Documentation
¶
Index ¶
- Constants
- func EC2FiltersFromEC2Tags(tags []ec2types.Tag) []ec2types.Filter
- func EC2FiltersFromTags(tags []models.Tag) []ec2types.Filter
- func EC2TagsFromScanMetadata(meta provider.ScanMetadata) []ec2types.Tag
- func WrapError(err error) error
- type Config
- type FatalError
- type Instance
- type Location
- type Provider
- func (p *Provider) DiscoverAssets(ctx context.Context) provider.AssetDiscoverer
- func (p *Provider) Estimate(ctx context.Context, assetScanStats models.AssetScanStats, asset *models.Asset, ...) (*models.Estimation, error)
- func (p *Provider) GetInstances(ctx context.Context, filters []ec2types.Filter, regionID string) ([]Instance, error)
- func (p *Provider) Kind() models.CloudProvider
- func (p *Provider) ListAllRegions(ctx context.Context) ([]Region, error)
- func (p *Provider) RemoveAssetScan(ctx context.Context, config *provider.ScanJobConfig) error
- func (p *Provider) RunAssetScan(ctx context.Context, config *provider.ScanJobConfig) error
- type Region
- type RetryableError
- type ScanScope
- type Snapshot
- type VPC
- type Volume
- func (v *Volume) CreateSnapshot(ctx context.Context) (*Snapshot, error)
- func (v *Volume) Delete(ctx context.Context) error
- func (v *Volume) IsAttached(ctx context.Context) (bool, error)
- func (v *Volume) IsReady(ctx context.Context) (bool, error)
- func (v *Volume) WaitForReady(ctx context.Context, timeout time.Duration, interval time.Duration) error
Constants ¶
View Source
const ( DefaultEnvPrefix = "VMCLARITY_AWS" DefaultScannerInstanceType = "t2.large" DefaultBlockDeviceName = "xvdh" )
View Source
const ( DefaultRetryAfter = 5 * time.Second RetryServerErrorAfter = time.Minute InstanceReadynessAfter = 5 * time.Minute SnapshotReadynessAfter = 5 * time.Minute VolumeReadynessAfter = 5 * time.Minute VolumeAttachmentReadynessAfter = 2 * time.Minute )
View Source
const ( EC2TagKeyOwner = "Owner" EC2TagKeyName = "Name" EC2TagValueNamePattern = "vmclarity-scanner-%s" EC2TagValueOwner = "VMClarity" EC2TagKeyScanID = "VMClarity.ScanID" EC2TagKeyAssetScanID = "VMClarity.AssetScanID" EC2TagKeyAssetID = "VMClarity.AssetID" EC2TagKeyAssetVolumeID = "VMClarity.AssetVolumeID" EC2SnapshotDescription = "Volume snapshot created by VMClarity for scanning" )
View Source
const ( VpcIDFilterName = "vpc-id" SecurityGroupIDFilterName = "instance.group-id" InstanceStateFilterName = "instance-state-name" SnapshotIDFilterName = "snapshot-id" )
View Source
const LocationSeparator = "/"
Variables ¶
This section is empty.
Functions ¶
func EC2TagsFromScanMetadata ¶
func EC2TagsFromScanMetadata(meta provider.ScanMetadata) []ec2types.Tag
Types ¶
type Config ¶
type Config struct {
// Region where the Scanner instance needs to be created
ScannerRegion string `mapstructure:"scanner_region"`
// SubnetID where the Scanner instance needs to be created
SubnetID string `mapstructure:"subnet_id"`
// SecurityGroupID which needs to be attached to the Scanner instance
SecurityGroupID string `mapstructure:"security_group_id"`
// KeyPairName is the name of the SSH KeyPair to use for Scanner instance launch
KeyPairName string `mapstructure:"keypair_name"`
// ScannerImage is the AMI image used for creating Scanner instance
ScannerImage string `mapstructure:"scanner_ami_id"`
// ScannerInstanceType is the instance type used for Scanner instance
ScannerInstanceType string `mapstructure:"scanner_instance_type"`
// BlockDeviceName contains the block device name used for attaching Scanner volume to the Scanner instance
BlockDeviceName string `mapstructure:"block_device_name"`
}
type FatalError ¶
type FatalError = provider.FatalError
type Instance ¶
type Instance struct {
ID string
Region string
VpcID string
SecurityGroups []models.SecurityGroup
AvailabilityZone string
Image string
InstanceType string
Platform string
Tags []models.Tag
LaunchTime time.Time
RootDeviceName string
RootVolumeSizeGB int32
RootVolumeEncrypted models.RootVolumeEncrypted
Volumes []Volume
Metadata provider.ScanMetadata
// contains filtered or unexported fields
}
func (*Instance) AttachVolume ¶
nolint:cyclop
func (*Instance) RootVolume ¶
type Provider ¶
type Provider struct {
// contains filtered or unexported fields
}
func (*Provider) DiscoverAssets ¶
func (p *Provider) DiscoverAssets(ctx context.Context) provider.AssetDiscoverer
nolint:cyclop
func (*Provider) Estimate ¶
func (p *Provider) Estimate(ctx context.Context, assetScanStats models.AssetScanStats, asset *models.Asset, assetScanTemplate *models.AssetScanTemplate) (*models.Estimation, error)
func (*Provider) GetInstances ¶
func (*Provider) Kind ¶
func (p *Provider) Kind() models.CloudProvider
func (*Provider) ListAllRegions ¶
func (*Provider) RemoveAssetScan ¶
RemoveAssetScan removes all the cloud resources associated with a Scan defined by config parameter. The operation is idempotent, therefore it is safe to call it multiple times. nolint:cyclop,gocognit
func (*Provider) RunAssetScan ¶
nolint:cyclop,gocognit,maintidx
type RetryableError ¶
type RetryableError = provider.RetryableError
type ScanScope ¶
type ScanScope struct {
AllRegions bool
Regions []Region
ScanStopped bool
// Only assets that have these tags will be selected for scanning within the selected scan scope.
// Multiple tags will be treated as an AND operator.
TagSelector []models.Tag
// Assets that have these tags will be excluded from the scan, even if they match the tag selector.
// Multiple tags will be treated as an AND operator.
ExcludeTags []models.Tag
}
type Snapshot ¶
type Snapshot struct {
ID string
Region string
Metadata provider.ScanMetadata
VolumeID string
// contains filtered or unexported fields
}
func (*Snapshot) CreateVolume ¶
type VPC ¶
type VPC struct {
ID string
SecurityGroups []models.SecurityGroup
}
type Volume ¶
type Volume struct {
ID string
Region string
BlockDeviceName string
Metadata provider.ScanMetadata
// contains filtered or unexported fields
}
func (*Volume) CreateSnapshot ¶
Source Files
¶
Directories
Click to show internal directories.
Click to hide internal directories.