aws

package

v1.0.0 Latest Latest Go to latest Published: Jun 25, 2019 License: Apache-2.0 Imports: 22 Imported by: 19

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/trackit/trackit-server

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
func AccountId() string
func GetTemporaryCredentials(aa AwsAccount, sessionName string) (*credentials.Credentials, error)
func NextExternal(r *http.Request, a routes.Arguments) (int, interface{})
func PutSubAccounts(ctx context.Context, account AwsAccount, tx *sql.Tx) error
func ValidateAwsAccounts(awsAccounts []string) error
type AwsAccount
type RequireAwsAccountId
- func (d RequireAwsAccountId) Decorate(h routes.Handler) routes.Handler

Constants ¶

View Source

const (
	AwsAccountSelection = routeArgKey(iota)
)

Variables ¶

This section is empty.

Functions ¶

func AccountId ¶

func AccountId() string

AccountId returns the server's AWS account ID.

func GetTemporaryCredentials ¶

func GetTemporaryCredentials(aa AwsAccount, sessionName string) (*credentials.Credentials, error)

GetTemporaryCredentials gets temporary credentials in a client's AWS account using the STS AssumeRole feature. The returned credentials will last no more than an hour. The returned credentials are valid iff the error is nil.

func NextExternal ¶

func NextExternal(r *http.Request, a routes.Arguments) (int, interface{})

NextExternal is a route handler returning all necessary info to setup an IAM role we can assume. It returns both our AWS account ID, and the external ID we will provide when assuming the role.

func PutSubAccounts ¶

func PutSubAccounts(ctx context.Context, account AwsAccount, tx *sql.Tx) error

PutSubAccounts gets AWS sub accounts of an aws accounts and puts it in DB if they don't already exists

func ValidateAwsAccounts ¶

func ValidateAwsAccounts(awsAccounts []string) error

ValidateAwsAccounts will validate a slice of int passed to it. It checks that they are 12 digit numbers

Types ¶

type AwsAccount ¶

type AwsAccount struct {
	Id             int           `json:"id"`
	UserId         int           `json:"-"`
	Pretty         string        `json:"pretty"`
	RoleArn        string        `json:"roleArn"`
	External       string        `json:"-"`
	Payer          bool          `json:"payer"`
	AccountOwner   bool          `json:"accountOwner"`
	UserPermission int           `json:"permissionLevel"`
	AwsIdentity    string        `json:"awsIdentity"`
	ParentId       sql.NullInt64 `json:"-"`
}

AwsAccount represents a client's AWS account.

func AwsAccountFromDbAwsAccount ¶

func AwsAccountFromDbAwsAccount(dbAwsAccount models.AwsAccount) AwsAccount

AwsAccountFromDbAwsAccount constructs an aws.AwsAccount from a models.AwsAccount. The distinction exists to decouple database access from the logic of the server.

func GetAwsAccountWithId ¶

func GetAwsAccountWithId(aaid int, tx *sql.Tx) (AwsAccount, error)

GetAwsAccountWithId returns an AWS account.

func GetAwsAccountWithIdFromUser ¶

func GetAwsAccountWithIdFromUser(u users.User, aaid int, tx *sql.Tx) (AwsAccount, error)

GetAwsAccountWithIdFromUser returns a user's AWS accounts if it belongs to the user.

func GetAwsAccountsFromUser ¶

func GetAwsAccountsFromUser(u users.User, tx *sql.Tx) ([]AwsAccount, error)

GetAwsAccountFromUser returns a slice of all AWS accounts configured by a given user.

func (*AwsAccount) CreateAwsAccount ¶

func (a *AwsAccount) CreateAwsAccount(ctx context.Context, db models.XODB) error

CreateAwsAccount registers a new AWS account for a user. It does no error checking: the caller should check themselves that the role ARN exists and is correctly configured.

func (*AwsAccount) GetAwsAccountIdentity ¶

func (a *AwsAccount) GetAwsAccountIdentity() (identity string, err error)

GetAwsAccountIdentity returns the AWS identity of an AWS Account.

func (*AwsAccount) UpdateIdentityAwsAccount ¶

func (a *AwsAccount) UpdateIdentityAwsAccount(ctx context.Context, tx *sql.Tx) error

UpdateIdentityAwsAccount updates an AWS account for a user. It does no error checking: the caller should check themselves that the AWS account exists. Only the identity will be updated.

func (*AwsAccount) UpdatePrettyAwsAccount ¶

func (a *AwsAccount) UpdatePrettyAwsAccount(ctx context.Context, tx *sql.Tx) error

UpdatePrettyAwsAccount updates an AWS account for a user. It does no error checking: the caller should check themselves that the AWS account exists. Only the Pretty will be updated.

func (*AwsAccount) UpdateRoleAndExternalAwsAccount ¶

func (a *AwsAccount) UpdateRoleAndExternalAwsAccount(ctx context.Context, tx *sql.Tx) error

UpdateRoleAndExternalAwsAccount updates an AWS account for a user. It does no error checking: the caller should check themselves that the AWS account exists. Only the RoleArn and External will be updated.

type RequireAwsAccountId ¶

type RequireAwsAccountId struct{}

RequireAwsAccount decorates handler to require that an AwsAccount be selected using RequiredQueryArgs{AwsAccountIdQueryArg}. The decorator will panic if no AwsAccountIdQueryArg query argument is found.

func (RequireAwsAccountId) Decorate ¶

func (d RequireAwsAccountId) Decorate(h routes.Handler) routes.Handler

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
pricings
routes
s3
usageReports
ec2
ec2Coverage
elasticache
es
history
lambda
rds
riEc2
riRdS

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL