alzlib

package module
v0.30.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 25, 2026 License: MIT Imports: 24 Imported by: 0

README

alzlib

Go test codecov

This module provides a go library for reading Azure Landing Zones Library definitions.

Installation

To install alzlib, use the following go get command:

go get -u github.com/Azure/alzlib

Usage

See the examples in the integrationtest/examples_test.go file for usage examples.

We recommend adding .alzlib to your .gitignore file to avoid committing the library cache to your repository.

Why?

Managing Azure Policy at-scale can be challenging. This module helps by providing a way to programmatically access and manage Azure Policy definitions, assignments, and initiatives from the Azure Landing Zones Library.

Key benefits include:

  • Ensuring that the definition in your policy assignment is assignable. This means that it is built-in, or in-scope for the assignment (in this management group or a parent).
  • Ensuring that all of your policy assignment parameters are valid, and that they exist in the definition.
  • Correctly calculating the role assignments required for Modify and DeployIfNotExists policies.
    • For this we to get all the definitions that are assigned, and look at the roleDefinitionIds property of the policy definition.
    • We assign roles at the scope of the policy assignment, and for any parameter value that has the assignPermissions metadata property set to true. This supports a least-privilege model and ensures that the role assignment is removed either when the resource is deleted, or when the policy assignment is removed.

The Library is a way of defining and customizing a management group hierarchy and associated policies for an organization. It is designed to be a starting point for organizations to build their own governance model. This module provides a way to consume the Library in a programmatic way, allowing for easier integration into existing tooling and processes. Typically this is infrastructure as code tooling, such as a Terraform provider or Pulumi package.

Configuration

The module uses the following environment variables:

  • ALZLIB_DIR: The local temporary directory where the libraries will be cloned. Default is .alzlib
  • ALZLIB_LIBRARY_GIT_URL: The URL of the Azure Landing Zones Library repository. Default is github.com/Azure/Azure-Landing-Zones-Library

Contributing

This project welcomes contributions and suggestions. Most contributions require you to agree to a Contributor License Agreement (CLA) declaring that you have the right to, and actually do, grant us the rights to use your contribution. For details, visit https://cla.opensource.microsoft.com.

When you submit a pull request, a CLA bot will automatically determine whether you need to provide a CLA and decorate the PR appropriately (e.g., status check, comment). Simply follow the instructions provided by the bot. You will only need to do this once across all repos using our CLA.

This project has adopted the Microsoft Open Source Code of Conduct. For more information see the Code of Conduct FAQ or contact opencode@microsoft.com with any additional questions or comments.

Trademarks

This project may contain trademarks or logos for projects, products, or services. Authorized use of Microsoft trademarks or logos is subject to and must follow Microsoft's Trademark & Brand Guidelines. Use of Microsoft trademarks or logos in modified versions of this project must not cause confusion or imply Microsoft sponsorship. Any use of third-party trademarks or logos are subject to those third-party's policies.

Documentation

Overview

Package alzlib provides the data structures needed to deploy Azure Landing Zones. It takes in fs.FS as input and returns a map of resources that can be used to deploy Azure Landing Zones of varying complexity.

Internally the Azure SDK is used to store the resources in memory. It is up to the caller to transform this data into the required format for deployment.

Index

Constants

View Source 
const (

	// InitialMetadataSliceCapacity is the initial capacity for the metadata slice.
	InitialMetadataSliceCapacity = 10
	// MaxRecursionDepth is the maximum depth for recursive operations.
	MaxRecursionDepth = 5
	// PolicySetDefinitionsType is the lowercase type for policy set definitions, without the resource provider.
	PolicySetDefinitionsType = "policysetdefinitions"
	// PolicyDefinitionsType is the lowercase type for policy definitions, without the resource provider.
	PolicyDefinitionsType = "policydefinitions"
)
View Source 
const (
	// InitialLibraryReferencesCapacity is the initial capacity for library references slice.
	InitialLibraryReferencesCapacity = 5
)

Variables

View Source 
var Instance atomic.Uint32

Instance is used to track the current instance ID. When set by the caller, it prevents collisions in the .alzlib directory.

Functions

func FetchAzureLandingZonesLibraryMember added in v0.14.0 

func FetchAzureLandingZonesLibraryMember(
	ctx context.Context,
	path, ref, dstDir string,
) (fs.FS, error)

FetchAzureLandingZonesLibraryMember is a convenience function to fetch the Azure Landing Zones library by member path and tag (ref). It calls FetchLibraryByGetterString with the appropriate URL. The destination directory will be appended to the `.alzlib` directory in the current working directory. This can be override by setting the `ALZLIB_DIR` environment variable. To fetch the ALZ reference, supply "platform/alz" as the member, with the tag (e.g. 2024.03.03).

func FetchLibraryByGetterString added in v0.14.0 

func FetchLibraryByGetterString(ctx context.Context, getterString, dstDir string) (fs.FS, error)

FetchLibraryByGetterString fetches a library from a URL using the go-getter library. The caller must supply a valid go-getter URL and a destination directory, which will be appended to the `.alzlib` directory in the current working directory. This can be override by setting the `ALZLIB_DIR` environment variable. It returns an fs.FS interface to the fetched library to be used in the AlzLib.Init() method.

func JoinNameAndVersion added in v0.29.0 

func JoinNameAndVersion(name string, version *string) string

JoinNameAndVersion joins a resource name and version into a single string. If the version is nil, only the name is returned.

func SplitNameAndVersion added in v0.29.0 

func SplitNameAndVersion(ref string) (string, *string)

SplitNameAndVersion splits a resource reference into its name and version components. If no version is present, the second return value will be nil.

Types

type AlzLib 

type AlzLib struct {
	Options *Options
	// contains filtered or unexported fields
}

AlzLib is the structure that gets built from the the library files do not create this directly, use NewAlzLib instead.

func NewAlzLib 

func NewAlzLib(opts *Options) *AlzLib

NewAlzLib returns a new instance of the alzlib library, optionally using the supplied directory for additional policy (set) definitions. To customize the options for the AlzLib, pass in an AlzLibOptions struct, otherwise the default options will be used.

func (*AlzLib) AddCache added in v0.30.0 

func (az *AlzLib) AddCache(c BuiltInCache)

AddCache stores a BuiltInCache for lazy lookup during AlzLib.GetDefinitionsFromAzure. Definitions are fetched from the cache on demand rather than being loaded eagerly. The cache is retained for the lifetime of AlzLib; call AddCache(nil) to release it explicitly and allow the garbage collector to reclaim the memory. A previously stored cache is replaced by the new one.

func (*AlzLib) AddPolicyAssignments added in v0.14.0 

func (az *AlzLib) AddPolicyAssignments(pas ...*assets.PolicyAssignment) error

AddPolicyAssignments adds policy assignments to the AlzLib struct.

func (*AlzLib) AddPolicyClient 

func (az *AlzLib) AddPolicyClient(client *armpolicy.ClientFactory)

AddPolicyClient adds an authenticated *armpolicy.ClientFactory to the AlzLib struct. This is needed to get policy objects from Azure.

func (*AlzLib) AddPolicyDefinitions added in v0.14.0 

func (az *AlzLib) AddPolicyDefinitions(pds ...*assets.PolicyDefinition) error

AddPolicyDefinitions adds policy definitions to the AlzLib struct.

func (*AlzLib) AddPolicySetDefinitions added in v0.14.0 

func (az *AlzLib) AddPolicySetDefinitions(psds ...*assets.PolicySetDefinition) error

AddPolicySetDefinitions adds policy set definitions to the AlzLib struct.

func (*AlzLib) AddRoleDefinitions added in v0.14.0 

func (az *AlzLib) AddRoleDefinitions(rds ...*assets.RoleDefinition) error

AddRoleDefinitions adds role definitions to the AlzLib struct.

func (*AlzLib) Archetype added in v0.14.0 

func (az *AlzLib) Archetype(name string) *Archetype

Archetype returns a copy of the requested archetype by name.

func (*AlzLib) Archetypes added in v0.14.0 

func (az *AlzLib) Archetypes() []string

Archetypes returns a list of the archetypes in the AlzLib struct.

func (*AlzLib) Architecture added in v0.14.0 

func (az *AlzLib) Architecture(name string) *Architecture

Architecture returns the requested architecture.

func (*AlzLib) Architectures added in v0.18.0 

func (az *AlzLib) Architectures() []string

Architectures returns a list of the architecture names in the AlzLib struct.

func (*AlzLib) AssignmentReferencedDefinitionHasParameter added in v0.19.0 

func (az *AlzLib) AssignmentReferencedDefinitionHasParameter(
	res *arm.ResourceID,
	definitionVersion *string,
	param string,
) bool

AssignmentReferencedDefinitionHasParameter checks if the referenced definition of an assignment has a specific parameter. It takes a resource ID and a parameter name as input and returns a boolean indicating whether the parameter exists or not.

func (*AlzLib) ExportBuiltInCache added in v0.30.0 

func (az *AlzLib) ExportBuiltInCache() *cache.Cache

ExportBuiltInCache creates a cache.Cache from the built-in policy definitions and policy set definitions that are currently loaded in AlzLib. Definitions are included when their policy type is armpolicy.PolicyTypeBuiltIn, armpolicy.PolicyTypeStatic, or is unspecified/nil (which is treated as built-in); custom definitions (loaded from library files) are excluded.

This is useful when callers want to persist a minimal cache covering only the definitions referenced by their specific library — rather than using alzlibtool to cache everything. The returned cache can be saved with cache.Cache.Save and reloaded later with cache.NewCache, then re-injected via AlzLib.AddCache to skip Azure API calls on subsequent runs.

func (*AlzLib) GetDefinitionsFromAzure 

func (az *AlzLib) GetDefinitionsFromAzure(ctx context.Context, reqs []BuiltInRequest) error

GetDefinitionsFromAzure takes a slice of requests for built-in definitions. It fetches requested definitions from Azure only when they do not already exist in AlzLib (determined by the last segment of the resource ID). For policy set definitions, existing sets in AlzLib are inspected to discover referenced built-in definitions, and any missing referenced definitions are then fetched as needed. If a cache has been set via AlzLib.AddCache, definitions are looked up from the cache before falling back to Azure API calls. The cache is retained for the lifetime of AlzLib; callers can explicitly clear it by calling AddCache(nil) when they no longer need it.

func (*AlzLib) Init 

func (az *AlzLib) Init(ctx context.Context, libs ...LibraryReference) error

Init processes ALZ libraries, supplied as `LibraryReference` interfaces. Use FetchAzureLandingZonesLibraryMember/FetchLibraryByGetterString to get the library from GitHub. It populates the struct with the results of the processing.

func (*AlzLib) Metadata added in v0.20.0 

func (az *AlzLib) Metadata() []*Metadata

Metadata returns all the registered metadata in the AlzLib struct.

func (*AlzLib) PolicyAssignment added in v0.14.0 

func (az *AlzLib) PolicyAssignment(name string) *assets.PolicyAssignment

PolicyAssignment returns a deep copy of the requested policy assignment. This is safe to modify without affecting the original.

func (*AlzLib) PolicyAssignmentExists 

func (az *AlzLib) PolicyAssignmentExists(name string) bool

PolicyAssignmentExists returns true if the policy assignment exists name in the AlzLib struct.

func (*AlzLib) PolicyAssignments added in v0.18.0 

func (az *AlzLib) PolicyAssignments() []string

PolicyAssignments returns a slice of all the policy assignment names in the library.

func (*AlzLib) PolicyDefaultValue added in v0.20.0 

func (az *AlzLib) PolicyDefaultValue(name string) *DefaultPolicyAssignmentValuesValue

PolicyDefaultValue returns a copy of the requested default policy assignment default values by name.

func (*AlzLib) PolicyDefaultValues added in v0.19.1 

func (az *AlzLib) PolicyDefaultValues() []string

PolicyDefaultValues returns a sorted list of the default policy assignment default values in the AlzLib struct.

func (*AlzLib) PolicyDefinition added in v0.14.0 

func (az *AlzLib) PolicyDefinition(name string, version *string) *assets.PolicyDefinition

PolicyDefinition returns a deep copy of the requested policy definition version. This is safe to modify without affecting the original.

func (*AlzLib) PolicyDefinitionExists 

func (az *AlzLib) PolicyDefinitionExists(name string, version *string) bool

PolicyDefinitionExists returns true if the policy definition name exists in the AlzLib struct.

func (*AlzLib) PolicyDefinitions added in v0.18.0 

func (az *AlzLib) PolicyDefinitions() []string

PolicyDefinitions returns a slice of all the policy definition names in the library.

func (*AlzLib) PolicySetDefinition added in v0.14.0 

func (az *AlzLib) PolicySetDefinition(name string, version *string) *assets.PolicySetDefinition

PolicySetDefinition returns a deep copy of the requested policy set definition. This is safe to modify without affecting the original.

func (*AlzLib) PolicySetDefinitionExists 

func (az *AlzLib) PolicySetDefinitionExists(name string, version *string) bool

PolicySetDefinitionExists returns true if the policy set definition name and version exists in the AlzLib struct.

func (*AlzLib) PolicySetDefinitions added in v0.18.0 

func (az *AlzLib) PolicySetDefinitions() []string

PolicySetDefinitions returns a slice of all the policy set definition names in the library.

func (*AlzLib) RoleDefinition added in v0.14.0 

func (az *AlzLib) RoleDefinition(name string) *assets.RoleDefinition

RoleDefinition returns a deep copy of the requested role definition. This is safe to modify without affecting the original.

func (*AlzLib) RoleDefinitionExists 

func (az *AlzLib) RoleDefinitionExists(name string) bool

RoleDefinitionExists returns true if the role definition name exists in the AlzLib struct.

func (*AlzLib) RoleDefinitions added in v0.18.0 

func (az *AlzLib) RoleDefinitions() []string

RoleDefinitions returns a slice of all the role definition names in the library.

func (*AlzLib) SetAssignPermissionsOnDefinitionParameter added in v0.25.0 

func (az *AlzLib) SetAssignPermissionsOnDefinitionParameter(
	definitionName string, parameterName string,
)

SetAssignPermissionsOnDefinitionParameter sets the AssignPermissions metadata field to true for for the definition (all versions) and parameter with the given name.

func (*AlzLib) UnsetAssignPermissionsOnDefinitionParameter added in v0.25.0 

func (az *AlzLib) UnsetAssignPermissionsOnDefinitionParameter(
	definitionName string, parameterName string,
)

UnsetAssignPermissionsOnDefinitionParameter removes the AssignPermissions metadata field to true for the definition (all versions) and parameter with the given name.

type AlzLibraryReference added in v0.20.0 

type AlzLibraryReference struct {
	// contains filtered or unexported fields
}

AlzLibraryReference is a struct that represents a dependency of a library member that is fetched from the ALZ Library.

func NewAlzLibraryReference added in v0.20.0 

func NewAlzLibraryReference(path, ref string) *AlzLibraryReference

NewAlzLibraryReference creates a new AlzLibraryReference with the given path and ref.

func NewAlzLibraryReferenceFromFS added in v0.30.0 

func NewAlzLibraryReferenceFromFS(path, ref string, filesystem fs.FS) *AlzLibraryReference

NewAlzLibraryReferenceFromFS creates a new AlzLibraryReference with the given path, ref and filesystem.

func (*AlzLibraryReference) FS added in v0.20.0 

func (m *AlzLibraryReference) FS() fs.FS

FS returns the filesystem of the library member.

func (*AlzLibraryReference) Fetch added in v0.20.0 

func (m *AlzLibraryReference) Fetch(
	ctx context.Context,
	destinationDirectory string,
) (fs.FS, error)

Fetch fetches the library member from the ALZ Library.

func (*AlzLibraryReference) FetchWithDependencies added in v0.20.0 

func (m *AlzLibraryReference) FetchWithDependencies(
	ctx context.Context,
) (LibraryReferences, error)

FetchWithDependencies fetches the library member and its dependencies. If you have more than one LibraryReference in a LibraryReferences slice, use LibraryReferences.FetchWithDependencies() instead.

func (*AlzLibraryReference) Path added in v0.20.0 

func (m *AlzLibraryReference) Path() string

Path returns the path of the library member within the ALZ Library.

func (*AlzLibraryReference) Ref added in v0.20.0 

func (m *AlzLibraryReference) Ref() string

Ref returns the reference of the library member.

func (*AlzLibraryReference) String added in v0.20.0 

func (m *AlzLibraryReference) String() string

String returns the formatted path and the tag of the library member.

type Archetype 

type Archetype struct {
	PolicyDefinitions    mapset.Set[string]
	PolicyAssignments    mapset.Set[string]
	PolicySetDefinitions mapset.Set[string]
	RoleDefinitions      mapset.Set[string]
	// contains filtered or unexported fields
}

Archetype represents an archetype definition that hasn't been assigned to a management group The contents of the sets represent the map keys of the corresponding AlzLib maps. Do not creaste this struct directly, use NewArchetype instead.

func NewArchetype added in v0.14.0 

func NewArchetype(name string) *Archetype

NewArchetype creates a new Archetype with the given name.

func (*Archetype) Name added in v0.14.0 

func (a *Archetype) Name() string

Name returns the name of the archetype.

type Architecture added in v0.14.0 

type Architecture struct {
	// contains filtered or unexported fields
}

Architecture represents an Azure architecture that has not been deployed. Do not create this struct directly, use NewArchitecture instead.

func NewArchitecture added in v0.14.0 

func NewArchitecture(name string, az *AlzLib) *Architecture

NewArchitecture creates a new Architecture with the given name and AlzLib.

func (*Architecture) Name added in v0.20.0 

func (a *Architecture) Name() string

Name returns the name of the architecture.

func (*Architecture) RootMgs added in v0.14.0 

func (a *Architecture) RootMgs() (res []*ArchitectureManagementGroup)

RootMgs returns the top level management groups of the architecture.

type ArchitectureManagementGroup added in v0.14.0 

type ArchitectureManagementGroup struct {
	// contains filtered or unexported fields
}

ArchitectureManagementGroup represents a management group in an undeployed architecture.

func (*ArchitectureManagementGroup) Archetypes added in v0.14.0 

func (mg *ArchitectureManagementGroup) Archetypes() (res []*Archetype)

Archetypes returns the archetypes assigned to the management group.

func (*ArchitectureManagementGroup) Children added in v0.14.0 

func (mg *ArchitectureManagementGroup) Children() (res []*ArchitectureManagementGroup)

Children returns the child management groups of the management group.

func (*ArchitectureManagementGroup) DisplayName added in v0.14.0 

func (mg *ArchitectureManagementGroup) DisplayName() string

DisplayName returns the display name of the management group.

func (*ArchitectureManagementGroup) Exists added in v0.20.1 

func (mg *ArchitectureManagementGroup) Exists() bool

Exists returns the exists value.

func (*ArchitectureManagementGroup) ID added in v0.27.0 

func (mg *ArchitectureManagementGroup) ID() string

ID returns the id of the management group.

type BuiltInCache added in v0.30.0 

type BuiltInCache interface {
	PolicyDefinitions() map[string]*assets.PolicyDefinitionVersions
	PolicySetDefinitions() map[string]*assets.PolicySetDefinitionVersions
	// PolicyDefinitionVersionsByName returns the policy definition versions for the given name,
	// or nil if not found.
	PolicyDefinitionVersionsByName(name string) *assets.PolicyDefinitionVersions
	// PolicySetDefinitionVersionsByName returns the policy set definition versions for the given name,
	// or nil if not found.
	PolicySetDefinitionVersionsByName(name string) *assets.PolicySetDefinitionVersions
}

BuiltInCache is an interface for providing cached built-in Azure policy definitions and policy set definitions. When a complete cache is supplied via AlzLib.AddCache, the policy client (AlzLib.AddPolicyClient) is not required because AlzLib.GetDefinitionsFromAzure will find every definition in the cache and skip all Azure API calls.

type BuiltInRequest added in v0.29.0 

type BuiltInRequest struct {
	ResourceID *arm.ResourceID
	Version    *string
}

BuiltInRequest contains the values required to retrieve a policy (set) definition from Azure.

func (BuiltInRequest) String added in v0.29.0 

func (b BuiltInRequest) String() string

String returns a string representation of the BuiltInRequest in the format "resourceID@version". If the Version is nil, it returns just the resourceID.

type CustomLibraryReference added in v0.20.0 

type CustomLibraryReference struct {
	// contains filtered or unexported fields
}

CustomLibraryReference is a struct that represents a dependency of a library member that is fetched from a custom go-getter URL.

func NewCustomLibraryReference added in v0.20.0 

func NewCustomLibraryReference(url string) *CustomLibraryReference

NewCustomLibraryReference creates a new CustomLibraryReference with the given URL.

func NewCustomLibraryReferenceFromFS added in v0.30.0 

func NewCustomLibraryReferenceFromFS(url string, filesystem fs.FS) *CustomLibraryReference

NewCustomLibraryReferenceFromFS creates a new CustomLibraryReference with the given URL and filesystem.

func (*CustomLibraryReference) FS added in v0.20.0 

func (m *CustomLibraryReference) FS() fs.FS

FS returns the filesystem of the library member.

func (*CustomLibraryReference) Fetch added in v0.20.0 

func (m *CustomLibraryReference) Fetch(
	ctx context.Context,
	destinationDirectory string,
) (fs.FS, error)

Fetch fetches the library member from the custom go-getter URL.

func (*CustomLibraryReference) FetchWithDependencies added in v0.20.0 

func (m *CustomLibraryReference) FetchWithDependencies(
	ctx context.Context,
) (LibraryReferences, error)

FetchWithDependencies fetches the library member and its dependencies. If you have more than one LibraryReference in a LibraryReferences slice, use LibraryReferences.FetchWithDependencies() instead.

func (*CustomLibraryReference) String added in v0.20.0 

func (m *CustomLibraryReference) String() string

String returns the URL of the custom go-getter.

type DefaultPolicyAssignmentValues added in v0.19.0 

type DefaultPolicyAssignmentValues map[string]DefaultPolicyAssignmentValuesValue

DefaultPolicyAssignmentValues is a map of default names to DefaultPolicyAssignmentValuesValue. It is used to map a single value to multiple policy assignments.

func (DefaultPolicyAssignmentValues) Add added in v0.19.0 

func (d DefaultPolicyAssignmentValues) Add(
	defaultName, assignmentName, description string,
	parameterNames ...string,
)

Add adds a new default policy assignment value to the DefaultPolicyAssignmentValues. It takes the defaultName, assignmentName, and parameterNames as input parameters. If the defaultName does not exist in the DefaultPolicyAssignmentValues, it creates a new entry. If the assignmentName does not exist under the defaultName, it creates a new entry. Finally, it appends the parameterNames to the assignmentName.

func (DefaultPolicyAssignmentValues) AssignmentParameterComboExists added in v0.19.0 

func (d DefaultPolicyAssignmentValues) AssignmentParameterComboExists(
	wantAssignmentName, wantParameterName string,
) bool

AssignmentParameterComboExists checks if a given assignment name and parameter name combination exists in the DefaultPolicyAssignmentValues. It iterates through each assignment in the DefaultPolicyAssignmentValues and checks if the assignment contains the specified assignment name. If the assignment contains the assignment name, it then checks if the assignment's parameters contain the specified parameter name. If the combination exists, it returns true. Otherwise, it returns false.

type DefaultPolicyAssignmentValuesValue added in v0.19.0 

type DefaultPolicyAssignmentValuesValue struct {
	// contains filtered or unexported fields
}

DefaultPolicyAssignmentValuesValue is a map of assignments names to parameter names.

func NewDefaultPolicyAssignmentValuesValue added in v0.23.0 

func NewDefaultPolicyAssignmentValuesValue(description string) DefaultPolicyAssignmentValuesValue

NewDefaultPolicyAssignmentValuesValue creates a new DefaultPolicyAssignmentValues instance.

func (DefaultPolicyAssignmentValuesValue) AssignmentParameters added in v0.21.3 

func (d DefaultPolicyAssignmentValuesValue) AssignmentParameters(name string) []string

AssignmentParameters returns a sorted list of parameter names.

func (DefaultPolicyAssignmentValuesValue) Assignments added in v0.21.3 

func (d DefaultPolicyAssignmentValuesValue) Assignments() []string

Assignments returns a sorted list of assignment names.

func (DefaultPolicyAssignmentValuesValue) Description added in v0.23.0 

func (d DefaultPolicyAssignmentValuesValue) Description() string

Description returns the description of the DefaultPolicyAssignmentValuesValue.

func (DefaultPolicyAssignmentValuesValue) PolicyAssignment2ParameterMap added in v0.23.0 

func (d DefaultPolicyAssignmentValuesValue) PolicyAssignment2ParameterMap() map[string]mapset.Set[string]

PolicyAssignment2ParameterMap returns the map of assignment names to parameter names.

type LibraryReference added in v0.20.0 

type LibraryReference interface {
	fmt.Stringer
	Fetch(
		ctx context.Context,
		desinationDirectory string,
	) (fs.FS, error) // Fetch fetches the library member to the `.alzlib/destinationDirectory`.
	// Override the base dir using `ALZLIB_DIR` env var.
	FetchWithDependencies(
		ctx context.Context,
	) (LibraryReferences, error) // FetchWithDependencies fetches the library member and its dependencies.
	FS() fs.FS // FS returns the filesystem of the library member, can be used in Alzlib.Init()
}

LibraryReference is an interface that represents a dependency of a library member. It can be fetched form either a custom go-getter URL or from the ALZ Library.

func NewMetadataDependencyFromProcessor added in v0.20.0 

func NewMetadataDependencyFromProcessor(in processor.LibMetadataDependency) LibraryReference

NewMetadataDependencyFromProcessor creates a LibraryReference from a processor.LibMetadataDependency.

type LibraryReferences added in v0.20.0 

type LibraryReferences []LibraryReference

LibraryReferences is a slice of LibraryReference. This type has methods for convenience.

func (LibraryReferences) FSs added in v0.20.0 

func (m LibraryReferences) FSs() []fs.FS

FSs returns the filesystems of the library references, can be used with Alzlib.Init().

func (LibraryReferences) FetchWithDependencies added in v0.20.0 

func (m LibraryReferences) FetchWithDependencies(ctx context.Context) (LibraryReferences, error)

FetchWithDependencies recursively fetches all the library references and their dependencies. The destination directory a hash value that will be appended to the `.alzlib` directory in the current working directory unless overridden by the `ALZLIB_DIR` environment variable.

type Metadata added in v0.20.0 

type Metadata struct {
	// contains filtered or unexported fields
}

Metadata is a struct that represents the metadata of a library member.

func NewMetadata added in v0.20.0 

func NewMetadata(in *processor.LibMetadata, ref LibraryReference) *Metadata

NewMetadata creates a new Metadata instance from the processor.LibMetadata and a LibraryReference.

func (*Metadata) Dependencies added in v0.20.0 

func (m *Metadata) Dependencies() LibraryReferences

Dependencies returns the dependencies of the library member.

func (*Metadata) Description added in v0.20.0 

func (m *Metadata) Description() string

Description returns the description of the library member.

func (*Metadata) DisplayName added in v0.20.0 

func (m *Metadata) DisplayName() string

DisplayName returns the display name of the library member.

