
- func (it *DataObjectIterator) DataObjects(ctx context.Context, config *ds.DataSourceSyncConfig, ...) error
- func (it *DataObjectIterator) DataSourceType() string
- func (it *DataObjectIterator) Sync(ctx context.Context, config *ds.DataSourceSyncConfig, skipColumns bool, ...) error
- func (it *DataObjectIterator) UpdateBindings(ctx context.Context, dataObject *iam.DataObjectReference, ...) error
- type FilterExpressionVisitor
- func (f *FilterExpressionVisitor) EnterExpressionElement(_ context.Context, element base.VisitableElement) error
- func (f *FilterExpressionVisitor) GetExpression() string
- func (f *FilterExpressionVisitor) LeaveExpressionElement(_ context.Context, element base.VisitableElement)
- func (f *FilterExpressionVisitor) Literal(_ context.Context, l interface{}) error
- type GroupEntity
- type ProjectClient
- type Repository
- func (c *Repository) CreateOrUpdateFilter(ctx context.Context, filter *BQFilter) error
- func (c *Repository) DeleteFilter(ctx context.Context, table *BQReferencedTable, filterName string) error
- func (c *Repository) GetBindings(ctx context.Context, entity *org.GcpOrgEntity) ([]iam2.IamBinding, error)
- func (c *Repository) GetDataUsage(ctx context.Context, windowStart *time.Time, usageFirstUsed *time.Time, ...) error
- func (c *Repository) ListColumns(ctx context.Context, tab *bigquery.Table, parent *org.GcpOrgEntity, ...) error
- func (c *Repository) ListDataSets(ctx context.Context, parent *org.GcpOrgEntity, ...) error
- func (c *Repository) ListFilters(ctx context.Context, table *org.GcpOrgEntity, ...) error
- func (c *Repository) ListTables(ctx context.Context, ds *bigquery.Dataset, parent *org.GcpOrgEntity, ...) error
- func (c *Repository) ListViews(ctx context.Context, ds *bigquery.Dataset, parent *org.GcpOrgEntity, ...) error
- func (c *Repository) Project() *org.GcpOrgEntity
- func (c *Repository) UpdateBindings(ctx context.Context, dataObject *iam2.DataObjectReference, ...) error
- type RepositoryOptions
- type TestRepositoryAndClient
- type UserEntity
Constants ¶
This section is empty.
Variables ¶
View Source
var QueryStatementTypeMap = map[string]data_usage.ActionType{ "SELECT": data_usage.Read, "INSERT": data_usage.Write, "UPDATE": data_usage.Write, "DELETE": data_usage.Write, "MERGE": data_usage.Write, "TRUNCATE_TABLE": data_usage.Write, "LOAD_DATA": data_usage.Write, "CREATE_TABLE": data_usage.Admin, "CREATE_TABLE_AS_SELECT": data_usage.Admin, "CREATE_VIEW": data_usage.Admin, "CREATE_MODEL": data_usage.Admin, "CREATE_MATERIALIZED_VIEW": data_usage.Admin, "CREATE_APPROX_VIEW": data_usage.Admin, "CREATE_FUNCTION": data_usage.Admin, "CREATE_TABLE_FUNCTION": data_usage.Admin, "CREATE_PROCEDURE": data_usage.Admin, "CREATE_ROW_ACCESS_POLICY": data_usage.Admin, "CREATE_SCHEMA": data_usage.Admin, "CREATE_SNAPSHOT_TABLE": data_usage.Admin, "DROP_TABLE": data_usage.Admin, "DROP_EXTERNAL_TABLE": data_usage.Admin, "DROP_VIEW": data_usage.Admin, "DROP_MODEL": data_usage.Admin, "DROP_MATERIALIZED_VIEW": data_usage.Admin, "DROP_APPROX_VIEW": data_usage.Admin, "DROP_FUNCTION": data_usage.Admin, "DROP_PROCEDURE": data_usage.Admin, "DROP_SCHEMA": data_usage.Admin, "DROP_ROW_ACCESS_POLICY": data_usage.Admin, "DROP_SNAPSHOT_TABLE": data_usage.Admin, "ALTER_TABLE": data_usage.Admin, "ALTER_VIEW": data_usage.Admin, "ALTER_MATERIALIZED_VIEW": data_usage.Admin, "ALTER_APPROX_VIEW": data_usage.Admin, "ALTER_SCHEMA": data_usage.Admin, "CREATE_EXTERNAL_TABLE": data_usage.Admin, "EXPORT_DATA": data_usage.Read, "CALL": data_usage.Read, }
