Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func DecodePEMAndParseCertificate

func DecodePEMAndParseCertificate(certificate string) (*x509.Certificate, error)

    DecodePEMAndParseCertificate decodes the PEM encoded certificate and parses it into a x509 cert.

    func GetIamInstanceProfileARN

    func GetIamInstanceProfileARN(instance *ec2.Instance) (string, error)

      GetIamInstanceProfileARN extracts the ARN from the `instance` output of a call to DescribeInstances. The ARN is expected to be non-empty.

      func GetInstance

      func GetInstance(output *ec2.DescribeInstancesOutput) (*ec2.Instance, error)

      func GetInstanceId

      func GetInstanceId(instance *ec2.Instance) (string, error)

        GetInstanceId returns the instanceID from the output of a call to DescribeInstances Instance.

        func GetPrivateIPAddress

        func GetPrivateIPAddress(instance *ec2.Instance) (string, error)

          GetPrivateIPAddress extracts the private IP address from the output of a call to DescribeInstances Instance. The response is expected to be the first private IP attached to the instance. If the instances no attached interfaces, the value is empty ("")

          func GetPublicIPAddress

          func GetPublicIPAddress(instance *ec2.Instance) (string, error)

            GetPublicIPAddress extracts the public IP address from the output of a call to DescribeInstances Instance. The response is expected to be non-empty if the instance has a public IP and empty ("") if the instance is private.

            func GetTags

            func GetTags(instance *ec2.Instance) ([]*ec2.Tag, error)

              GetTags returns a map of Key/Value pairs representing the tags

              func ValidateInstance

              func ValidateInstance(output *ec2.DescribeInstancesOutput, doc IdentityDocument, remoteAddr string) (role string, err error)

                ValidateInstance checks if an EC2 instance exists and it has the expected IP. It returns the name of the instance profile (the IAM role).

                Note that this validation will not work for NATed VMs.

                Types

                type IdentityDocument

                type IdentityDocument struct {
                	InstanceID  string    `json:"instanceId,omitempty"`
                	AccountID   string    `json:"accountId,omitempty"`
                	Region      string    `json:"region,omitempty"`
                	PendingTime time.Time `json:"pendingTime,omitempty"`
                }

                func ParseAndVerifyIdentityDocument

                func ParseAndVerifyIdentityDocument(pkcs7b64 string) (*IdentityDocument, string, error)

                  ParseAndVerifyIdentityDocument parses and checks and identity document in PKCS#7 format. Only some relevant fields are returned.