targets

package
v0.13.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 9, 2023 License: MPL-2.0 Imports: 51 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (
	// ExtraWorkerFilters contains any custom worker filters that should be
	// layered in at session authorization time. These will be executed in-order
	// with the results from one fed into the next.
	ExtraWorkerFilters []extraWorkerFilterFunc

	// IdActions contains the set of actions that can be performed on
	// individual resources
	IdActions = action.ActionSet{
		action.NoOp,
		action.Read,
		action.Update,
		action.Delete,
		action.AddHostSources,
		action.SetHostSources,
		action.RemoveHostSources,
		action.AddCredentialSources,
		action.SetCredentialSources,
		action.RemoveCredentialSources,
		action.AuthorizeSession,
	}

	// CollectionActions contains the set of actions that can be performed on
	// this collection
	CollectionActions = action.ActionSet{
		action.Create,
		action.List,
	}

	ValidateIngressWorkerFilterFn    = IngressWorkerFilterUnsupported
	AuthorizeSessionWorkerFilterFn   = AuthorizeSessionWithWorkerFilter
	PostSessionAuthorizationCallback = DefaultPostSessionAuthorizationCallback
	WorkerFilterDeprecationMessage   = fmt.Sprintf("This field is deprecated. Use %s instead.", globals.EgressWorkerFilterField)
)

Functions

func AuthorizeSessionWithWorkerFilter added in v0.12.0 

func AuthorizeSessionWithWorkerFilter(
	_ context.Context,
	t target.Target,
	selectedWorkers wl.WorkerList,
	_ string,
	_ intglobals.ControllerExtension,
	_ common.Downstreamers,
	_ ...target.Option,
) (wl.WorkerList, *server.Worker, error)

If set, use the worker_filter or egress_worker_filter to filter the selected workers and ensure we have workers available to service this request. The second return argument is always nil.

func DefaultPostSessionAuthorizationCallback added in v0.13.0 

func DefaultPostSessionAuthorizationCallback(context.Context, intglobals.ControllerExtension, *kms.Kms, *target.Repository, target.Target, *session.Session, *server.Worker) error

func IngressWorkerFilterUnsupported added in v0.12.0 

func IngressWorkerFilterUnsupported(string) error

func Register 

func Register(s subtypes.Subtype, maskManager handlers.MaskManager, af attributeFunc, sf setAttributeFunc, vsf validateSessionStateFunc)

Register registers a subtype for used by the service handler.

func SetupSuiteTargetFilters added in v0.12.0 

func SetupSuiteTargetFilters(t *testing.T)

SetupSuiteTargetFilters is used to ensure that OSS tests run from the ENT repo use the OSS level of target filtering

Types

type Attributes 

type Attributes interface {
	proto.Message

	// Options create target.Options to be used to create a target.Target.
	Options() []target.Option

	// Vet validates the Attributes and returns a map of fields to error messages
	// if any fields are invalid.
	Vet() map[string]string

	// VetForUpdate validates the Attributes for an updated resource with the
	// provided mask paths and returns a map of fields to error messages if any
	// fields are invalid.
	VetForUpdate([]string) map[string]string
}

Attributes represent the subtype specific request/response attributes.

type Service 

type Service struct {
	pbs.UnsafeTargetServiceServer
	// contains filtered or unexported fields
}

Service handles request as described by the pbs.TargetServiceServer interface.

func NewService 

func NewService(
	ctx context.Context,
	kmsCache *kms.Kms,
	repoFn target.RepositoryFactory,
	iamRepoFn common.IamRepoFactory,
	serversRepoFn common.ServersRepoFactory,
	sessionRepoFn session.RepositoryFactory,
	pluginHostRepoFn common.PluginHostRepoFactory,
	staticHostRepoFn common.StaticRepoFactory,
	vaultCredRepoFn common.VaultCredentialRepoFactory,
	staticCredRepoFn common.StaticCredentialRepoFactory,
	downstreams common.Downstreamers,
	workerStatusGracePeriod *atomic.Int64,
	controllerExt intglobals.ControllerExtension,
) (Service, error)

NewService returns a target service which handles target related requests to boundary.

func (Service) AddTargetCredentialSources 

func (s Service) AddTargetCredentialSources(ctx context.Context, req *pbs.AddTargetCredentialSourcesRequest) (*pbs.AddTargetCredentialSourcesResponse, error)

AddTargetCredentialSources implements the interface pbs.TargetServiceServer.

func (Service) AddTargetHostSources 

func (s Service) AddTargetHostSources(ctx context.Context, req *pbs.AddTargetHostSourcesRequest) (*pbs.AddTargetHostSourcesResponse, error)

AddTargetHostSources implements the interface pbs.TargetServiceServer.

func (Service) AuthorizeSession 

func (s Service) AuthorizeSession(ctx context.Context, req *pbs.AuthorizeSessionRequest) (_ *pbs.AuthorizeSessionResponse, retErr error)

func (Service) CreateTarget 

func (s Service) CreateTarget(ctx context.Context, req *pbs.CreateTargetRequest) (*pbs.CreateTargetResponse, error)

CreateTarget implements the interface pbs.TargetServiceServer.

func (Service) DeleteTarget 

func (s Service) DeleteTarget(ctx context.Context, req *pbs.DeleteTargetRequest) (*pbs.DeleteTargetResponse, error)

DeleteTarget implements the interface pbs.TargetServiceServer.

func (Service) GetTarget 

func (s Service) GetTarget(ctx context.Context, req *pbs.GetTargetRequest) (*pbs.GetTargetResponse, error)

GetTarget implements the interface pbs.TargetServiceServer.

func (Service) ListTargets 

func (s Service) ListTargets(ctx context.Context, req *pbs.ListTargetsRequest) (*pbs.ListTargetsResponse, error)

ListTargets implements the interface pbs.TargetServiceServer.

func (Service) RemoveTargetCredentialSources 

func (s Service) RemoveTargetCredentialSources(ctx context.Context, req *pbs.RemoveTargetCredentialSourcesRequest) (*pbs.RemoveTargetCredentialSourcesResponse, error)

RemoveTargetCredentialSources implements the interface pbs.TargetServiceServer.

func (Service) RemoveTargetHostSources 

func (s Service) RemoveTargetHostSources(ctx context.Context, req *pbs.RemoveTargetHostSourcesRequest) (*pbs.RemoveTargetHostSourcesResponse, error)

RemoveTargetHostSources implements the interface pbs.TargetServiceServer.

func (Service) SetTargetCredentialSources 

func (s Service) SetTargetCredentialSources(ctx context.Context, req *pbs.SetTargetCredentialSourcesRequest) (*pbs.SetTargetCredentialSourcesResponse, error)

SetTargetCredentialSources implements the interface pbs.TargetServiceServer.

func (Service) SetTargetHostSources 

func (s Service) SetTargetHostSources(ctx context.Context, req *pbs.SetTargetHostSourcesRequest) (*pbs.SetTargetHostSourcesResponse, error)

SetTargetHostSources implements the interface pbs.TargetServiceServer.

func (Service) UpdateTarget 

func (s Service) UpdateTarget(ctx context.Context, req *pbs.UpdateTargetRequest) (*pbs.UpdateTargetResponse, error)

UpdateTarget implements the interface pbs.TargetServiceServer.

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.