Documentation
¶
Overview ¶
Package azure implements utilities that relate to more than one thing we want to do with Azure for the plugin's validation logic.
Index ¶
Constants ¶
const TestClientTimeout = 10 * time.Second
Variables ¶
This section is empty.
Functions ¶
func RoleNameFromRoleDefinitionID ¶
RoleNameFromRoleDefinitionID extracts the name of a role (aka the non-fully-qualified ID of the role) from an Azure role definition ID (aka the fully-qualified ID of the role definition).
Types ¶
type AzureAPI ¶ added in v0.0.3
type AzureAPI struct { DenyAssignments *armauthorization.DenyAssignmentsClient RoleAssignments *armauthorization.RoleAssignmentsClient RoleDefinitions *armauthorization.RoleDefinitionsClient }
func NewAzureAPI ¶ added in v0.0.3
NewAzureAPI creates an AzureAPI object that aggregates Azure service clients.
type AzureDenyAssignmentsClient ¶ added in v0.0.3
type AzureDenyAssignmentsClient struct {
// contains filtered or unexported fields
}
AzureDenyAssignmentsClient is a facade over the Azure deny assignments client. Exists to make our code easier to test (it handles paging).
func NewAzureDenyAssignmentsClient ¶ added in v0.0.3
func NewAzureDenyAssignmentsClient(ctx context.Context, azClient *armauthorization.DenyAssignmentsClient) *AzureDenyAssignmentsClient
NewAzureDenyAssignmentsClient creates a new AzureDenyAssignmentsClient (our facade client) from a client from the Azure SDK.
func (*AzureDenyAssignmentsClient) GetDenyAssignmentsForScope ¶ added in v0.0.3
func (c *AzureDenyAssignmentsClient) GetDenyAssignmentsForScope(scope string, filter *string) ([]*armauthorization.DenyAssignment, error)
GetDenyAssignmentsForScope gets all the deny assignments matching a scope and an optional filter.
type AzureRoleAssignmentsClient ¶
type AzureRoleAssignmentsClient struct {
// contains filtered or unexported fields
}
AzureRoleAssignmentsClient is a facade over the Azure role assignments client. Exists to make our code easier to test (it handles paging).
func NewAzureRoleAssignmentsClient ¶
func NewAzureRoleAssignmentsClient(ctx context.Context, azClient *armauthorization.RoleAssignmentsClient) *AzureRoleAssignmentsClient
NewAzureRoleAssignmentsClient creates a new AzureRoleAssignmentsClient (our facade client) from a client from the Azure SDK.
func (*AzureRoleAssignmentsClient) GetRoleAssignmentsForScope ¶ added in v0.0.3
func (c *AzureRoleAssignmentsClient) GetRoleAssignmentsForScope(scope string, filter *string) ([]*armauthorization.RoleAssignment, error)
GetRoleAssignmentsForScope gets all the role assignments matching a scope and an optional filter.
type AzureRoleDefinitionsClient ¶ added in v0.0.3
type AzureRoleDefinitionsClient struct {
// contains filtered or unexported fields
}
AzureRoleDefinitionsClient is a facade over the Azure role definitions client. Code that uses this instead of the actual Azure client is easier to test because it won't need to deal with finding the permissions part of the API response.
func NewAzureRoleDefinitionsClient ¶ added in v0.0.3
func NewAzureRoleDefinitionsClient(ctx context.Context, azClient *armauthorization.RoleDefinitionsClient) *AzureRoleDefinitionsClient
NewAzureRoleDefinitionsClient creates a new AzureRoleDefinitionsClient (our facade client) from a client from the Azure SDK.
func (*AzureRoleDefinitionsClient) GetByID ¶ added in v0.0.3
func (c *AzureRoleDefinitionsClient) GetByID(roleID string) (*armauthorization.RoleDefinition, error)
GetByID gets the role definition associated with a role assignment because it uses the fully-qualified role ID contained within the role assignment data to retrieve it from Azure.