Documentation
¶
Index ¶
- Variables
- func CheckOrgPolicyConstraints(p *Preflight) error
- func CheckPermissions(p *Preflight) error
- func FetchCaller(p *Preflight) error
- func FetchDetails(p *Preflight) error
- func FetchPolicies(p *Preflight) error
- type Caller
- type Details
- type IntegrationType
- type Params
- type Preflight
- type Result
Constants ¶
This section is empty.
Variables ¶
View Source
var RequiredPermissions = map[IntegrationType][]string{ Agentless: { "cloudscheduler.jobs.create", "cloudscheduler.jobs.delete", "cloudscheduler.jobs.enable", "cloudscheduler.jobs.get", "cloudscheduler.jobs.list", "cloudscheduler.locations.list", "compute.projects.get", "iam.roles.create", "iam.roles.delete", "iam.roles.get", "iam.roles.list", "iam.roles.undelete", "iam.roles.update", "iam.serviceAccountKeys.create", "iam.serviceAccountKeys.delete", "iam.serviceAccountKeys.get", "iam.serviceAccountKeys.list", "iam.serviceAccounts.create", "iam.serviceAccounts.actAs", "iam.serviceAccounts.delete", "iam.serviceAccounts.get", "iam.serviceAccounts.list", "resourcemanager.organizations.get", "resourcemanager.organizations.getIamPolicy", "resourcemanager.organizations.setIamPolicy", "resourcemanager.projects.get", "resourcemanager.projects.getIamPolicy", "resourcemanager.projects.setIamPolicy", "run.jobs.create", "run.jobs.delete", "run.jobs.get", "run.jobs.list", "run.operations.get", "run.operations.list", "secretmanager.secrets.create", "secretmanager.secrets.delete", "secretmanager.secrets.get", "secretmanager.secrets.getIamPolicy", "secretmanager.secrets.list", "secretmanager.secrets.setIamPolicy", "secretmanager.versions.access", "secretmanager.versions.add", "secretmanager.versions.destroy", "secretmanager.versions.enable", "secretmanager.versions.get", "secretmanager.versions.list", "serviceusage.quotas.get", "serviceusage.services.get", "serviceusage.services.list", "storage.buckets.create", "storage.buckets.delete", "storage.buckets.get", "storage.buckets.getIamPolicy", "storage.buckets.list", "storage.buckets.setIamPolicy", "storage.objects.delete", }, AuditLog: { "cloudscheduler.locations.list", "compute.projects.get", "iam.roles.create", "iam.roles.delete", "iam.roles.get", "iam.roles.list", "iam.roles.undelete", "iam.roles.update", "iam.serviceAccountKeys.create", "iam.serviceAccountKeys.delete", "iam.serviceAccountKeys.get", "iam.serviceAccountKeys.list", "iam.serviceAccounts.create", "iam.serviceAccounts.delete", "iam.serviceAccounts.get", "iam.serviceAccounts.list", "logging.sinks.create", "logging.sinks.delete", "logging.sinks.get", "logging.sinks.list", "pubsub.subscriptions.create", "pubsub.subscriptions.delete", "pubsub.subscriptions.get", "pubsub.subscriptions.getIamPolicy", "pubsub.subscriptions.list", "pubsub.subscriptions.setIamPolicy", "pubsub.topics.attachSubscription", "pubsub.topics.create", "pubsub.topics.delete", "pubsub.topics.get", "pubsub.topics.getIamPolicy", "pubsub.topics.list", "pubsub.topics.setIamPolicy", "resourcemanager.projects.get", "resourcemanager.projects.getIamPolicy", "resourcemanager.projects.setIamPolicy", "serviceusage.quotas.get", "serviceusage.services.get", "serviceusage.services.list", }, Config: { "cloudscheduler.locations.list", "iam.roles.create", "iam.roles.delete", "iam.roles.get", "iam.roles.list", "iam.roles.undelete", "iam.roles.update", "iam.serviceAccountKeys.create", "iam.serviceAccountKeys.delete", "iam.serviceAccountKeys.disable", "iam.serviceAccountKeys.enable", "iam.serviceAccountKeys.get", "iam.serviceAccountKeys.list", "iam.serviceAccounts.create", "iam.serviceAccounts.delete", "iam.serviceAccounts.disable", "iam.serviceAccounts.enable", "iam.serviceAccounts.get", "iam.serviceAccounts.getIamPolicy", "iam.serviceAccounts.list", "iam.serviceAccounts.setIamPolicy", "iam.serviceAccounts.undelete", "iam.serviceAccounts.update", "monitoring.timeSeries.list", "resourcemanager.projects.get", "resourcemanager.projects.getIamPolicy", "resourcemanager.projects.list", "resourcemanager.projects.setIamPolicy", "serviceusage.quotas.get", "serviceusage.quotas.update", "serviceusage.services.disable", "serviceusage.services.enable", "serviceusage.services.get", "serviceusage.services.list", "serviceusage.services.use", }, }
View Source
var RequiredPermissionsForOrg = map[IntegrationType][]string{ Agentless: { "cloudscheduler.jobs.create", "cloudscheduler.jobs.delete", "cloudscheduler.jobs.enable", "cloudscheduler.jobs.get", "cloudscheduler.jobs.list", "cloudscheduler.locations.list", "compute.projects.get", "iam.roles.create", "iam.roles.delete", "iam.roles.get", "iam.roles.list", "iam.roles.undelete", "iam.roles.update", "iam.serviceAccountKeys.create", "iam.serviceAccountKeys.delete", "iam.serviceAccountKeys.get", "iam.serviceAccountKeys.list", "iam.serviceAccounts.actAs", "iam.serviceAccounts.create", "iam.serviceAccounts.delete", "iam.serviceAccounts.get", "iam.serviceAccounts.list", "resourcemanager.projects.get", "resourcemanager.projects.getIamPolicy", "resourcemanager.projects.setIamPolicy", "run.jobs.create", "run.jobs.delete", "run.jobs.get", "run.jobs.list", "run.operations.get", "run.operations.list", "secretmanager.secrets.create", "secretmanager.secrets.delete", "secretmanager.secrets.get", "secretmanager.secrets.getIamPolicy", "secretmanager.secrets.list", "secretmanager.secrets.setIamPolicy", "secretmanager.versions.access", "secretmanager.versions.add", "secretmanager.versions.destroy", "secretmanager.versions.enable", "secretmanager.versions.get", "secretmanager.versions.list", "serviceusage.quotas.get", "serviceusage.services.get", "serviceusage.services.list", "storage.buckets.create", "storage.buckets.delete", "storage.buckets.get", "storage.buckets.getIamPolicy", "storage.buckets.list", "storage.buckets.setIamPolicy", "storage.objects.delete", }, AuditLog: { "billing.accounts.get", "billing.accounts.getIamPolicy", "billing.accounts.list", "billing.accounts.redeemPromotion", "billing.credits.list", "billing.resourceAssociations.create", "cloudscheduler.locations.list", "essentialcontacts.contacts.create", "essentialcontacts.contacts.delete", "essentialcontacts.contacts.get", "essentialcontacts.contacts.list", "essentialcontacts.contacts.send", "essentialcontacts.contacts.update", "logging.buckets.create", "logging.buckets.delete", "logging.buckets.get", "logging.buckets.list", "logging.buckets.undelete", "logging.buckets.update", "logging.exclusions.create", "logging.exclusions.delete", "logging.exclusions.get", "logging.exclusions.list", "logging.exclusions.update", "logging.links.create", "logging.links.delete", "logging.links.get", "logging.links.list", "logging.locations.get", "logging.locations.list", "logging.logMetrics.create", "logging.logMetrics.delete", "logging.logMetrics.get", "logging.logMetrics.list", "logging.logMetrics.update", "logging.logs.list", "logging.logServiceIndexes.list", "logging.logServices.list", "logging.notificationRules.create", "logging.notificationRules.delete", "logging.notificationRules.get", "logging.notificationRules.list", "logging.notificationRules.update", "logging.operations.cancel", "logging.operations.get", "logging.operations.list", "logging.settings.get", "logging.settings.update", "logging.sinks.create", "logging.sinks.delete", "logging.sinks.get", "logging.sinks.list", "logging.sinks.update", "logging.views.create", "logging.views.delete", "logging.views.get", "logging.views.list", "logging.views.update", "orgpolicy.constraints.list", "orgpolicy.policies.list", "orgpolicy.policy.get", "resourcemanager.folders.get", "resourcemanager.folders.getIamPolicy", "resourcemanager.folders.list", "resourcemanager.folders.setIamPolicy", "resourcemanager.organizations.get", "resourcemanager.organizations.getIamPolicy", "resourcemanager.organizations.setIamPolicy", "resourcemanager.projects.get", "resourcemanager.projects.getIamPolicy", "resourcemanager.projects.list", "resourcemanager.projects.setIamPolicy", }, Config: { "billing.accounts.get", "billing.accounts.getIamPolicy", "billing.accounts.list", "billing.accounts.redeemPromotion", "billing.credits.list", "billing.resourceAssociations.create", "cloudscheduler.locations.list", "essentialcontacts.contacts.create", "essentialcontacts.contacts.delete", "essentialcontacts.contacts.get", "essentialcontacts.contacts.list", "essentialcontacts.contacts.send", "essentialcontacts.contacts.update", "iam.roles.create", "iam.roles.delete", "iam.roles.get", "iam.roles.list", "iam.roles.undelete", "iam.roles.update", "orgpolicy.constraints.list", "orgpolicy.policies.list", "orgpolicy.policy.get", "resourcemanager.folders.get", "resourcemanager.folders.getIamPolicy", "resourcemanager.folders.list", "resourcemanager.folders.setIamPolicy", "resourcemanager.organizations.get", "resourcemanager.organizations.getIamPolicy", "resourcemanager.organizations.setIamPolicy", "resourcemanager.projects.get", "resourcemanager.projects.getIamPolicy", "resourcemanager.projects.list", "resourcemanager.projects.setIamPolicy", }, }
Functions ¶
func CheckOrgPolicyConstraints ¶ added in v2.5.0
func CheckPermissions ¶
func FetchCaller ¶
func FetchDetails ¶
func FetchPolicies ¶
Types ¶
type Details ¶
type Details struct {
SchedulerRegions []string // Supported regions for Cloud Scheduler. Used for Agentless.
}
type IntegrationType ¶
type IntegrationType string
const ( Agentless IntegrationType = "gcp_agentless" AuditLog IntegrationType = "gcp_audit_log" Config IntegrationType = "gcp_config" )
type Preflight ¶
type Preflight struct {
// contains filtered or unexported fields
}
func (*Preflight) SetVerboseWriter ¶ added in v2.3.0
func (p *Preflight) SetVerboseWriter(vw verbosewriter.WriteCloser)
Overwrite the default verbose writer
Source Files
Click to show internal directories.
Click to hide internal directories.