connector

package

v0.0.0-...-1dd5257 Latest Latest Go to latest Published: Feb 15, 2023 License: Apache-2.0 Imports: 28 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

Documentation ¶

Overview ¶

Package connector Canonicalize code adopted from https://github.com/kubernetes-sigs/aws-iam-authenticator/blob/2a9ee95fecab59fab41a0b646a63227d66113434/pkg/arn/arn.go At 2022.06.08 to break dependency on aws-iam-authenticator. At the time of adoption the code hasn't changed in over 2 years.

Index ¶

func Canonicalize(arn string) (string, error)
func GetManifestFilenames() ([]string, error)
func ValidProviders() []ekstypes.ConnectorConfigProvider
func WriteResources(fs afero.Fs, manifestList *ManifestList) error
type EKSConnector
- func (c *EKSConnector) DeregisterCluster(ctx context.Context, clusterName string) error
- func (c *EKSConnector) RegisterCluster(ctx context.Context, cluster ExternalCluster) (*ManifestList, error)
type ExternalCluster
type ManifestFile
type ManifestList
type ManifestTemplate
- func GetManifestTemplate() (ManifestTemplate, error)

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func Canonicalize ¶

func Canonicalize(arn string) (string, error)

Canonicalize validates IAM resources are appropriate for the authenticator and converts STS assumed roles into the IAM role resource.

Supported IAM resources are:

AWS account: arn:aws:iam::123456789012:root
IAM user: arn:aws:iam::123456789012:user/Bob
IAM role: arn:aws:iam::123456789012:role/S3Access
IAM Assumed role: arn:aws:sts::123456789012:assumed-role/Accounting-Role/Mary (converted to IAM role)
Federated user: arn:aws:sts::123456789012:federated-user/Bob

func GetManifestFilenames ¶

func GetManifestFilenames() ([]string, error)

GetManifestFilenames gets the filenames for EKS Connector manifests

func ValidProviders ¶

func ValidProviders() []ekstypes.ConnectorConfigProvider

ValidProviders returns a list of supported providers.

func WriteResources ¶

func WriteResources(fs afero.Fs, manifestList *ManifestList) error

WriteResources writes the EKS Connector resources to the current directory.

Types ¶

type EKSConnector ¶

type EKSConnector struct {
	Provider         provider
	ManifestTemplate ManifestTemplate
}

func (*EKSConnector) DeregisterCluster ¶

func (c *EKSConnector) DeregisterCluster(ctx context.Context, clusterName string) error

DeregisterCluster deregisters the cluster and removes associated IAM resources.

func (*EKSConnector) RegisterCluster ¶

func (c *EKSConnector) RegisterCluster(ctx context.Context, cluster ExternalCluster) (*ManifestList, error)

RegisterCluster registers the specified external cluster with EKS and returns a list of Kubernetes resources for EKS Connector.

type ExternalCluster ¶

type ExternalCluster struct {
	Name             string
	Provider         string
	ConnectorRoleARN string
}

type ManifestFile ¶

type ManifestFile struct {
	Data     []byte
	Filename string
}

type ManifestList ¶

type ManifestList struct {
	ConnectorResources     ManifestFile
	ClusterRoleResources   ManifestFile
	ConsoleAccessResources ManifestFile
	Expiry                 time.Time
	IAMIdentityARN         string
}

type ManifestTemplate ¶

type ManifestTemplate struct {
	Connector     ManifestFile
	ClusterRole   ManifestFile
	ConsoleAccess ManifestFile
}

ManifestTemplate holds the manifest templates for EKS Connector.

func GetManifestTemplate ¶

func GetManifestTemplate() (ManifestTemplate, error)

GetManifestTemplate returns the resources for EKS Connector.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL