awsclient

package

v0.0.0-...-31be032 Latest Latest Go to latest Published: Apr 16, 2024 License: Apache-2.0 Imports: 37 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/openshift/aws-account-operator

Documentation ¶

Index ¶

func CheckIAMUserExists(reqLogger logr.Logger, client Client, userName string) (bool, *iam.GetUserOutput, error)
func CreateIAMUser(reqLogger logr.Logger, client Client, account *awsv1alpha1.Account, ...) (*iam.CreateUserOutput, error)
func ListIAMRoles(reqLogger logr.Logger, client Client) ([]*iam.Role, error)
func ListIAMUserTags(reqLogger logr.Logger, client Client, userName string) (*iam.ListUserTagsOutput, error)
func ListIAMUsers(reqLogger logr.Logger, client Client) ([]*iam.User, error)
type AWSAccountOperatorTags
type AWSTag
type AWSTagBuilder
type Builder
- func (rp *Builder) GetClient(controllerName string, kubeClient kubeclientpkg.Client, ...) (Client, error)
type Client
type IBuilder
type NewAwsClientInput

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func CheckIAMUserExists ¶

func CheckIAMUserExists(reqLogger logr.Logger, client Client, userName string) (bool, *iam.GetUserOutput, error)

CheckIAMUserExists checks if a given IAM user exists within an account Takes a logger, an AWS client for the target account, and a target IAM username

func CreateIAMUser ¶

func CreateIAMUser(reqLogger logr.Logger, client Client, account *awsv1alpha1.Account, userName string, managedTags []AWSTag, customTags []AWSTag) (*iam.CreateUserOutput, error)

CreateIAMUser creates a new IAM user in the target AWS account

func ListIAMRoles ¶

func ListIAMRoles(reqLogger logr.Logger, client Client) ([]*iam.Role, error)

ListIAMRoles returns an *iam.Role list of roles in the AWS account

func ListIAMUserTags ¶

func ListIAMUserTags(reqLogger logr.Logger, client Client, userName string) (*iam.ListUserTagsOutput, error)

ListIAMUserTags returns a list of the tags assigned to an IAM user in AWS

func ListIAMUsers ¶

func ListIAMUsers(reqLogger logr.Logger, client Client) ([]*iam.User, error)

ListIAMUsers returns an *iam.User list of users from the current account

Types ¶

type AWSAccountOperatorTags ¶

type AWSAccountOperatorTags struct {
	Tags []AWSTag
}

AWSAccountOperatorTags contains a list of tags to be applied to resources created by the aws-account-operator

var AWSTags *AWSAccountOperatorTags

AWSTags implements AWSTagBuilder to return AWS Tags

func (*AWSAccountOperatorTags) BuildTags ¶

func (t *AWSAccountOperatorTags) BuildTags(account *awsv1alpha1.Account, managedTags []AWSTag, customTags []AWSTag) AWSTagBuilder

BuildTags initializes AWSTags with required tags

func (*AWSAccountOperatorTags) GetEC2Tags ¶

func (t *AWSAccountOperatorTags) GetEC2Tags() []*ec2.Tag

GetEC2Tags returns EC2 tags

func (*AWSAccountOperatorTags) GetIAMTags ¶

func (t *AWSAccountOperatorTags) GetIAMTags() []*iam.Tag

GetIAMTags returns IAM tags

type AWSTagBuilder ¶

type AWSTagBuilder interface {
	GetIAMTags() []*iam.Tag
	GetEC2Tags() []*ec2.Tag
}

AWSTagBuilder provides a common interface to generate AWS Tags

type Builder ¶

type Builder struct{}

Builder is an IBuilder implementation that knows how to produce a real AWS Client (i.e. one that really talks to the AWS APIs).

func (*Builder) GetClient ¶

func (rp *Builder) GetClient(controllerName string, kubeClient kubeclientpkg.Client, input NewAwsClientInput) (Client, error)

GetClient generates a real awsclient function must include region Pass in token if sessions requires a token if it includes a secretName and nameSpace it will create credentials from that secret data If it includes awsCredsSecretIDKey and awsCredsSecretAccessKey it will build credentials from those

type Client ¶

type Client interface {
	//Account
	EnableRegion(*account.EnableRegionInput) (*account.EnableRegionOutput, error)
	GetRegionOptStatus(input *account.GetRegionOptStatusInput) (*account.GetRegionOptStatusOutput, error)

	//EC2
	RunInstances(*ec2.RunInstancesInput) (*ec2.Reservation, error)
	DescribeInstanceStatus(*ec2.DescribeInstanceStatusInput) (*ec2.DescribeInstanceStatusOutput, error)
	TerminateInstances(*ec2.TerminateInstancesInput) (*ec2.TerminateInstancesOutput, error)
	DescribeVolumes(*ec2.DescribeVolumesInput) (*ec2.DescribeVolumesOutput, error)
	DeleteVolume(*ec2.DeleteVolumeInput) (*ec2.DeleteVolumeOutput, error)
	DescribeSnapshots(*ec2.DescribeSnapshotsInput) (*ec2.DescribeSnapshotsOutput, error)
	DeleteSnapshot(*ec2.DeleteSnapshotInput) (*ec2.DeleteSnapshotOutput, error)
	DescribeImages(*ec2.DescribeImagesInput) (*ec2.DescribeImagesOutput, error)
	DescribeInstances(*ec2.DescribeInstancesInput) (*ec2.DescribeInstancesOutput, error)
	DescribeInstanceTypes(*ec2.DescribeInstanceTypesInput) (*ec2.DescribeInstanceTypesOutput, error)
	DescribeRegions(input *ec2.DescribeRegionsInput) (*ec2.DescribeRegionsOutput, error)
	DescribeVpcEndpointServiceConfigurations(input *ec2.DescribeVpcEndpointServiceConfigurationsInput) (*ec2.DescribeVpcEndpointServiceConfigurationsOutput, error)
	DeleteVpcEndpointServiceConfigurations(*ec2.DeleteVpcEndpointServiceConfigurationsInput) (*ec2.DeleteVpcEndpointServiceConfigurationsOutput, error)
	DescribeVpcs(*ec2.DescribeVpcsInput) (*ec2.DescribeVpcsOutput, error)
	CreateVpc(*ec2.CreateVpcInput) (*ec2.CreateVpcOutput, error)
	DeleteVpc(*ec2.DeleteVpcInput) (*ec2.DeleteVpcOutput, error)
	DescribeSubnets(*ec2.DescribeSubnetsInput) (*ec2.DescribeSubnetsOutput, error)
	CreateSubnet(*ec2.CreateSubnetInput) (*ec2.CreateSubnetOutput, error)
	DeleteSubnet(*ec2.DeleteSubnetInput) (*ec2.DeleteSubnetOutput, error)

	//IAM
	CreateAccessKey(*iam.CreateAccessKeyInput) (*iam.CreateAccessKeyOutput, error)
	CreateUser(*iam.CreateUserInput) (*iam.CreateUserOutput, error)
	DeleteAccessKey(*iam.DeleteAccessKeyInput) (*iam.DeleteAccessKeyOutput, error)
	DeleteUser(*iam.DeleteUserInput) (*iam.DeleteUserOutput, error)
	DeleteUserPolicy(*iam.DeleteUserPolicyInput) (*iam.DeleteUserPolicyOutput, error)
	GetUser(*iam.GetUserInput) (*iam.GetUserOutput, error)
	ListUsers(*iam.ListUsersInput) (*iam.ListUsersOutput, error)
	ListUsersPages(*iam.ListUsersInput, func(*iam.ListUsersOutput, bool) bool) error
	ListUserTags(*iam.ListUserTagsInput) (*iam.ListUserTagsOutput, error)
	ListAccessKeys(*iam.ListAccessKeysInput) (*iam.ListAccessKeysOutput, error)
	ListUserPolicies(*iam.ListUserPoliciesInput) (*iam.ListUserPoliciesOutput, error)
	PutUserPolicy(*iam.PutUserPolicyInput) (*iam.PutUserPolicyOutput, error)
	AttachUserPolicy(*iam.AttachUserPolicyInput) (*iam.AttachUserPolicyOutput, error)
	DetachUserPolicy(*iam.DetachUserPolicyInput) (*iam.DetachUserPolicyOutput, error)
	ListPolicies(*iam.ListPoliciesInput) (*iam.ListPoliciesOutput, error)
	ListAttachedUserPolicies(*iam.ListAttachedUserPoliciesInput) (*iam.ListAttachedUserPoliciesOutput, error)
	CreatePolicy(*iam.CreatePolicyInput) (*iam.CreatePolicyOutput, error)
	DeletePolicy(input *iam.DeletePolicyInput) (*iam.DeletePolicyOutput, error)
	DeletePolicyVersion(input *iam.DeletePolicyVersionInput) (*iam.DeletePolicyVersionOutput, error)
	GetPolicy(input *iam.GetPolicyInput) (*iam.GetPolicyOutput, error)
	GetPolicyVersion(input *iam.GetPolicyVersionInput) (*iam.GetPolicyVersionOutput, error)
	ListPolicyVersions(input *iam.ListPolicyVersionsInput) (*iam.ListPolicyVersionsOutput, error)
	AttachRolePolicy(*iam.AttachRolePolicyInput) (*iam.AttachRolePolicyOutput, error)
	DetachRolePolicy(*iam.DetachRolePolicyInput) (*iam.DetachRolePolicyOutput, error)
	ListAttachedRolePolicies(*iam.ListAttachedRolePoliciesInput) (*iam.ListAttachedRolePoliciesOutput, error)
	ListRolePolicies(input *iam.ListRolePoliciesInput) (*iam.ListRolePoliciesOutput, error)
	DeleteRolePolicy(input *iam.DeleteRolePolicyInput) (*iam.DeleteRolePolicyOutput, error)
	CreateRole(*iam.CreateRoleInput) (*iam.CreateRoleOutput, error)
	GetRole(*iam.GetRoleInput) (*iam.GetRoleOutput, error)
	DeleteRole(*iam.DeleteRoleInput) (*iam.DeleteRoleOutput, error)
	ListRoles(input *iam.ListRolesInput) (*iam.ListRolesOutput, error)
	PutRolePolicy(input *iam.PutRolePolicyInput) (*iam.PutRolePolicyOutput, error)

	//Organizations
	ListAccounts(*organizations.ListAccountsInput) (*organizations.ListAccountsOutput, error)
	CreateAccount(*organizations.CreateAccountInput) (*organizations.CreateAccountOutput, error)
	DescribeCreateAccountStatus(*organizations.DescribeCreateAccountStatusInput) (*organizations.DescribeCreateAccountStatusOutput, error)
	MoveAccount(*organizations.MoveAccountInput) (*organizations.MoveAccountOutput, error)
	CreateOrganizationalUnit(*organizations.CreateOrganizationalUnitInput) (*organizations.CreateOrganizationalUnitOutput, error)
	ListOrganizationalUnitsForParent(*organizations.ListOrganizationalUnitsForParentInput) (*organizations.ListOrganizationalUnitsForParentOutput, error)
	ListChildren(*organizations.ListChildrenInput) (*organizations.ListChildrenOutput, error)
	TagResource(*organizations.TagResourceInput) (*organizations.TagResourceOutput, error)
	UntagResource(input *organizations.UntagResourceInput) (*organizations.UntagResourceOutput, error)
	ListParents(*organizations.ListParentsInput) (*organizations.ListParentsOutput, error)
	ListTagsForResource(input *organizations.ListTagsForResourceInput) (*organizations.ListTagsForResourceOutput, error)

	//sts
	AssumeRole(*sts.AssumeRoleInput) (*sts.AssumeRoleOutput, error)
	GetCallerIdentity(*sts.GetCallerIdentityInput) (*sts.GetCallerIdentityOutput, error)
	GetFederationToken(*sts.GetFederationTokenInput) (*sts.GetFederationTokenOutput, error)

	//Support
	CreateCase(*support.CreateCaseInput) (*support.CreateCaseOutput, error)
	DescribeCases(*support.DescribeCasesInput) (*support.DescribeCasesOutput, error)

	// S3
	ListBuckets(*s3.ListBucketsInput) (*s3.ListBucketsOutput, error)
	DeleteBucket(*s3.DeleteBucketInput) (*s3.DeleteBucketOutput, error)
	BatchDeleteBucketObjects(bucketName *string) error
	ListObjectsV2(*s3.ListObjectsV2Input) (*s3.ListObjectsV2Output, error)

	// Route53
	ListHostedZones(*route53.ListHostedZonesInput) (*route53.ListHostedZonesOutput, error)
	DeleteHostedZone(*route53.DeleteHostedZoneInput) (*route53.DeleteHostedZoneOutput, error)
	ListResourceRecordSets(*route53.ListResourceRecordSetsInput) (*route53.ListResourceRecordSetsOutput, error)
	ChangeResourceRecordSets(*route53.ChangeResourceRecordSetsInput) (*route53.ChangeResourceRecordSetsOutput, error)

	// Service Quota
	GetServiceQuota(*servicequotas.GetServiceQuotaInput) (*servicequotas.GetServiceQuotaOutput, error)
	RequestServiceQuotaIncrease(*servicequotas.RequestServiceQuotaIncreaseInput) (*servicequotas.RequestServiceQuotaIncreaseOutput, error)
	ListRequestedServiceQuotaChangeHistory(*servicequotas.ListRequestedServiceQuotaChangeHistoryInput) (*servicequotas.ListRequestedServiceQuotaChangeHistoryOutput, error)
	ListRequestedServiceQuotaChangeHistoryByQuota(*servicequotas.ListRequestedServiceQuotaChangeHistoryByQuotaInput) (*servicequotas.ListRequestedServiceQuotaChangeHistoryByQuotaOutput, error)
}

Client is a wrapper object for actual AWS SDK clients to allow for easier testing.

type IBuilder ¶

type IBuilder interface {
	GetClient(controllerName string, kubeClient kubeclientpkg.Client, input NewAwsClientInput) (Client, error)
}

IBuilder implementations know how to produce a Client.

type NewAwsClientInput ¶

type NewAwsClientInput struct {
	AwsCredsSecretIDKey     string
	AwsCredsSecretAccessKey string
	AwsToken                string
	AwsRegion               string
	SecretName              string
	NameSpace               string
}

NewAwsClientInput input for new aws client

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
mock Code generated by MockGen.	Code generated by MockGen.
sts

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL