awsiam

package
v0.0.0-...-82ab749 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Aug 16, 2024 License: BSD-3-Clause Imports: 26 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	AccessKeyExpiry = 7 * 24 * time.Hour

	CreateAccessKeyTriesBeforeDeleteAll = 3 // must be lower than...
	CreateAccessKeyTriesTotal           = 6 // ...this
)
View Source 
const (
	DeleteConflict      = "DeleteConflict"
	EntityAlreadyExists = awsiamusers.EntityAlreadyExists
	InvalidInput        = "InvalidInput"
	LimitExceeded       = "LimitExceeded"
	NoSuchEntity        = awsiamusers.NoSuchEntity
)
View Source 
const (
	GitHubActionsOAuthOIDCThumbprint = "ffffffffffffffffffffffffffffffffffffffff" // <https://github.com/aws-actions/configure-aws-credentials/issues/357>
	GitHubActionsOAuthOIDCURL        = "https://token.actions.githubusercontent.com"
)
View Source 
const (
	DuplicatePolicyException = "DuplicatePolicyException"
	SubstrateManaged         = awsiamusers.SubstrateManaged
)

Variables

This section is empty.

Functions

func AllDayConfig 

func AllDayConfig(ctx context.Context, cfg *awscfg.Config) (cfg12h *awscfg.Config, err error)

func AllDayCredentials 

func AllDayCredentials(
	ctx context.Context,
	cfg *awscfg.Config,
	accountId, roleName string,
) (creds aws.Credentials, err error)

func AttachRolePolicy 

func AttachRolePolicy(
	ctx context.Context,
	cfg *awscfg.Config,
	roleName, policyARN string,
) error

func AttachUserPolicy 

func AttachUserPolicy(
	ctx context.Context,
	cfg *awscfg.Config,
	username, policyARN string,
) error

func DeleteAccessKey 

func DeleteAccessKey(
	ctx context.Context,
	cfg *awscfg.Config,
	username, accessKeyId string,
) error

func DeleteAllAccessKeys 

func DeleteAllAccessKeys(
	ctx context.Context,
	cfg *awscfg.Config,
	username string,
	age time.Duration,
) error

func DeleteInstanceProfile 

func DeleteInstanceProfile(ctx context.Context, cfg *awscfg.Config, roleName string) (err error)

func DeleteRole 

func DeleteRole(ctx context.Context, cfg *awscfg.Config, roleName string) error

func DeleteRolePolicy 

func DeleteRolePolicy(ctx context.Context, cfg *awscfg.Config, roleName string) error

func DeleteRoleWithConfirmation 

func DeleteRoleWithConfirmation(
	ctx context.Context,
	cfg *awscfg.Config,
	roleName string,
	force bool,
) error

DeleteRoleWithConfirmation is a higher-level way to delete a role that checks to see if the role even exists, confirms the deletion, and then deletes not only the role but also the instance profile and inline policies that must be detached and/or deleted first.

func DeleteUser 

func DeleteUser(
	ctx context.Context,
	cfg *awscfg.Config,
	username string,
) error

func DetachRolePolicy 

func DetachRolePolicy(
	ctx context.Context,
	cfg *awscfg.Config,
	roleName, policyARN string,
) error

func EnsureOpenIDConnectProvider 

func EnsureOpenIDConnectProvider(
	ctx context.Context,
	cfg *awscfg.Config,
	clients, thumbprints []string,
	urlString string,
) (string, error)

func ListAttachedRolePolicies 

func ListAttachedRolePolicies(
	ctx context.Context,
	cfg *awscfg.Config,
	roleName string,
) ([]string, error)

func ListRolePolicies 

func ListRolePolicies(
	ctx context.Context,
	cfg *awscfg.Config,
	roleName string,
) ([]string, error)

func ListRoleTags 

func ListRoleTags(
	ctx context.Context,
	cfg *awscfg.Config,
	roleName string,
) (tagging.Map, error)

func ListUserTags 

func ListUserTags(
	ctx context.Context,
	cfg *awscfg.Config,
	userName string,
) (tagging.Map, error)

func PutRolePolicy 

func PutRolePolicy(
	ctx context.Context,
	cfg *awscfg.Config,
	roleName, policyName string,
	doc *policies.Document,
) error

func TagRole 

func TagRole(
	ctx context.Context,
	cfg *awscfg.Config,
	roleName string,
	tags tagging.Map,
) error

func TagUser 

func TagUser(
	ctx context.Context,
	cfg *awscfg.Config,
	userName string,
	tags tagging.Map,
) error

func UntagUser 

func UntagUser(
	ctx context.Context,
	cfg *awscfg.Config,
	userName string,
	keys []string,
) error

Types

type AccessKey 

type AccessKey = types.AccessKey

func CreateAccessKey 

func CreateAccessKey(
	ctx context.Context,
	cfg *awscfg.Config,
	username string,
) (*AccessKey, error)

type AccessKeyMetadata 

type AccessKeyMetadata = types.AccessKeyMetadata

func ListAccessKeys 

func ListAccessKeys(
	ctx context.Context,
	cfg *awscfg.Config,
	username string,
) ([]AccessKeyMetadata, error)

type InstanceProfile 

type InstanceProfile = types.InstanceProfile

func CreateInstanceProfile 

func CreateInstanceProfile(ctx context.Context, cfg *awscfg.Config, roleName string) (*InstanceProfile, error)

func EnsureInstanceProfile 

func EnsureInstanceProfile(ctx context.Context, cfg *awscfg.Config, roleName string) (instProf *InstanceProfile, err error)

type Policy 

type Policy = types.Policy

func CreatePolicy 

func CreatePolicy(
	ctx context.Context,
	cfg *awscfg.Config,
	name string,
	doc *policies.Document,
) (*Policy, error)

func CreatePolicyVersion 

func CreatePolicyVersion(
	ctx context.Context,
	cfg *awscfg.Config,
	arn string,
	doc *policies.Document,
) (*Policy, error)

func EnsurePolicy 

func EnsurePolicy(
	ctx context.Context,
	cfg *awscfg.Config,
	name string,
	doc *policies.Document,
) (*Policy, error)

func ListPolicies 

func ListPolicies(ctx context.Context, cfg *awscfg.Config) ([]Policy, error)

type PolicyVersion 

type PolicyVersion = types.PolicyVersion

type Role 

type Role struct {
	ARN              string
	AssumeRolePolicy *policies.Document
	Name             string
	Tags             tagging.Map
}

func CreateRole 

func CreateRole(
	ctx context.Context,
	cfg *awscfg.Config,
	roleName string,
	assumeRolePolicyDoc *policies.Document,

) (*Role, error)

func CreateServiceLinkedRole 

func CreateServiceLinkedRole(
	ctx context.Context,
	cfg *awscfg.Config,
	serviceName string,
) (*Role, error)

func EnsureRole 

func EnsureRole(
	ctx context.Context,
	cfg *awscfg.Config,
	roleName string,
	assumeRolePolicyDoc *policies.Document,

) (*Role, error)

func EnsureRoleWithPolicy 

func EnsureRoleWithPolicy(
	ctx context.Context,
	cfg *awscfg.Config,
	roleName string,
	assumeRolePolicyDoc *policies.Document,

	doc *policies.Document,
) (*Role, error)

func EnsureServiceLinkedRole 

func EnsureServiceLinkedRole(
	ctx context.Context,
	cfg *awscfg.Config,
	roleName, serviceName string,
) (*Role, error)

func GetRole 

func GetRole(ctx context.Context, cfg *awscfg.Config, roleName string) (*Role, error)

func ListRoles 

func ListRoles(ctx context.Context, cfg *awscfg.Config) ([]*Role, error)

type SAMLProvider 

type SAMLProvider struct {
	Arn string
}

func EnsureSAMLProvider 

func EnsureSAMLProvider(
	ctx context.Context,
	cfg *awscfg.Config,
	name oauthoidc.Provider,
	metadata string,
) (*SAMLProvider, error)

type User 

type User = types.User

func CreateUser 

func CreateUser(
	ctx context.Context,
	cfg *awscfg.Config,
	username string,
) (*User, error)

func EnsureUser 

func EnsureUser(
	ctx context.Context,
	cfg *awscfg.Config,
	username string,
) (*User, error)

func EnsureUserWithPolicy 

func EnsureUserWithPolicy(
	ctx context.Context,
	cfg *awscfg.Config,
	username string,
	doc *policies.Document,
) (*User, error)

func GetUser 

func GetUser(
	ctx context.Context,
	cfg *awscfg.Config,
	username string,
) (*User, error)

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.