iamrole

package

v0.0.0-...-e0434a4 Latest Latest Go to latest Published: Jun 30, 2019 License: Apache-2.0 Imports: 14 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/atlassian/voyager

Links

Open Source Insights

README ¶

IAM Role plugin for Smith

This allows ServiceBindings to have IamPolicySnippet in their output, and to wire all of these up to a single plugin which generates the role. It attempts to merge policies (e.g. multiple SQS policies with the same set of actions) in order to stay under the ~10kb limit for policies attached to a role.

The plugin assumes that osb-aws-provider is installed into the cluster so it can generate an appropriate ServiceInstance. The IAMRole output from binding against this resource is the name of the generated role.

Documentation ¶

Index ¶

func New() (smith_plugin.Plugin, error)
type CfnAttributes
type ComputeType
type IamAssumeRolePrincipal
type IamAssumeRoleStatement
type IamPolicy
type IamPolicyDocument
- func (p *IamPolicyDocument) UnmarshalJSON(b []byte) error
type IamPolicyStatement
- func (s *IamPolicyStatement) UnmarshalJSON(b []byte) error
type Plugin
- func (p *Plugin) Describe() *smith_plugin.Description
- func (p *Plugin) Process(rawSpec map[string]interface{}, context *smith_plugin.Context) smith_plugin.ProcessResult
type Spec

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func New ¶

func New() (smith_plugin.Plugin, error)

Types ¶

type CfnAttributes ¶

type CfnAttributes struct {
	Template     string `json:"template"`
	TemplateBody string `json:"templateBody"`
}

type ComputeType ¶

type ComputeType string

const (
	EC2ComputeType  ComputeType = "ec2Compute"
	KubeComputeType ComputeType = "kubeCompute"
)

type IamAssumeRolePrincipal ¶

type IamAssumeRolePrincipal struct {
	AWS     string   `json:"AWS,omitempty"`
	Service []string `json:"Service,omitempty"`
}

type IamAssumeRoleStatement ¶

type IamAssumeRoleStatement struct {
	Effect    string                 `json:"Effect"`
	Principal IamAssumeRolePrincipal `json:"Principal"`
	Action    string                 `json:"Action"`
}

type IamPolicy ¶

type IamPolicy struct {
	PolicyName     string            `json:"PolicyName"`
	PolicyDocument IamPolicyDocument `json:"PolicyDocument"`
}

type IamPolicyDocument ¶

type IamPolicyDocument struct {
	Version   string               `json:"Version"`
	ID        string               `json:"Id,omitempty"`
	Statement []IamPolicyStatement `json:"Statement"`
}

func (*IamPolicyDocument) UnmarshalJSON ¶

func (p *IamPolicyDocument) UnmarshalJSON(b []byte) error

Convert annoying IAM 'array or string' format to array only on Unmarshal so we can have nice types.

type IamPolicyStatement ¶

type IamPolicyStatement struct {
	Sid          *string          `json:",omitempty"`
	Principal    *json.RawMessage `json:",omitempty"`
	NotPrincipal *json.RawMessage `json:",omitempty"`

	NotAction []string `json:",omitempty"`
	Action    []string `json:",omitempty"`

	Effect string

	Resource    []string `json:",omitempty"`
	NotResource []string `json:",omitempty"`

	Condition *json.RawMessage `json:",omitempty"`
}

This is an IamPolicyStatement which doesn't allow non-array elements. See UnmarshalJSON below.

func (*IamPolicyStatement) UnmarshalJSON ¶

func (s *IamPolicyStatement) UnmarshalJSON(b []byte) error

Convert annoying IAM 'array or string' format to array only on Unmarshal so we can have nice types.

type Plugin ¶

type Plugin struct{}

func (*Plugin) Describe ¶

func (p *Plugin) Describe() *smith_plugin.Description

func (*Plugin) Process ¶

func (p *Plugin) Process(rawSpec map[string]interface{}, context *smith_plugin.Context) smith_plugin.ProcessResult

Process processes a plugin specification and produces an object as the result.

type Spec ¶

type Spec struct {
	ServiceName           voyager.ServiceName    `json:"serviceId,omitempty"`
	OAPResourceName       string                 `json:"oapResourceName"`
	CreateInstanceProfile bool                   `json:"createInstanceProfile,omitempty"`
	AssumeRoles           []string               `json:"assumeRoles,omitempty"`
	ManagedPolicies       []string               `json:"managedPolicies,omitempty"`
	ServiceEnvironment    oap.ServiceEnvironment `json:"serviceEnvironment"`
	ComputeType           ComputeType            `json:"computeType"`
	PolicySnippets        map[string]string      `json:"policySnippets"`
}

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL