cloud

package
v0.0.0-...-5c79d48 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 15, 2024 License: AGPL-3.0 Imports: 56 Imported by: 0

Documentation

Overview

Package cloud contains common methods and utilities for integrations with various cloud providers such as AWS, GCP or Azure.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func WithAWSIntegrationSessionProvider 

func WithAWSIntegrationSessionProvider(sessionProvider AWSIntegrationSessionProvider) func(*cloudClients)

WithAWSIntegrationSessionProvider sets an integration session generator for AWS apis. If a client is requested for a specific Integration, instead of using the ambient credentials, this generator is used to fetch the AWS Session.

Types

type AWSAssumeRoleOptionFn 

type AWSAssumeRoleOptionFn func(*awsAssumeRoleOpts)

AWSAssumeRoleOptionFn is an option function for setting additional options when getting an AWS session.

func WithAmbientCredentials 

func WithAmbientCredentials() AWSAssumeRoleOptionFn

WithAmbientCredentials configures options to use the ambient credentials.

func WithAssumeRole 

func WithAssumeRole(roleARN, externalID string) AWSAssumeRoleOptionFn

WithAssumeRole configures options needed for assuming an AWS role.

func WithAssumeRoleFromAWSMeta 

func WithAssumeRoleFromAWSMeta(meta types.AWS) AWSAssumeRoleOptionFn

WithAssumeRoleFromAWSMeta extracts options needed from AWS metadata for assuming an AWS role.

func WithChainedAssumeRole 

func WithChainedAssumeRole(session *awssession.Session, roleARN, externalID string) AWSAssumeRoleOptionFn

WithChainedAssumeRole sets a role to assume with a base session to use for assuming the role, which enables role chaining.

func WithCredentialsMaybeIntegration 

func WithCredentialsMaybeIntegration(integration string) AWSAssumeRoleOptionFn

WithCredentialsMaybeIntegration sets the credential source to be - ambient if the integration is an empty string - integration, otherwise

type AWSClients 

type AWSClients interface {
	// GetAWSSession returns AWS session for the specified region and any role(s).
	GetAWSSession(ctx context.Context, region string, opts ...AWSAssumeRoleOptionFn) (*awssession.Session, error)
	// GetAWSRDSClient returns AWS RDS client for the specified region.
	GetAWSRDSClient(ctx context.Context, region string, opts ...AWSAssumeRoleOptionFn) (rdsiface.RDSAPI, error)
	// GetAWSRedshiftClient returns AWS Redshift client for the specified region.
	GetAWSRedshiftClient(ctx context.Context, region string, opts ...AWSAssumeRoleOptionFn) (redshiftiface.RedshiftAPI, error)
	// GetAWSRedshiftServerlessClient returns AWS Redshift Serverless client for the specified region.
	GetAWSRedshiftServerlessClient(ctx context.Context, region string, opts ...AWSAssumeRoleOptionFn) (redshiftserverlessiface.RedshiftServerlessAPI, error)
	// GetAWSElastiCacheClient returns AWS ElastiCache client for the specified region.
	GetAWSElastiCacheClient(ctx context.Context, region string, opts ...AWSAssumeRoleOptionFn) (elasticacheiface.ElastiCacheAPI, error)
	// GetAWSMemoryDBClient returns AWS MemoryDB client for the specified region.
	GetAWSMemoryDBClient(ctx context.Context, region string, opts ...AWSAssumeRoleOptionFn) (memorydbiface.MemoryDBAPI, error)
	// GetAWSOpenSearchClient returns AWS OpenSearch client for the specified region.
	GetAWSOpenSearchClient(ctx context.Context, region string, opts ...AWSAssumeRoleOptionFn) (opensearchserviceiface.OpenSearchServiceAPI, error)
	// GetAWSSecretsManagerClient returns AWS Secrets Manager client for the specified region.
	GetAWSSecretsManagerClient(ctx context.Context, region string, opts ...AWSAssumeRoleOptionFn) (secretsmanageriface.SecretsManagerAPI, error)
	// GetAWSIAMClient returns AWS IAM client for the specified region.
	GetAWSIAMClient(ctx context.Context, region string, opts ...AWSAssumeRoleOptionFn) (iamiface.IAMAPI, error)
	// GetAWSSTSClient returns AWS STS client for the specified region.
	GetAWSSTSClient(ctx context.Context, region string, opts ...AWSAssumeRoleOptionFn) (stsiface.STSAPI, error)
	// GetAWSEC2Client returns AWS EC2 client for the specified region.
	GetAWSEC2Client(ctx context.Context, region string, opts ...AWSAssumeRoleOptionFn) (ec2iface.EC2API, error)
	// GetAWSSSMClient returns AWS SSM client for the specified region.
	GetAWSSSMClient(ctx context.Context, region string, opts ...AWSAssumeRoleOptionFn) (ssmiface.SSMAPI, error)
	// GetAWSEKSClient returns AWS EKS client for the specified region.
	GetAWSEKSClient(ctx context.Context, region string, opts ...AWSAssumeRoleOptionFn) (eksiface.EKSAPI, error)
	// GetAWSKMSClient returns AWS KMS client for the specified region.
	GetAWSKMSClient(ctx context.Context, region string, opts ...AWSAssumeRoleOptionFn) (kmsiface.KMSAPI, error)
	// GetAWSS3Client returns AWS S3 client.
	GetAWSS3Client(ctx context.Context, opts ...AWSAssumeRoleOptionFn) (s3iface.S3API, error)
}

AWSClients is an interface for providing AWS API clients.

type AWSIntegrationSessionProvider 

type AWSIntegrationSessionProvider func(ctx context.Context, region string, integration string) (*awssession.Session, error)

AWSIntegrationSessionProvider defines a function that creates an awssession.Session from a Region and an Integration. This is used to generate aws sessions for clients that must use an Integration instead of ambient credentials.

type AzureClients 

type AzureClients interface {
	// GetAzureCredential returns Azure default token credential chain.
	GetAzureCredential() (azcore.TokenCredential, error)
	// GetAzureMySQLClient returns Azure MySQL client for the specified subscription.
	GetAzureMySQLClient(subscription string) (azure.DBServersClient, error)
	// GetAzurePostgresClient returns Azure Postgres client for the specified subscription.
	GetAzurePostgresClient(subscription string) (azure.DBServersClient, error)
	// GetAzureSubscriptionClient returns an Azure Subscriptions client
	GetAzureSubscriptionClient() (*azure.SubscriptionClient, error)
	// GetAzureRedisClient returns an Azure Redis client for the given subscription.
	GetAzureRedisClient(subscription string) (azure.RedisClient, error)
	// GetAzureRedisEnterpriseClient returns an Azure Redis Enterprise client for the given subscription.
	GetAzureRedisEnterpriseClient(subscription string) (azure.RedisEnterpriseClient, error)
	// GetAzureKubernetesClient returns an Azure AKS client for the specified subscription.
	GetAzureKubernetesClient(subscription string) (azure.AKSClient, error)
	// GetAzureVirtualMachinesClient returns an Azure Virtual Machines client for the given subscription.
	GetAzureVirtualMachinesClient(subscription string) (azure.VirtualMachinesClient, error)
	// GetAzureSQLServerClient returns an Azure SQL Server client for the
	// specified subscription.
	GetAzureSQLServerClient(subscription string) (azure.SQLServerClient, error)
	// GetAzureManagedSQLServerClient returns an Azure ManagedSQL Server client
	// for the specified subscription.
	GetAzureManagedSQLServerClient(subscription string) (azure.ManagedSQLServerClient, error)
	// GetAzureMySQLFlexServersClient returns an Azure MySQL Flexible Server client for the
	// specified subscription.
	GetAzureMySQLFlexServersClient(subscription string) (azure.MySQLFlexServersClient, error)
	// GetAzurePostgresFlexServersClient returns an Azure PostgreSQL Flexible Server client for the
	// specified subscription.
	GetAzurePostgresFlexServersClient(subscription string) (azure.PostgresFlexServersClient, error)
	// GetAzureRunCommandClient returns an Azure Run Command client for the given subscription.
	GetAzureRunCommandClient(subscription string) (azure.RunCommandClient, error)
}

AzureClients is an interface for Azure-specific API clients

type Clients 

type Clients interface {
	// GetInstanceMetadataClient returns instance metadata client based on which
	// cloud provider Teleport is running on, if any.
	GetInstanceMetadataClient(ctx context.Context) (InstanceMetadata, error)
	// GCPClients is an interface for providing GCP API clients.
	GCPClients
	// AWSClients is an interface for providing AWS API clients.
	AWSClients
	// AzureClients is an interface for Azure-specific API clients
	AzureClients
	// Closer closes all initialized clients.
	io.Closer
}

Clients provides interface for obtaining cloud provider clients.

func NewClients 

func NewClients(opts ...ClientsOption) (Clients, error)

NewClients returns a new instance of cloud clients retriever.

type ClientsOption 

type ClientsOption func(cfg *cloudClients)

ClientsOption allows setting options as functional arguments to cloudClients.

type DisabledIMDSClient 

type DisabledIMDSClient struct{}

DisabledIMDSClient is an EC2 instance metadata client that is always disabled. This is faster than the default client when not testing instance metadata behavior.

func (*DisabledIMDSClient) GetHostname 

func (d *DisabledIMDSClient) GetHostname(ctx context.Context) (string, error)

func (*DisabledIMDSClient) GetID 

func (d *DisabledIMDSClient) GetID(ctx context.Context) (string, error)

func (*DisabledIMDSClient) GetTags 

func (d *DisabledIMDSClient) GetTags(ctx context.Context) (map[string]string, error)

func (*DisabledIMDSClient) GetType 

func (d *DisabledIMDSClient) GetType() types.InstanceMetadataType

func (*DisabledIMDSClient) IsAvailable 

func (d *DisabledIMDSClient) IsAvailable(ctx context.Context) bool

type GCPClients 

type GCPClients interface {
	// GetGCPIAMClient returns GCP IAM client.
	GetGCPIAMClient(context.Context) (*gcpcredentials.IamCredentialsClient, error)
	// GetGCPSQLAdminClient returns GCP Cloud SQL Admin client.
	GetGCPSQLAdminClient(context.Context) (gcp.SQLAdminClient, error)
	// GetGCPGKEClient returns GKE client.
	GetGCPGKEClient(context.Context) (gcp.GKEClient, error)
	// GetGCPInstancesClient returns instances client.
	GetGCPInstancesClient(context.Context) (gcp.InstancesClient, error)
}

GCPClients is an interface for providing GCP API clients.

type InstanceMetadata 

type InstanceMetadata interface {
	// IsAvailable checks if instance metadata is available.
	IsAvailable(ctx context.Context) bool
	// GetTags gets all of the instance's tags.
	GetTags(ctx context.Context) (map[string]string, error)
	// GetHostname gets the hostname set by the cloud instance that Teleport
	// should use, if any.
	GetHostname(ctx context.Context) (string, error)
	// GetType gets the cloud instance type.
	GetType() types.InstanceMetadataType
	// GetID gets the cloud instance ID.
	GetID(ctx context.Context) (string, error)
}

InstanceMetadata is an interface for fetching information from a cloud service's instance metadata.

func DiscoverInstanceMetadata 

func DiscoverInstanceMetadata(ctx context.Context) (InstanceMetadata, error)

DiscoverInstanceMetadata checks which cloud instance type Teleport is running on, if any.

func NewDisabledIMDSClient 

func NewDisabledIMDSClient() InstanceMetadata

NewDisabledIMDSClient creates a new DisabledIMDSClient.

type TestCloudClients 

type TestCloudClients struct {
	RDS                     rdsiface.RDSAPI
	RDSPerRegion            map[string]rdsiface.RDSAPI
	Redshift                redshiftiface.RedshiftAPI
	RedshiftServerless      redshiftserverlessiface.RedshiftServerlessAPI
	ElastiCache             elasticacheiface.ElastiCacheAPI
	OpenSearch              opensearchserviceiface.OpenSearchServiceAPI
	MemoryDB                memorydbiface.MemoryDBAPI
	SecretsManager          secretsmanageriface.SecretsManagerAPI
	IAM                     iamiface.IAMAPI
	STS                     stsiface.STSAPI
	GCPSQL                  gcp.SQLAdminClient
	GCPGKE                  gcp.GKEClient
	GCPInstances            gcp.InstancesClient
	EC2                     ec2iface.EC2API
	SSM                     ssmiface.SSMAPI
	InstanceMetadata        InstanceMetadata
	EKS                     eksiface.EKSAPI
	KMS                     kmsiface.KMSAPI
	S3                      s3iface.S3API
	AzureMySQL              azure.DBServersClient
	AzureMySQLPerSub        map[string]azure.DBServersClient
	AzurePostgres           azure.DBServersClient
	AzurePostgresPerSub     map[string]azure.DBServersClient
	AzureSubscriptionClient *azure.SubscriptionClient
	AzureRedis              azure.RedisClient
	AzureRedisEnterprise    azure.RedisEnterpriseClient
	AzureAKSClientPerSub    map[string]azure.AKSClient
	AzureAKSClient          azure.AKSClient
	AzureVirtualMachines    azure.VirtualMachinesClient
	AzureSQLServer          azure.SQLServerClient
	AzureManagedSQLServer   azure.ManagedSQLServerClient
	AzureMySQLFlex          azure.MySQLFlexServersClient
	AzurePostgresFlex       azure.PostgresFlexServersClient
	AzureRunCommand         azure.RunCommandClient
}

TestCloudClients are used in tests.

func (*TestCloudClients) Close 

func (c *TestCloudClients) Close() error

Close closes all initialized clients.

func (*TestCloudClients) GetAWSEC2Client 

func (c *TestCloudClients) GetAWSEC2Client(ctx context.Context, region string, opts ...AWSAssumeRoleOptionFn) (ec2iface.EC2API, error)

GetAWSEC2Client returns AWS EC2 client for the specified region.

func (*TestCloudClients) GetAWSEKSClient 

func (c *TestCloudClients) GetAWSEKSClient(ctx context.Context, region string, opts ...AWSAssumeRoleOptionFn) (eksiface.EKSAPI, error)

GetAWSEKSClient returns AWS EKS client for the specified region.

func (*TestCloudClients) GetAWSElastiCacheClient 

func (c *TestCloudClients) GetAWSElastiCacheClient(ctx context.Context, region string, opts ...AWSAssumeRoleOptionFn) (elasticacheiface.ElastiCacheAPI, error)

GetAWSElastiCacheClient returns AWS ElastiCache client for the specified region.

func (*TestCloudClients) GetAWSIAMClient 

func (c *TestCloudClients) GetAWSIAMClient(ctx context.Context, region string, opts ...AWSAssumeRoleOptionFn) (iamiface.IAMAPI, error)

GetAWSIAMClient returns AWS IAM client for the specified region.

func (*TestCloudClients) GetAWSKMSClient 

func (c *TestCloudClients) GetAWSKMSClient(ctx context.Context, region string, opts ...AWSAssumeRoleOptionFn) (kmsiface.KMSAPI, error)

GetAWSKMSClient returns AWS KMS client for the specified region.

func (*TestCloudClients) GetAWSMemoryDBClient 

func (c *TestCloudClients) GetAWSMemoryDBClient(ctx context.Context, region string, opts ...AWSAssumeRoleOptionFn) (memorydbiface.MemoryDBAPI, error)

GetAWSMemoryDBClient returns AWS MemoryDB client for the specified region.

func (*TestCloudClients) GetAWSOpenSearchClient 

func (c *TestCloudClients) GetAWSOpenSearchClient(ctx context.Context, region string, opts ...AWSAssumeRoleOptionFn) (opensearchserviceiface.OpenSearchServiceAPI, error)

GetAWSOpenSearchClient returns AWS OpenSearch client for the specified region.

func (*TestCloudClients) GetAWSRDSClient 

func (c *TestCloudClients) GetAWSRDSClient(ctx context.Context, region string, opts ...AWSAssumeRoleOptionFn) (rdsiface.RDSAPI, error)

GetAWSRDSClient returns AWS RDS client for the specified region.

func (*TestCloudClients) GetAWSRedshiftClient 

func (c *TestCloudClients) GetAWSRedshiftClient(ctx context.Context, region string, opts ...AWSAssumeRoleOptionFn) (redshiftiface.RedshiftAPI, error)

GetAWSRedshiftClient returns AWS Redshift client for the specified region.

func (*TestCloudClients) GetAWSRedshiftServerlessClient 

func (c *TestCloudClients) GetAWSRedshiftServerlessClient(ctx context.Context, region string, opts ...AWSAssumeRoleOptionFn) (redshiftserverlessiface.RedshiftServerlessAPI, error)

GetAWSRedshiftServerlessClient returns AWS Redshift Serverless client for the specified region.

func (*TestCloudClients) GetAWSS3Client 

func (c *TestCloudClients) GetAWSS3Client(ctx context.Context, opts ...AWSAssumeRoleOptionFn) (s3iface.S3API, error)

GetAWSS3Client returns AWS S3 client.

func (*TestCloudClients) GetAWSSSMClient 

func (c *TestCloudClients) GetAWSSSMClient(ctx context.Context, region string, opts ...AWSAssumeRoleOptionFn) (ssmiface.SSMAPI, error)

GetAWSSSMClient returns an AWS SSM client

func (*TestCloudClients) GetAWSSTSClient 

func (c *TestCloudClients) GetAWSSTSClient(ctx context.Context, region string, opts ...AWSAssumeRoleOptionFn) (stsiface.STSAPI, error)

GetAWSSTSClient returns AWS STS client for the specified region.

func (*TestCloudClients) GetAWSSecretsManagerClient 

func (c *TestCloudClients) GetAWSSecretsManagerClient(ctx context.Context, region string, opts ...AWSAssumeRoleOptionFn) (secretsmanageriface.SecretsManagerAPI, error)

GetAWSSecretsManagerClient returns AWS Secrets Manager client for the specified region.

func (*TestCloudClients) GetAWSSession 

func (c *TestCloudClients) GetAWSSession(ctx context.Context, region string, opts ...AWSAssumeRoleOptionFn) (*awssession.Session, error)

GetAWSSession returns AWS session for the specified region, optionally assuming AWS IAM Roles.

func (*TestCloudClients) GetAzureCredential 

func (c *TestCloudClients) GetAzureCredential() (azcore.TokenCredential, error)

GetAzureCredential returns default Azure token credential chain.

func (*TestCloudClients) GetAzureKubernetesClient 

func (c *TestCloudClients) GetAzureKubernetesClient(subscription string) (azure.AKSClient, error)

GetAzureKubernetesClient returns an AKS client for the specified subscription

func (*TestCloudClients) GetAzureManagedSQLServerClient 

func (c *TestCloudClients) GetAzureManagedSQLServerClient(subscription string) (azure.ManagedSQLServerClient, error)

GetAzureManagedSQLServerClient returns an Azure client for listing managed SQL servers.

