aws

package

v0.0.0-...-0c09f60 Latest Latest Go to latest Published: Apr 19, 2021 License: Apache-2.0 Imports: 24 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/mattermost/genesis

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
func GetProvisioningArtifactID(servicecatalogService *servicecatalog.ServiceCatalog, productID string) (string, error)
func IsErrorCode(err error, code string) bool
func NewAWSSessionWithLogger(config *aws.Config, logger log.FieldLogger) (*session.Session, error)
type AWS
type AssumeRoleCredentialsProvider
- func NewAssumeRoleCredentialsProvider(credentials *sts.Credentials) *AssumeRoleCredentialsProvider
- func (c AssumeRoleCredentialsProvider) IsExpired() bool
- func (c AssumeRoleCredentialsProvider) Retrieve() (credentials.Value, error)
type Client
- func NewAWSClientWithConfig(config *aws.Config, logger log.FieldLogger) *Client
type Service
- func NewService(sess *session.Session) *Service

Constants ¶

View Source

const (
	// DefaultAWSRegion is the default AWS region for AWS resources.
	DefaultAWSRegion = "us-east-1"

	// AccountProvisioningRoleName is the name of the provisioning role that
	// will be used by Genesis and other applications to provision the account.
	AccountProvisioningRoleName = "MattermostAccountProvisioningRole"

	// AccountProductPrefix is the prefix of all account products
	AccountProductPrefix = "cloud-enterprise"

	// AccountEmailPrefix is the prefix of the email created for each account product
	AccountEmailPrefix = "cloud-team"

	// DefaultAWSClientRetries supplies how many time the AWS client will
	// retry a failed call.
	DefaultAWSClientRetries = 3

	// The name of the IAM role to use for TGW share associations.
	TGWShareAssociationRole = "tgw-share-association-role"

	// The ARN of the IAM policy to attach to provisioning role.
	AttachIAMPolicyARN = "arn:aws:iam::aws:policy/AdministratorAccess"
)

Variables ¶

This section is empty.

Functions ¶

func GetProvisioningArtifactID ¶

func GetProvisioningArtifactID(servicecatalogService *servicecatalog.ServiceCatalog, productID string) (string, error)

GetProvisioningArtifactID returns the current active Service Catalog provisioning artifact ID.

func IsErrorCode ¶

func IsErrorCode(err error, code string) bool

IsErrorCode asserts that an AWS error has a certain code.

func NewAWSSessionWithLogger ¶

func NewAWSSessionWithLogger(config *aws.Config, logger log.FieldLogger) (*session.Session, error)

NewAWSSessionWithLogger initializes an AWS session instance with logging handler for debuging only.

Types ¶

type AWS ¶

type AWS interface {
	GetAccountAliases() (*iam.ListAccountAliasesOutput, error)
	GetCloudEnvironmentName() (string, error)
	AssumeRole(roleArn string) (*credentials.Credentials, error)
	GetAccountID() (string, error)
	AssociateTGWShare(resourceShareARN, principalID string) error
	DisassociateTGWShare(resourceShareARN, principalID string) error
}

AWS interface for use by other packages.

type AssumeRoleCredentialsProvider ¶

type AssumeRoleCredentialsProvider struct {
	AssumeRoleCredentials *sts.Credentials
}

AssumeRoleCredentialsProvider describes assume role credentials.

func NewAssumeRoleCredentialsProvider ¶

func NewAssumeRoleCredentialsProvider(credentials *sts.Credentials) *AssumeRoleCredentialsProvider

NewAssumeRoleCredentialsProvider returns AssumeRoleCredentialsProvider using provided credentials.

func (AssumeRoleCredentialsProvider) IsExpired ¶

func (c AssumeRoleCredentialsProvider) IsExpired() bool

IsExpired checks if the assume role session has expired.

func (AssumeRoleCredentialsProvider) Retrieve ¶

func (c AssumeRoleCredentialsProvider) Retrieve() (credentials.Value, error)

Retrieve returns the creds values.

type Client ¶

type Client struct {
	// contains filtered or unexported fields
}

Client is a client for interacting with AWS resources.

func NewAWSClientWithConfig ¶

func NewAWSClientWithConfig(config *aws.Config, logger log.FieldLogger) *Client

NewAWSClientWithConfig returns a new instance of Client with a custom configuration.

func (*Client) AssociateTGWShare ¶

func (a *Client) AssociateTGWShare(resourceShareARN, principalID string) error

func (*Client) AssumeRole ¶

func (a *Client) AssumeRole(roleArn string) (*credentials.Credentials, error)

AssumeRole assumes an IAM role using local credentials and returns credentials.

func (*Client) AttachIAMPolicy ¶

func (a *Client) AttachIAMPolicy(trustAccountID string) error

AttachIAMPolicy is used to attach an IAM policy to the provisioning role in new accounts.

func (*Client) CreateProvisioningIAMRole ¶

func (a *Client) CreateProvisioningIAMRole(trustAccountID string) error

CreateProvisioningIAMRole is used to create the provisioning role in new accounts.

func (*Client) DeleteServiceCatalogProduct ¶

func (a *Client) DeleteServiceCatalogProduct(productID string) error

DeleteServiceCatalogProduct deletes a service catalog product.

func (*Client) DisassociateTGWShare ¶

func (a *Client) DisassociateTGWShare(resourceShareARN, principalID string) error

func (*Client) GetAccountAliases ¶

func (c *Client) GetAccountAliases() (*iam.ListAccountAliasesOutput, error)

GetAccountAliases returns the AWS account name aliases.

func (*Client) GetAccountDetails ¶

func (a *Client) GetAccountDetails(account *model.Account) error

GetAccountDetails returns the details of an AWS account, such as account physical and product ID.

func (*Client) GetAccountID ¶

func (a *Client) GetAccountID() (string, error)

GetAccountID gets the current AWS Account ID

func (*Client) GetCloudEnvironmentName ¶

func (c *Client) GetCloudEnvironmentName() (string, error)

GetCloudEnvironmentName looks for a standard cloud account environment name and returns it.

func (*Client) GetProvisioningArtifactID ¶

func (a *Client) GetProvisioningArtifactID(productID string) (string, error)

GetProvisioningArtifactID returns the current active Service Catalog provisioning artifact ID.

func (*Client) ProvisionProduct ¶

func (a *Client) ProvisionProduct(input servicecatalog.ProvisionProductInput) (*servicecatalog.ProvisionProductOutput, error)

ProvisionProduct calls the AWS API to provision a new service catalog product.

func (*Client) ProvisionServiceCatalogProduct ¶

func (a *Client) ProvisionServiceCatalogProduct(ssoUserEmail, ssoFirstName, ssoLastName, managedOU string, account *model.Account) error

ProvisionServiceCatalogProduct handles the steps to provision a new service catalog product.

func (*Client) Service ¶

func (c *Client) Service() *Service

Service contructs an AWS session if not yet successfully done and returns AWS clients.

func (*Client) ValidateAccount ¶

func (a *Client) ValidateAccount(account *model.Account) (bool, error)

ValidateAccount checks if an AWS account is in status available state.

func (*Client) WaitForAccountReadiness ¶

func (a *Client) WaitForAccountReadiness(account *model.Account, timeout int) error

WaitForAccountReadiness is checking if a new account is in ready state.

type Service ¶

type Service struct {
	// contains filtered or unexported fields
}

Service hold AWS clients for each service.

func NewService ¶

func NewService(sess *session.Session) *Service

NewService creates a new instance of Service.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL