iamoidc

package

v0.0.0-...-ee2d30e Latest Latest Go to latest Published: Feb 15, 2023 License: Apache-2.0 Imports: 13 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/yuxiang-zhang/eksct

Documentation ¶

Index ¶

func IsAccessDeniedError(err error) bool
type OpenIDConnectManager
- func NewOpenIDConnectManager(iamapi awsapi.IAM, accountID, issuer, partition string, tags map[string]string) (*OpenIDConnectManager, error)
type UnsupportedOIDCError
- func (u *UnsupportedOIDCError) Error() string

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func IsAccessDeniedError ¶

func IsAccessDeniedError(err error) bool

IsAccessDeniedError returns true if err is an AccessDenied error.

Types ¶

type OpenIDConnectManager ¶

type OpenIDConnectManager struct {
	ProviderARN string
	// contains filtered or unexported fields
}

OpenIDConnectManager hold information about IAM OIDC integration

func NewOpenIDConnectManager ¶

func NewOpenIDConnectManager(iamapi awsapi.IAM, accountID, issuer, partition string, tags map[string]string) (*OpenIDConnectManager, error)

NewOpenIDConnectManager constructs a new IAM OIDC manager instance. It returns an error if the issuer URL is invalid

func (*OpenIDConnectManager) CheckProviderExists ¶

func (m *OpenIDConnectManager) CheckProviderExists(ctx context.Context) (bool, error)

CheckProviderExists will return true when the provider exists, it may return errors if it was unable to call IAM API

func (*OpenIDConnectManager) CreateProvider ¶

func (m *OpenIDConnectManager) CreateProvider(ctx context.Context) error

CreateProvider will retrieve CA root certificate and compute its thumbprint for the by connecting to it and create the provider using IAM API

func (*OpenIDConnectManager) DeleteProvider ¶

func (m *OpenIDConnectManager) DeleteProvider(ctx context.Context) error

DeleteProvider will delete the provider using IAM API, it may return an error the API call fails

func (*OpenIDConnectManager) MakeAssumeRolePolicyDocument ¶

func (m *OpenIDConnectManager) MakeAssumeRolePolicyDocument() cft.MapOfInterfaces

func (*OpenIDConnectManager) MakeAssumeRolePolicyDocumentWithServiceAccountConditions ¶

func (m *OpenIDConnectManager) MakeAssumeRolePolicyDocumentWithServiceAccountConditions(serviceAccountNamespace, serviceAccountName string) cft.MapOfInterfaces

MakeAssumeRolePolicyDocumentWithServiceAccountConditions constructs a trust policy document for the given provider

type UnsupportedOIDCError ¶

type UnsupportedOIDCError struct {
	Message string
}

UnsupportedOIDCError represents an unsupported OIDC error

func (*UnsupportedOIDCError) Error ¶

func (u *UnsupportedOIDCError) Error() string

Source Files ¶

View all Source files

api.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL