Documentation ¶
Index ¶
- Constants
- func GetProvisioningArtifactID(servicecatalogService *servicecatalog.ServiceCatalog, productID string) (string, error)
- func IsErrorCode(err error, code string) bool
- func NewAWSSessionWithLogger(config *aws.Config, logger log.FieldLogger) (*session.Session, error)
- type AWS
- type AssumeRoleCredentialsProvider
- type Client
- func (a *Client) AssociateTGWShare(resourceShareARN, principalID string) error
- func (a *Client) AssumeRole(roleArn string) (*credentials.Credentials, error)
- func (a *Client) AttachIAMPolicy(trustAccountID string) error
- func (a *Client) CreateProvisioningIAMRole(trustAccountID string) error
- func (a *Client) DeleteServiceCatalogProduct(productID string) error
- func (a *Client) DisassociateTGWShare(resourceShareARN, principalID string) error
- func (c *Client) GetAccountAliases() (*iam.ListAccountAliasesOutput, error)
- func (a *Client) GetAccountDetails(account *model.Account) error
- func (a *Client) GetAccountID() (string, error)
- func (c *Client) GetCloudEnvironmentName() (string, error)
- func (a *Client) GetProvisioningArtifactID(productID string) (string, error)
- func (a *Client) ProvisionProduct(input servicecatalog.ProvisionProductInput) (*servicecatalog.ProvisionProductOutput, error)
- func (a *Client) ProvisionServiceCatalogProduct(ssoUserEmail, ssoFirstName, ssoLastName, managedOU string, ...) error
- func (c *Client) Service() *Service
- func (a *Client) ValidateAccount(account *model.Account) (bool, error)
- func (a *Client) WaitForAccountReadiness(account *model.Account, timeout int) error
- type Service
Constants ¶
const ( // DefaultAWSRegion is the default AWS region for AWS resources. DefaultAWSRegion = "us-east-1" // AccountProvisioningRoleName is the name of the provisioning role that // will be used by Genesis and other applications to provision the account. AccountProvisioningRoleName = "MattermostAccountProvisioningRole" // AccountProductPrefix is the prefix of all account products AccountProductPrefix = "cloud-enterprise" // AccountEmailPrefix is the prefix of the email created for each account product AccountEmailPrefix = "cloud-team" // DefaultAWSClientRetries supplies how many time the AWS client will // retry a failed call. DefaultAWSClientRetries = 3 TGWShareAssociationRole = "tgw-share-association-role" // The ARN of the IAM policy to attach to provisioning role. AttachIAMPolicyARN = "arn:aws:iam::aws:policy/AdministratorAccess" )
Variables ¶
This section is empty.
Functions ¶
func GetProvisioningArtifactID ¶
func GetProvisioningArtifactID(servicecatalogService *servicecatalog.ServiceCatalog, productID string) (string, error)
GetProvisioningArtifactID returns the current active Service Catalog provisioning artifact ID.
func IsErrorCode ¶
IsErrorCode asserts that an AWS error has a certain code.
func NewAWSSessionWithLogger ¶
NewAWSSessionWithLogger initializes an AWS session instance with logging handler for debuging only.
Types ¶
type AWS ¶
type AWS interface { GetAccountAliases() (*iam.ListAccountAliasesOutput, error) GetCloudEnvironmentName() (string, error) AssumeRole(roleArn string) (*credentials.Credentials, error) GetAccountID() (string, error) }
AWS interface for use by other packages.
type AssumeRoleCredentialsProvider ¶
type AssumeRoleCredentialsProvider struct {
AssumeRoleCredentials *sts.Credentials
}
AssumeRoleCredentialsProvider describes assume role credentials.
func NewAssumeRoleCredentialsProvider ¶
func NewAssumeRoleCredentialsProvider(credentials *sts.Credentials) *AssumeRoleCredentialsProvider
NewAssumeRoleCredentialsProvider returns AssumeRoleCredentialsProvider using provided credentials.
func (AssumeRoleCredentialsProvider) IsExpired ¶
func (c AssumeRoleCredentialsProvider) IsExpired() bool
IsExpired checks if the assume role session has expired.
func (AssumeRoleCredentialsProvider) Retrieve ¶
func (c AssumeRoleCredentialsProvider) Retrieve() (credentials.Value, error)
Retrieve returns the creds values.
type Client ¶
type Client struct {
// contains filtered or unexported fields
}
Client is a client for interacting with AWS resources.
func NewAWSClientWithConfig ¶
func NewAWSClientWithConfig(config *aws.Config, logger log.FieldLogger) *Client
NewAWSClientWithConfig returns a new instance of Client with a custom configuration.
func (*Client) AssociateTGWShare ¶
func (*Client) AssumeRole ¶
func (a *Client) AssumeRole(roleArn string) (*credentials.Credentials, error)
AssumeRole assumes an IAM role using local credentials and returns credentials.
func (*Client) AttachIAMPolicy ¶
AttachIAMPolicy is used to attach an IAM policy to the provisioning role in new accounts.
func (*Client) CreateProvisioningIAMRole ¶
CreateProvisioningIAMRole is used to create the provisioning role in new accounts.
func (*Client) DeleteServiceCatalogProduct ¶
DeleteServiceCatalogProduct deletes a service catalog product.
func (*Client) DisassociateTGWShare ¶
func (*Client) GetAccountAliases ¶
func (c *Client) GetAccountAliases() (*iam.ListAccountAliasesOutput, error)
GetAccountAliases returns the AWS account name aliases.
func (*Client) GetAccountDetails ¶
GetAccountDetails returns the details of an AWS account, such as account physical and product ID.
func (*Client) GetAccountID ¶
GetAccountID gets the current AWS Account ID
func (*Client) GetCloudEnvironmentName ¶
GetCloudEnvironmentName looks for a standard cloud account environment name and returns it.
func (*Client) GetProvisioningArtifactID ¶
GetProvisioningArtifactID returns the current active Service Catalog provisioning artifact ID.
func (*Client) ProvisionProduct ¶
func (a *Client) ProvisionProduct(input servicecatalog.ProvisionProductInput) (*servicecatalog.ProvisionProductOutput, error)
ProvisionProduct calls the AWS API to provision a new service catalog product.
func (*Client) ProvisionServiceCatalogProduct ¶
func (a *Client) ProvisionServiceCatalogProduct(ssoUserEmail, ssoFirstName, ssoLastName, managedOU string, account *model.Account) error
ProvisionServiceCatalogProduct handles the steps to provision a new service catalog product.
func (*Client) Service ¶
Service contructs an AWS session if not yet successfully done and returns AWS clients.
func (*Client) ValidateAccount ¶
ValidateAccount checks if an AWS account is in status available state.