Documentation

Overview

Copyright 2018 The OpenShift Authors.

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

Index

• func DecodeProviderSpec(codec *minterv1.ProviderCodec, cr *minterv1.CredentialsRequest) (*minterv1.AWSProviderSpec, error)
• func DecodeProviderStatus(codec *minterv1.ProviderCodec, cr *minterv1.CredentialsRequest) (*minterv1.AWSProviderStatus, error)
• type AWSActuator
  • func NewAWSActuator(client client.Client, scheme *runtime.Scheme) (*AWSActuator, error)
  • func (a *AWSActuator) Create(ctx context.Context, cr *minterv1.CredentialsRequest) error
  • func (a *AWSActuator) Delete(ctx context.Context, cr *minterv1.CredentialsRequest) error
  • func (a *AWSActuator) Exists(ctx context.Context, cr *minterv1.CredentialsRequest) (bool, error)
  • func (a *AWSActuator) Update(ctx context.Context, cr *minterv1.CredentialsRequest) error
• type PolicyDocument
• type StatementEntry

Constants

This section is empty.

Variables

This section is empty.

Functions

func DecodeProviderSpec

func DecodeProviderSpec(codec *minterv1.ProviderCodec, cr *minterv1.CredentialsRequest) (*minterv1.AWSProviderSpec, error)

func DecodeProviderStatus

func DecodeProviderStatus(codec *minterv1.ProviderCodec, cr *minterv1.CredentialsRequest) (*minterv1.AWSProviderStatus, error)

Types

type AWSActuator

type AWSActuator struct {
	Client           client.Client
	Codec            *minterv1.ProviderCodec
	AWSClientBuilder func(accessKeyID, secretAccessKey []byte, region, infraName string) (ccaws.Client, error)
	Scheme           *runtime.Scheme
}

AWSActuator implements the CredentialsRequest Actuator interface to create credentials in AWS.

func NewAWSActuator

func NewAWSActuator(client client.Client, scheme *runtime.Scheme) (*AWSActuator, error)

NewAWSActuator creates a new AWSActuator.

func (*AWSActuator) Create

func (a *AWSActuator) Create(ctx context.Context, cr *minterv1.CredentialsRequest) error

Create the credentials.

func (*AWSActuator) Delete

func (a *AWSActuator) Delete(ctx context.Context, cr *minterv1.CredentialsRequest) error

Delete the credentials. If no error is returned, it is assumed that all dependent resources have been cleaned up.

func (*AWSActuator) Exists

func (a *AWSActuator) Exists(ctx context.Context, cr *minterv1.CredentialsRequest) (bool, error)

Checks if the credentials currently exist.

To do this we will check if the target secret exists. This call is only used to determine if we're doing a Create or an Update, but in the context of this acutator it makes no difference. As such we will not check if the user exists in AWS and is correctly configured as this will all be handled in both Create and Update.

func (*AWSActuator) Update

func (a *AWSActuator) Update(ctx context.Context, cr *minterv1.CredentialsRequest) error

Update the credentials to the provided definition.

type PolicyDocument

type PolicyDocument struct {
	Version   string
	Statement []StatementEntry
}

PolicyDocument is a simple type used to serialize to AWS' PolicyDocument format.

type StatementEntry

type StatementEntry struct {
	Effect   string
	Action   []string
	Resource string
}

StatementEntry is a simple type used to serialize to AWS' PolicyDocument format. We cannot re-use minterv1.StatementEntry due to different conventions for the serialization keys. (caps)