Documentation
¶
Index ¶
Constants ¶
View Source
const DefaultManagedPoliciesPerRole = 10
View Source
const DefaultManagedPolicySize = 6144
View Source
const IAMPolicyVersion = "2012-10-17"
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type AccountLimits ¶
type AmperConfig ¶ added in v1.0.8
type Attachment ¶
type Attachment struct {
// contains filtered or unexported fields
}
func (Attachment) String ¶
func (a Attachment) String() string
type ByPolicySize ¶
type ByPolicySize []*IAMPolicyStatement
func (ByPolicySize) Len ¶
func (a ByPolicySize) Len() int
func (ByPolicySize) Less ¶
func (a ByPolicySize) Less(i, j int) bool
func (ByPolicySize) Swap ¶
func (a ByPolicySize) Swap(i, j int)
type Container ¶
func (*Container) AddAttachment ¶
func (*Container) AddPolicyTemplate ¶
func (c *Container) AddPolicyTemplate(pt *PolicyTemplate) error
type IAMPolicyDoc ¶
type IAMPolicyDoc IAMPolicyDocRaw
func (IAMPolicyDoc) MarshalJSON ¶
func (d IAMPolicyDoc) MarshalJSON() ([]byte, error)
func (*IAMPolicyDoc) Size ¶
func (s *IAMPolicyDoc) Size() int
type IAMPolicyDocRaw ¶
type IAMPolicyDocRaw struct {
Version string `json:",omitempty"`
Id string `json:",omitempty"`
Statements []*IAMPolicyStatement `json:"Statement"`
}
type IAMPolicyStatement ¶
type IAMPolicyStatement struct {
Sid string
Effect string `json:",omitempty"`
Actions StringList `json:"Action,omitempty"`
NotActions StringList `json:"NotAction,omitempty"`
Resources StringList `json:"Resource,omitempty"`
NotResources StringList `json:"NotResource,omitempty"`
Principals map[string]StringList `json:"Principal,omitempty"`
NotPrincipals map[string]StringList `json:"NotPrincipal,omitempty"`
Conditions map[string]map[string]StringList `json:"Condition,omitempty"`
// contains filtered or unexported fields
}
func (*IAMPolicyStatement) Size ¶
func (s *IAMPolicyStatement) Size() int
type Kernel ¶
type Kernel struct {
sync.RWMutex
StateBucket string
S3 *s3.S3
KeyFormat string
// contains filtered or unexported fields
}
func NewKernel ¶
func NewKernel(config *AmperConfig) *Kernel
func (*Kernel) AddAccount ¶
func (*Kernel) AddPolicyTemplate ¶
func (a *Kernel) AddPolicyTemplate(containerID string, pt *PolicyTemplate) error
type Policy ¶
type Policy struct {
AccountPolicies map[string][]*IAMPolicyDoc
AccountRolePolicies map[string][]*IAMPolicyDoc
ServiceRolePolicies map[string]map[string]*ServiceRolePolicy
// contains filtered or unexported fields
}
type PolicyTemplate ¶
type PolicyTemplate struct {
sync.Mutex
// Key is the uniqie identifier of policy template
Key string
// Template is pointer to template's content.
// If it's nil, template will be fetched from StateBucket
Template *string
// Vars contains list of required variables for rendering this template
Vars []string
// Consts contains list of constants.
Consts map[string]interface{}
// Scope defines AWS IAM services, covered by this template.
// Formate is same, as for Action field in IAM Policy Statement.
Scope []string
ServiceRole *ServiceRoleTemplate
// contains filtered or unexported fields
}
type ServiceRolePolicy ¶ added in v1.0.1
type ServiceRolePolicy struct {
Policy *IAMPolicyDoc
AssumeRolePolicy *IAMPolicyDoc
}
type ServiceRoleTemplate ¶ added in v1.0.1
type StringList ¶
type StringList []string
func (StringList) MarshalJSON ¶
func (l StringList) MarshalJSON() ([]byte, error)
func (*StringList) UnmarshalJSON ¶
func (p *StringList) UnmarshalJSON(data []byte) (err error)
Source Files
Click to show internal directories.
Click to hide internal directories.