Table based on https://cloud.google.com/bigquery/docs/reference/auditlogs/rest/Shared.Types/BigQueryAuditMetadata.QueryStatementType
Functions ¶
func NewBiqQueryClient ¶
func NewDataPolicyClient ¶
func NewDataPolicyClient(ctx context.Context, configMap *config.ConfigMap) (*datapolicies.DataPolicyClient, func(), error)
func NewDataSourceMetaData ¶
func NewPolicyTagClient ¶
func NewPolicyTagClient(ctx context.Context, configMap *config.ConfigMap) (*datacatalog.PolicyTagManagerClient, func(), error)
func NewRowAccessClient ¶ added in v0.11.0
func NewRowAccessClient(service *bigquery2.Service) *bigquery2.RowAccessPoliciesService
Types ¶
type BQDataPolicy ¶
type BQDataPolicy struct { FullName string PolicyType datapoliciespb.DataMaskingPolicy_PredefinedExpression }
type BQFilter ¶ added in v0.11.0
type BQFilter struct { FilterName string Table BQReferencedTable Users []string Groups []string FilterExpression string }
type BQInformationSchemaEntity ¶
type BQInformationSchemaEntity struct { CachedQuery bool `bigquery:"cache_hit"` User string `bigquery:"user_email"` Query string `bigquery:"query"` StatementType string `bigquery:"statement_type"` Tables []BQInformationSchemaReferencedTable `bigquery:"referenced_tables"` StartTime int64 `bigquery:"start_time"` EndTime int64 `bigquery:"end_time"` }
type BQInformationSchemaReferencedTable ¶ added in v0.13.6
type BQInformationSchemaReferencedTable struct { Project bigquery.NullString `bigquery:"project_id"` Dataset bigquery.NullString `bigquery:"dataset_id"` Table bigquery.NullString `bigquery:"table_id"` }
type BQMaskingInformation ¶
type BQMaskingInformation struct { DataPolicy BQDataPolicy PolicyTag BQPolicyTag }
type BQPolicyTag ¶
func (*BQPolicyTag) Taxonomy ¶
func (t *BQPolicyTag) Taxonomy() string
type BQReferencedTable ¶
type BigQueryRowAccessPoliciesService ¶ added in v0.11.0
type BigQueryRowAccessPoliciesService interface { List(projectId string, datasetId string, tableId string) *bigquery2.RowAccessPoliciesListCall GetIamPolicy(resource string, getiampolicyrequest *bigquery2.GetIamPolicyRequest) *bigquery2.RowAccessPoliciesGetIamPolicyCall }
type BqFilteringService ¶ added in v0.11.0
type BqFilteringService struct {
// contains filtered or unexported fields
}
func NewBqFilteringService ¶ added in v0.11.0
func NewBqFilteringService(filteringRepository filteringRepository, dataObjectIterator filteringDataObjectIterator) *BqFilteringService
func (*BqFilteringService) ExportFilter ¶ added in v0.11.0
func (s *BqFilteringService) ExportFilter(ctx context.Context, accessProvider *sync_to_target.AccessProvider, accessProviderFeedbackHandler wrappers.AccessProviderFeedbackHandler) (*string, error)
func (*BqFilteringService) ImportFilters ¶ added in v0.11.0
func (s *BqFilteringService) ImportFilters(ctx context.Context, config *ds.DataSourceSyncConfig, accessProviderHandler wrappers.AccessProviderHandler, raitoFilters set.Set[string]) error
type BqMaskingService ¶
type BqMaskingService struct {
// contains filtered or unexported fields
}
func NewBqMaskingService ¶
func NewBqMaskingService(dataCatalogRepository maskingDataCatalogRepository, configMap *config.ConfigMap) *BqMaskingService
func (*BqMaskingService) ExportMasks ¶
func (m *BqMaskingService) ExportMasks(ctx context.Context, accessProvider *importer.AccessProvider, accessProviderFeedbackHandler wrappers.AccessProviderFeedbackHandler) ([]string, error)
func (*BqMaskingService) ImportMasks ¶
func (*BqMaskingService) MaskedBinding ¶