func (*Metadata) IsAlzLibraryRef added in v0.21.0 

func (m *Metadata) IsAlzLibraryRef() bool

IsAlzLibraryRef checks if the Metadata is an ALZ library reference.

func (*Metadata) Name added in v0.20.0 

func (m *Metadata) Name() string

Name returns the name of the library member.

func (*Metadata) Path added in v0.20.0 

func (m *Metadata) Path() string

Path returns the path of the library member within the ALZ Library.

func (*Metadata) Ref added in v0.21.0 

func (m *Metadata) Ref() LibraryReference

Ref returns the LibraryReference used to instantiate the library member.

type Options added in v0.27.0 

type Options struct {
	// AllowOverwrite allows overwriting of existing policy assignments when processing additional libraries
	// with AlzLib.Init().
	AllowOverwrite bool
	// Parallelism is the number of parallel requests to make to Azure APIs when getting policy definitions
	// and policy set definitions.
	Parallelism int
	// UniqueRoleDefinitions indicates whether to update the role definitions to be unique per management group.
	// If this is not set, you may end up with conflicting role definition names.
	UniqueRoleDefinitions bool
}

Options are options for the AlzLib.

Source Files

View all Source files

Directories

Path Synopsis
Package assets provides the types used by the Alzlib library.
 Package assets provides the types used by the Alzlib library.
Package cache provides a cache for built-in Azure policy definitions and policy set definitions.
 Package cache provides a cache for built-in Azure policy definitions and policy set definitions.
cmd
alzlibtool command
Package main provides the command-line interface for alzlibtool, a tool for managing and manipulating ALZ files.
 Package main provides the command-line interface for alzlibtool, a tool for managing and manipulating ALZ files.
alzlibtool/command
Package command provides the command line interface for alzlibtool.
 Package command provides the command line interface for alzlibtool.
alzlibtool/command/cache
Package cache implements the `alzlibtool cache` CLI commands for creating and inspecting built-in policy definition caches.
 Package cache implements the `alzlibtool cache` CLI commands for creating and inspecting built-in policy definition caches.
alzlibtool/command/check
Package check provides the command to check the integrity of the ALZ library.
 Package check provides the command to check the integrity of the ALZ library.
alzlibtool/command/convert
Package convert provides functionality to convert legacy policies from terraform-azurerm-caf-enterprise-scale to the new ALZ Library format.
 Package convert provides functionality to convert legacy policies from terraform-azurerm-caf-enterprise-scale to the new ALZ Library format.
alzlibtool/command/document
Package document provides the command to generate documentation for the alzlibtool.
 Package document provides the command to generate documentation for the alzlibtool.
alzlibtool/command/generate
Package generate provides the command to generate documentation for the alzlibtool.
 Package generate provides the command to generate documentation for the alzlibtool.
Package deployment contains the types and methods for managing the deployment of an Azure management group hierarchy using the supplied Alzlib.
 Package deployment contains the types and methods for managing the deployment of an Azure management group hierarchy using the supplied Alzlib.
internal
auth
Package auth provides a small helper for creating an Azure Entra (azcore.TokenCredential) using well-known Azure/Terraform environment variables and conventions.
 Package auth provides a small helper for creating an Azure Entra (azcore.TokenCredential) using well-known Azure/Terraform environment variables and conventions.
doc
Package doc provides functions to generate documentation for alzlib libraries in Markdown format.
 Package doc provides functions to generate documentation for alzlib libraries in Markdown format.
environment
Package environment provides functions to manage the execution environment for alzlib.
 Package environment provides functions to manage the execution environment for alzlib.
processor
Package processor is used to process the library files and read them into a result struct for Alzlib to use.
 Package processor is used to process the library files and read them into a result struct for Alzlib to use.
tools/checker
Package checker provides a way to run checks against a variadic number of inputs.
 Package checker provides a way to run checks against a variadic number of inputs.
tools/checks
Package checks provides a framework for validating resources against a set of checks.
 Package checks provides a framework for validating resources against a set of checks.
Package to contains various type-conversion helper functions.
 Package to contains various type-conversion helper functions.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.