func (*TestCloudClients) GetAzureMySQLClient 

func (c *TestCloudClients) GetAzureMySQLClient(subscription string) (azure.DBServersClient, error)

GetAzureMySQLClient returns an AzureMySQLClient for the specified subscription

func (*TestCloudClients) GetAzureMySQLFlexServersClient 

func (c *TestCloudClients) GetAzureMySQLFlexServersClient(subscription string) (azure.MySQLFlexServersClient, error)

GetAzureMySQLFlexServersClient returns an Azure MySQL Flexible server client for listing MySQL Flexible servers.

func (*TestCloudClients) GetAzurePostgresClient 

func (c *TestCloudClients) GetAzurePostgresClient(subscription string) (azure.DBServersClient, error)

GetAzurePostgresClient returns an AzurePostgresClient for the specified subscription

func (*TestCloudClients) GetAzurePostgresFlexServersClient 

func (c *TestCloudClients) GetAzurePostgresFlexServersClient(subscription string) (azure.PostgresFlexServersClient, error)

GetAzurePostgresFlexServersClient returns an Azure PostgreSQL Flexible server client for listing PostgreSQL Flexible servers.

func (*TestCloudClients) GetAzureRedisClient 

func (c *TestCloudClients) GetAzureRedisClient(subscription string) (azure.RedisClient, error)

GetAzureRedisClient returns an Azure Redis client for the given subscription.

func (*TestCloudClients) GetAzureRedisEnterpriseClient 

func (c *TestCloudClients) GetAzureRedisEnterpriseClient(subscription string) (azure.RedisEnterpriseClient, error)

GetAzureRedisEnterpriseClient returns an Azure Redis Enterprise client for the given subscription.

func (*TestCloudClients) GetAzureRunCommandClient 

func (c *TestCloudClients) GetAzureRunCommandClient(subscription string) (azure.RunCommandClient, error)

GetAzureRunCommand returns an Azure Run Command client for the given subscription.

func (*TestCloudClients) GetAzureSQLServerClient 

func (c *TestCloudClients) GetAzureSQLServerClient(subscription string) (azure.SQLServerClient, error)

GetAzureSQLServerClient returns an Azure client for listing SQL servers.

func (*TestCloudClients) GetAzureSubscriptionClient 

func (c *TestCloudClients) GetAzureSubscriptionClient() (*azure.SubscriptionClient, error)

GetAzureSubscriptionClient returns an Azure SubscriptionClient

func (*TestCloudClients) GetAzureVirtualMachinesClient 

func (c *TestCloudClients) GetAzureVirtualMachinesClient(subscription string) (azure.VirtualMachinesClient, error)

GetAzureVirtualMachinesClient returns an Azure Virtual Machines client for the given subscription.

func (*TestCloudClients) GetGCPGKEClient 

func (c *TestCloudClients) GetGCPGKEClient(ctx context.Context) (gcp.GKEClient, error)

GetGCPGKEClient returns GKE client.

func (*TestCloudClients) GetGCPIAMClient 

func (c *TestCloudClients) GetGCPIAMClient(ctx context.Context) (*gcpcredentials.IamCredentialsClient, error)

GetGCPIAMClient returns GCP IAM client.

func (*TestCloudClients) GetGCPInstancesClient 

func (c *TestCloudClients) GetGCPInstancesClient(ctx context.Context) (gcp.InstancesClient, error)

GetGCPInstancesClient returns instances client.

func (*TestCloudClients) GetGCPSQLAdminClient 

func (c *TestCloudClients) GetGCPSQLAdminClient(ctx context.Context) (gcp.SQLAdminClient, error)

GetGCPSQLAdminClient returns GCP Cloud SQL Admin client.

func (*TestCloudClients) GetInstanceMetadataClient 

func (c *TestCloudClients) GetInstanceMetadataClient(ctx context.Context) (InstanceMetadata, error)

GetInstanceMetadata returns the instance metadata.

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.