Documentation ¶
Overview ¶
Package bootstrap provides a way to generate a CloudFormation template for IAM policies, users and roles for use by Cluster API Provider AWS.
Index ¶
- Constants
- Variables
- func AWSArnAssumeRolePolicy(identityID string) *iamv1.PolicyDocument
- func AWSServiceAssumeRolePolicy(identityID string) *iamv1.PolicyDocument
- func AssumeRolePolicy(identityType iamv1.PrincipalType, principalIDs []string) *iamv1.PolicyDocument
- type PolicyName
- type Template
- func (t Template) ControllersPolicy() *iamv1.PolicyDocument
- func (t Template) ControllersPolicyEKS() *iamv1.PolicyDocument
- func (t Template) GenerateManagedIAMPolicyDocuments(policyDocDir string) error
- func (t Template) GetPolicyDocFromPolicyName(policyName PolicyName) *iamv1.PolicyDocument
- func (t Template) NewManagedName(name string) string
- func (t Template) PrintPolicyDocs() error
- func (t Template) RenderCloudFormation() *cloudformation.Template
Constants ¶
const ( AWSIAMGroupBootstrapper = "AWSIAMGroupBootstrapper" AWSIAMInstanceProfileControllers = "AWSIAMInstanceProfileControllers" AWSIAMInstanceProfileControlPlane = "AWSIAMInstanceProfileControlPlane" AWSIAMInstanceProfileNodes = "AWSIAMInstanceProfileNodes" AWSIAMRoleControllers = "AWSIAMRoleControllers" AWSIAMRoleControlPlane = "AWSIAMRoleControlPlane" AWSIAMRoleNodes = "AWSIAMRoleNodes" AWSIAMRoleEKSControlPlane = "AWSIAMRoleEKSControlPlane" AWSIAMRoleEKSNodegroup = "AWSIAMRoleEKSNodegroup" AWSIAMRoleEKSFargate = "AWSIAMRoleEKSFargate" AWSIAMUserBootstrapper = "AWSIAMUserBootstrapper" ControllersPolicy PolicyName = "AWSIAMManagedPolicyControllers" ControllersPolicyEKS PolicyName = "AWSIAMManagedPolicyControllersEKS" ControlPlanePolicy PolicyName = "AWSIAMManagedPolicyCloudProviderControlPlane" NodePolicy PolicyName = "AWSIAMManagedPolicyCloudProviderNodes" CSIPolicy PolicyName = "AWSEBSCSIPolicyController" EKSConsolePolicy PolicyName = "AWSIAMManagedPolicyEKSConsole" )
Constants that define resources for a Template.
Variables ¶
var ManagedIAMPolicyNames = [5]PolicyName{ControllersPolicy, ControllersPolicyEKS, ControlPlanePolicy, NodePolicy, CSIPolicy}
ManagedIAMPolicyNames slice of managed IAM policies.
Functions ¶
func AWSArnAssumeRolePolicy ¶
func AWSArnAssumeRolePolicy(identityID string) *iamv1.PolicyDocument
AWSArnAssumeRolePolicy will assume Policies using PolicyArns.
func AWSServiceAssumeRolePolicy ¶
func AWSServiceAssumeRolePolicy(identityID string) *iamv1.PolicyDocument
AWSServiceAssumeRolePolicy will assume an AWS Service policy.
func AssumeRolePolicy ¶
func AssumeRolePolicy(identityType iamv1.PrincipalType, principalIDs []string) *iamv1.PolicyDocument
AssumeRolePolicy will create a role session and pass session policies programmatically.
Types ¶
type PolicyName ¶
type PolicyName string
PolicyName defines the name of a managed IAM policy.
func (PolicyName) IsValid ¶
func (p PolicyName) IsValid() bool
IsValid will check if a given policy name is valid. That is, it will check if the given policy name is one of the ManagedIAMPolicyNames.
type Template ¶
type Template struct {
Spec *bootstrapv1.AWSIAMConfigurationSpec
}
Template is an AWS CloudFormation template to bootstrap IAM policies, users and roles for use by Cluster API Provider AWS.
func (Template) ControllersPolicy ¶
func (t Template) ControllersPolicy() *iamv1.PolicyDocument
ControllersPolicy will create a policy from a Template for AWS Controllers.
func (Template) ControllersPolicyEKS ¶
func (t Template) ControllersPolicyEKS() *iamv1.PolicyDocument
ControllersPolicyEKS creates a policy from a template for AWS Controllers.
func (Template) GenerateManagedIAMPolicyDocuments ¶
GenerateManagedIAMPolicyDocuments generates JSON representation of policy documents for all ManagedIAMPolicy.
func (Template) GetPolicyDocFromPolicyName ¶
func (t Template) GetPolicyDocFromPolicyName(policyName PolicyName) *iamv1.PolicyDocument
GetPolicyDocFromPolicyName returns a Template's policy document.
func (Template) NewManagedName ¶
NewManagedName creates an IAM acceptable name prefixed with this Cluster API implementation's prefix.
func (Template) PrintPolicyDocs ¶ added in v2.2.0
PrintPolicyDocs prints the JSON representation of policy documents for all ManagedIAMPolicy.
func (Template) RenderCloudFormation ¶
func (t Template) RenderCloudFormation() *cloudformation.Template
RenderCloudFormation will render and return a cloudformation Template.