Documentation
¶
Overview ¶
Package azure implements utilities that relate to more than one thing we want to do with Azure for the plugin's validation logic.
Index ¶
Constants ¶
const TestClientTimeout = 10 * time.Second
TestClientTimeout is the timeout used for Azure clients during tests.
Variables ¶
This section is empty.
Functions ¶
func RoleNameFromRoleDefinitionID ¶
RoleNameFromRoleDefinitionID extracts the name of a role (aka the non-fully-qualified ID of the role) from an Azure role definition ID (aka the fully-qualified ID of the role definition).
Types ¶
type API ¶
type API struct {
DenyAssignmentsClient *armauthorization.DenyAssignmentsClient
RoleAssignmentsClient *armauthorization.RoleAssignmentsClient
RoleDefinitionsClient *armauthorization.RoleDefinitionsClient
// Subscription ID is needed per API call for this client, so the client can't be created until
// right before it's used while reconciling a rule.
CommunityGalleryImagesClientProducer func(string) (*armcompute.CommunityGalleryImagesClient, error)
QuotaLimitsClient *armquota.Client
UsagesClient *armquota.UsagesClient
}
API is an container that aggregates Azure service clients.
type CommunityGalleryImagesClient ¶
type CommunityGalleryImagesClient struct {
// contains filtered or unexported fields
}
CommunityGalleryImagesClient is a facade over the Azure community gallery images client. Exists to make our code easier to test (it handles paging).
func NewCommunityGalleryImagesClient ¶
func NewCommunityGalleryImagesClient(ctx context.Context, azClientProducer func(subscriptionID string) (*armcompute.CommunityGalleryImagesClient, error)) *CommunityGalleryImagesClient
NewCommunityGalleryImagesClient creates a new AzureRoleDefinitionsClient (our facade client) from a client from the Azure SDK.
func (*CommunityGalleryImagesClient) GetImagesForGallery ¶
func (c *CommunityGalleryImagesClient) GetImagesForGallery(location, name, subscriptionID string) ([]*armcompute.CommunityGalleryImage, error)
GetImagesForGallery gets all the images in a community gallery.
type DenyAssignmentsClient ¶
type DenyAssignmentsClient struct {
// contains filtered or unexported fields
}
DenyAssignmentsClient is a facade over the Azure deny assignments client. Exists to make our code easier to test (it handles paging).
func NewDenyAssignmentsClient ¶
func NewDenyAssignmentsClient(ctx context.Context, azClient *armauthorization.DenyAssignmentsClient) *DenyAssignmentsClient
NewDenyAssignmentsClient creates a new AzureDenyAssignmentsClient (our facade client) from a client from the Azure SDK.
func (*DenyAssignmentsClient) GetDenyAssignmentsForScope ¶
func (c *DenyAssignmentsClient) GetDenyAssignmentsForScope(scope string, filter *string) ([]*armauthorization.DenyAssignment, error)
GetDenyAssignmentsForScope gets all the deny assignments matching a scope and an optional filter.
type QuotasClient ¶ added in v0.0.21
type QuotasClient struct {
// contains filtered or unexported fields
}
QuotasClient is a facade over the Azure quotas client role definitions client. Exists to make our code easier to test (it handles paging).
func NewQuotasClient ¶ added in v0.0.21
func NewQuotasClient(ctx context.Context, azQuotasClient *armquota.Client, azUsagesCient *armquota.UsagesClient) *QuotasClient
NewQuotasClient creates a new QuotasClient (our facade client) from a client from the Azure SDK.
func (*QuotasClient) GetQuotasForScope ¶ added in v0.0.21
func (c *QuotasClient) GetQuotasForScope(scope string) ([]*armquota.CurrentQuotaLimitBase, error)
GetQuotasForScope gets the quota limits for a particular scope. Each quota limit describes a resource name and a currently set quota.
func (*QuotasClient) GetUsagesForScope ¶ added in v0.0.21
func (c *QuotasClient) GetUsagesForScope(scope string) ([]*armquota.CurrentUsagesBase, error)
GetUsagesForScope gets the quota usages for a particular scope. Each quota usage describes a resource name and the currently used amount. There is usually a 1-to-1 pairing of quota limit and quota usage that can be retrieved.
type RoleAssignmentsClient ¶
type RoleAssignmentsClient struct {
// contains filtered or unexported fields
}
RoleAssignmentsClient is a facade over the Azure role assignments client. Exists to make our code easier to test (it handles paging).
func NewRoleAssignmentsClient ¶
func NewRoleAssignmentsClient(ctx context.Context, azClient *armauthorization.RoleAssignmentsClient) *RoleAssignmentsClient
NewRoleAssignmentsClient creates a new AzureRoleAssignmentsClient (our facade client) from a client from the Azure SDK.
func (*RoleAssignmentsClient) GetRoleAssignmentsForScope ¶
func (c *RoleAssignmentsClient) GetRoleAssignmentsForScope(scope string, filter *string) ([]*armauthorization.RoleAssignment, error)
GetRoleAssignmentsForScope gets all the role assignments matching a scope and an optional filter.
type RoleDefinitionsClient ¶
type RoleDefinitionsClient struct {
// contains filtered or unexported fields
}
RoleDefinitionsClient is a facade over the Azure role definitions client. Code that uses this instead of the actual Azure client is easier to test because it won't need to deal with finding the permissions part of the API response.
func NewRoleDefinitionsClient ¶
func NewRoleDefinitionsClient(ctx context.Context, azClient *armauthorization.RoleDefinitionsClient) *RoleDefinitionsClient
NewRoleDefinitionsClient creates a new AzureRoleDefinitionsClient (our facade client) from a client from the Azure SDK.
func (*RoleDefinitionsClient) GetByID ¶
func (c *RoleDefinitionsClient) GetByID(roleID string) (*armauthorization.RoleDefinition, error)
GetByID gets the role definition associated with a role assignment because it uses the fully-qualified role ID contained within the role assignment data to retrieve it from Azure.
Source Files