dynamicfile

Documentation

Index

• Variables
• func ParseMap(m *DynamicFileMapStore) (userMappings []config.UserMapping, roleMappings []config.RoleMapping, ...)
• type DynamicFileData
• type DynamicFileMapStore
  • func NewDynamicFileMapStore(cfg config.Config) (*DynamicFileMapStore, error)
  • func (ms *DynamicFileMapStore) AWSAccount(id string) bool
  • func (ms *DynamicFileMapStore) LogMapping()
  • func (ms *DynamicFileMapStore) RoleMapping(arn string) (config.RoleMapping, error)
  • func (ms *DynamicFileMapStore) UserMapping(arn string) (config.UserMapping, error)
• type DynamicFileMapper
  • func NewDynamicFileMapper(cfg config.Config) (*DynamicFileMapper, error)
  • func (m *DynamicFileMapper) IsAccountAllowed(accountID string) bool
  • func (m *DynamicFileMapper) Map(identity *token.Identity) (*config.IdentityMapping, error)
  • func (m *DynamicFileMapper) Name() string
  • func (m *DynamicFileMapper) Start(stopCh <-chan struct{}) error
• type ErrParsingMap
  • func (err ErrParsingMap) Error() string

Variables

var RoleNotFound = errors.New("Role not found in dynamic file")

RoleNotFound is the error returned when the role is not found in the config map.

var UserNotFound = errors.New("User not found in dynamic file")

UserNotFound is the error returned when the user is not found in the config map.

Functions

func ParseMap

func ParseMap(m *DynamicFileMapStore) (userMappings []config.UserMapping, roleMappings []config.RoleMapping, awsAccounts []string, err error)

Types

type DynamicFileData

type DynamicFileData struct {
	// RoleMappings is a list of mappings from AWS IAM Role to
	// Kubernetes username + groups.
	RoleMappings []config.RoleMapping `json:"mapRoles"`

	// UserMappings is a list of mappings from AWS IAM User to
	// Kubernetes username + groups.
	UserMappings []config.UserMapping `json:"mapUsers"`
	// AutoMappedAWSAccounts is a list of AWS accounts that are allowed without an explicit user/role mapping.
	// IAM ARN from these accounts automatically maps to the Kubernetes username.
	AutoMappedAWSAccounts []string `json:"mapAccounts"`
}

type DynamicFileMapStore

type DynamicFileMapStore struct {
	// contains filtered or unexported fields
}

func NewDynamicFileMapStore

func NewDynamicFileMapStore(cfg config.Config) (*DynamicFileMapStore, error)

func (*DynamicFileMapStore) AWSAccount

func (ms *DynamicFileMapStore) AWSAccount(id string) bool

func (*DynamicFileMapStore) LogMapping

func (ms *DynamicFileMapStore) LogMapping()

func (*DynamicFileMapStore) RoleMapping

func (ms *DynamicFileMapStore) RoleMapping(arn string) (config.RoleMapping, error)

func (*DynamicFileMapStore) UserMapping

func (ms *DynamicFileMapStore) UserMapping(arn string) (config.UserMapping, error)

type DynamicFileMapper

type DynamicFileMapper struct {
	*DynamicFileMapStore
}

func NewDynamicFileMapper

func NewDynamicFileMapper(cfg config.Config) (*DynamicFileMapper, error)

func (*DynamicFileMapper) IsAccountAllowed

func (m *DynamicFileMapper) IsAccountAllowed(accountID string) bool

func (*DynamicFileMapper) Map

func (m *DynamicFileMapper) Map(identity *token.Identity) (*config.IdentityMapping, error)

func (*DynamicFileMapper) Name

func (m *DynamicFileMapper) Name() string

func (*DynamicFileMapper) Start

func (m *DynamicFileMapper) Start(stopCh <-chan struct{}) error

type ErrParsingMap

type ErrParsingMap struct {
	// contains filtered or unexported fields
}

func (ErrParsingMap) Error

func (err ErrParsingMap) Error() string