func (m *BqMaskingService) MaskedBinding(_ context.Context, members []string) ([]iam.IamBinding, error)
type DataCatalogRepository ¶
type DataCatalogRepository struct {
// contains filtered or unexported fields
}
func NewDataCatalogRepository ¶
func NewDataCatalogRepository(repository dataCatalogBqRepository, tagClient *datacatalog.PolicyTagManagerClient, dataPolicyClient *datapolicies.DataPolicyClient, bqClient *bigquery.Client, configMap *config.ConfigMap) *DataCatalogRepository
func (*DataCatalogRepository) CreatePolicyTagWithDataPolicy ¶
func (r *DataCatalogRepository) CreatePolicyTagWithDataPolicy(ctx context.Context, location string, maskingType datapoliciespb.DataMaskingPolicy_PredefinedExpression, ap *sync_to_target.AccessProvider) (_ *BQMaskingInformation, err error)
func (*DataCatalogRepository) DeletePolicyAndTag ¶
func (r *DataCatalogRepository) DeletePolicyAndTag(ctx context.Context, policyTagId string) error
func (*DataCatalogRepository) GetFineGrainedReaderMembers ¶
func (*DataCatalogRepository) GetLocationsForDataObjects ¶
func (r *DataCatalogRepository) GetLocationsForDataObjects(ctx context.Context, ap *sync_to_target.AccessProvider) (map[string]string, map[string]string, error)
func (*DataCatalogRepository) GetMaskingInformationForDataPolicy ¶
func (r *DataCatalogRepository) GetMaskingInformationForDataPolicy(ctx context.Context, dataPolicyId string) (*BQMaskingInformation, error)
func (*DataCatalogRepository) ListDataPolicies ¶
func (r *DataCatalogRepository) ListDataPolicies(ctx context.Context) (map[string]BQMaskingInformation, error)
func (*DataCatalogRepository) UpdateAccess ¶
func (r *DataCatalogRepository) UpdateAccess(ctx context.Context, maskingInformation *BQMaskingInformation, who *sync_to_target.WhoItem, deletedWho *sync_to_target.WhoItem) error
func (*DataCatalogRepository) UpdatePolicyTag ¶
func (r *DataCatalogRepository) UpdatePolicyTag(ctx context.Context, location string, maskingType datapoliciespb.DataMaskingPolicy_PredefinedExpression, ap *sync_to_target.AccessProvider, dataPolicyId string) (*BQMaskingInformation, error)
func (*DataCatalogRepository) UpdateWhatOfDataPolicy ¶
func (r *DataCatalogRepository) UpdateWhatOfDataPolicy(ctx context.Context, policy *BQMaskingInformation, dataObjects []string, deletedDataObjects []string) error
type DataObjectIterator ¶
type DataObjectIterator struct {
// contains filtered or unexported fields
}
func NewDataObjectIterator ¶
func NewDataObjectIterator(repo *Repository, configMap *config.ConfigMap) *DataObjectIterator
func (*DataObjectIterator) Bindings ¶
func (it *DataObjectIterator) Bindings(ctx context.Context, config *ds.DataSourceSyncConfig, fn func(ctx context.Context, dataObject *org.GcpOrgEntity, bindings []iam.IamBinding) error) error
func (*DataObjectIterator) DataObjects ¶
func (it *DataObjectIterator) DataObjects(ctx context.Context, config *ds.DataSourceSyncConfig, fn func(ctx context.Context, object *org.GcpOrgEntity) error) error
func (*DataObjectIterator) DataSourceType ¶
func (it *DataObjectIterator) DataSourceType() string
func (*DataObjectIterator) Sync ¶ added in v0.11.0
func (it *DataObjectIterator) Sync(ctx context.Context, config *ds.DataSourceSyncConfig, skipColumns bool, fn func(ctx context.Context, object *org.GcpOrgEntity) error) error
func (*DataObjectIterator) UpdateBindings ¶
func (it *DataObjectIterator) UpdateBindings(ctx context.Context, dataObject *iam.DataObjectReference, addBindings []iam.IamBinding, removeBindings []iam.IamBinding) error
type FilterExpressionVisitor ¶ added in v0.11.0
type FilterExpressionVisitor struct {
// contains filtered or unexported fields
}
func NewFilterExpressionVisitor ¶ added in v0.11.0
func NewFilterExpressionVisitor() *FilterExpressionVisitor
func (*FilterExpressionVisitor) EnterExpressionElement ¶ added in v0.11.0
func (f *FilterExpressionVisitor) EnterExpressionElement(_ context.Context, element base.VisitableElement) error
func (*FilterExpressionVisitor) GetExpression ¶ added in v0.11.0
func (f *FilterExpressionVisitor) GetExpression() string
func (*FilterExpressionVisitor) LeaveExpressionElement ¶ added in v0.11.0
func (f *FilterExpressionVisitor) LeaveExpressionElement(_ context.Context, element base.VisitableElement)
type GroupEntity ¶
type ProjectClient ¶
type ProjectClient interface { GetIamPolicy(ctx context.Context, projectId string) ([]iam2.IamBinding, error) UpdateBinding(ctx context.Context, dataObject *iam2.DataObjectReference, bindingsToAdd []iam2.IamBinding, bindingsToDelete []iam2.IamBinding) error }
type Repository ¶
type Repository struct {
// contains filtered or unexported fields
}
func NewRepository ¶
func NewRepository(projectClient ProjectClient, client *bigquery.Client, rowAccessClient BigQueryRowAccessPoliciesService, configMap *config.ConfigMap, options *RepositoryOptions) *Repository
func (*Repository) CreateOrUpdateFilter ¶ added in v0.11.0
func (c *Repository) CreateOrUpdateFilter(ctx context.Context, filter *BQFilter) error
func (*Repository) DeleteFilter ¶ added in v0.11.0
func (c *Repository) DeleteFilter(ctx context.Context, table *BQReferencedTable, filterName string) error
func (*Repository) GetBindings ¶
func (c *Repository) GetBindings(ctx context.Context, entity *org.GcpOrgEntity) ([]iam2.IamBinding, error)
func (*Repository) GetDataUsage ¶
func (*Repository) ListColumns ¶
func (c *Repository) ListColumns(ctx context.Context, tab *bigquery.Table, parent *org.GcpOrgEntity, fn func(ctx context.Context, entity *org.GcpOrgEntity) error) error
func (*Repository) ListDataSets ¶
func (c *Repository) ListDataSets(ctx context.Context, parent *org.GcpOrgEntity, fn func(ctx context.Context, entity *org.GcpOrgEntity, dataset *bigquery.Dataset) error) error
func (*Repository) ListFilters ¶ added in v0.11.0
func (c *Repository) ListFilters(ctx context.Context, table *org.GcpOrgEntity, fn func(ctx context.Context, rap *bigquery2.RowAccessPolicy, users []string, groups []string, internalizable bool) error) error
func (*Repository) ListTables ¶
func (c *Repository) ListTables(ctx context.Context, ds *bigquery.Dataset, parent *org.GcpOrgEntity, fn func(ctx context.Context, entity *org.GcpOrgEntity, tab *bigquery.Table) error) error
func (*Repository) ListViews ¶
func (c *Repository) ListViews(ctx context.Context, ds *bigquery.Dataset, parent *org.GcpOrgEntity, fn func(ctx context.Context, entity *org.GcpOrgEntity) error) error
func (*Repository) Project ¶
func (c *Repository) Project() *org.GcpOrgEntity
func (*Repository) UpdateBindings ¶
func (c *Repository) UpdateBindings(ctx context.Context, dataObject *iam2.DataObjectReference, addBindings []iam2.IamBinding, removeBindings []iam2.IamBinding) error
type RepositoryOptions ¶ added in v0.9.8
type RepositoryOptions struct {
EnableCache bool
}
type TestRepositoryAndClient ¶ added in v0.9.8
type TestRepositoryAndClient struct { Repository *Repository Client *bigquery2.Client }
type UserEntity ¶
Click to show internal directories.
Click to hide internal directories.