aws

package

v0.1.6 Latest Latest Go to latest Published: Jan 26, 2022 License: Apache-2.0 Imports: 40 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/Optum/cloudig

Links

Open Source Insights

Documentation ¶

Index ¶

func Contains(ss []string, s string) bool
func NewAthenaTableMetaDataForCloudTrail(location string, regionList []string) *athena.TableMetadata
func NewAuthenticatedSession(region string) (*session.Session, error)
func SdkStringContains(ss []*string, s *string) bool
type APIs
- func NewClient(sess *session.Session) APIs
- func NewClientAsAssumeRole(sess *session.Session, roleARN string) APIs
type AthenaSVC
type Client
type CloudTrailSVC
type ConfigServiceSVC
type EC2SVC
type ECRSVC
type HealthSVC
type IAMSVC
type InspectorSVC
type STSSVC
type TrustedAdvisorSVC

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func Contains ¶

func Contains(ss []string, s string) bool

Contains tells whether slice of strings 'ss' contains string 's'.

func NewAthenaTableMetaDataForCloudTrail ¶

func NewAthenaTableMetaDataForCloudTrail(location string, regionList []string) *athena.TableMetadata

NewAthenaTableMetaDataForCloudTrail creates the metadata for CloudTrail table Returned metadata will not have Name for the table or location of the datasource Note : Sorted by value of Name

func NewAuthenticatedSession ¶

func NewAuthenticatedSession(region string) (*session.Session, error)

NewAuthenticatedSession creates an AWS Session using the credentials from the running environment

func SdkStringContains ¶ added in v0.1.2

func SdkStringContains(ss []*string, s *string) bool

SdkStringContains tells whether slice of pointers of strings 'ss' contains pointer string 's'.

Types ¶

type APIs ¶

type APIs interface {
	EC2SVC
	TrustedAdvisorSVC
	ConfigServiceSVC
	InspectorSVC
	STSSVC
	IAMSVC
	HealthSVC
	ECRSVC
	CloudTrailSVC
	AthenaSVC
}

APIs represent the different API calls available to the AWS client

func NewClient ¶

func NewClient(sess *session.Session) APIs

NewClient creates a Client object that implement all the methods in the APIs interface

func NewClientAsAssumeRole ¶

func NewClientAsAssumeRole(sess *session.Session, roleARN string) APIs

NewClientAsAssumeRole creates a Client object that assumes a role

type AthenaSVC ¶

type AthenaSVC interface {
	GetTableforMetadata(*athena.TableMetadata) (*string, error)
	CreateTableFromMetadata(*athena.TableMetadata) (*string, error)
	RunQuery(tableName, query string) (*athena.ResultSet, error)
	GetTableMetadata(string) (*athena.TableMetadata, error)
}

AthenaSVC is a wrapper for Athena service API calls

type Client ¶

type Client struct {
	EC2            ec2iface.EC2API
	TrustedAdvisor supportiface.SupportAPI
	AWSConfig      configserviceiface.ConfigServiceAPI
	Inspector      inspectoriface.InspectorAPI
	STS            stsiface.STSAPI
	IAM            iamiface.IAMAPI
	Health         healthiface.HealthAPI
	ECR            ecriface.ECRAPI
	CloudTrail     cloudtrailiface.CloudTrailAPI
	Athena         athenaiface.AthenaAPI
}

Client is the client for AWS API operations

func (*Client) CreateTableFromMetadata ¶

func (client *Client) CreateTableFromMetadata(meta *athena.TableMetadata) (*string, error)

CreateTableFromMetadata creates a Athena Table for given metadata and returns a table name in the form <databasename>.<tablename> and an error if there is any. Region is derived from authenticated session

func (*Client) GenerateReport ¶

func (client *Client) GenerateReport(assessmentRunArn string, reportFormat string, reportType string) (string, error)

GenerateReport generates an inspector report for a given assessment run ARN in either PDF or HTML and returns the URL

func (*Client) GetAccountID ¶

func (client *Client) GetAccountID() (string, error)

GetAccountID returns the AccountID associated with the current session

func (*Client) GetECRImageScanFindings ¶ added in v0.1.6

func (client *Client) GetECRImageScanFindings(image *ecr.ImageDetail) map[string]int64

func (*Client) GetECRImagesWithTag ¶

func (client *Client) GetECRImagesWithTag(tag string) (map[string][]*ecr.ImageDetail, error)

GetECRImagesWithTag finds all ECR images with a given tag. If no tag specified, all tagged images are returned

func (*Client) GetFailingTrustedAdvisorCheckResults ¶

func (client *Client) GetFailingTrustedAdvisorCheckResults() (map[*support.TrustedAdvisorCheckDescription]*support.TrustedAdvisorCheckResult, error)

GetFailingTrustedAdvisorCheckResults returns all failing trusted advisor checks with detailed results

func (*Client) GetHealthAffectedEntities ¶

func (client *Client) GetHealthAffectedEntities(arnArr []*string, nextToken *string) (*health.DescribeAffectedEntitiesOutput, error)

GetHealthAffectedEntities returns a list of Health notification events

func (*Client) GetHealthEventDetails ¶

func (client *Client) GetHealthEventDetails(arnArr []*string) (*health.DescribeEventDetailsOutput, error)

GetHealthEventDetails returns a list of Health notification events

func (*Client) GetHealthEvents ¶

func (client *Client) GetHealthEvents(eventFilter *health.EventFilter, nextToken *string) (*health.DescribeEventsOutput, error)

GetHealthEvents returns a list of Health notification events

func (*Client) GetImageInformation ¶

func (client *Client) GetImageInformation(imageIds []string) (*ec2.DescribeImagesOutput, error)

GetImageInformation returns the information about a list of EC2 imageIds

func (*Client) GetInstances ¶

func (client *Client) GetInstances() (*ec2.DescribeInstancesOutput, error)

GetInstances returns a list of EC2 instances and information

func (*Client) GetInstancesByFilters ¶

func (client *Client) GetInstancesByFilters(ec2Filters map[string][]string) (*ec2.DescribeInstancesOutput, error)

GetInstancesByFilters returns all instances that match a list of EC2 filters

func (*Client) GetInstancesMatchingAllTags ¶

func (client *Client) GetInstancesMatchingAllTags(tags map[string]string) (*ec2.DescribeInstancesOutput, error)

GetInstancesMatchingAllTags returns instances that match ALL tags and their respective values in a given list. Ex: "k8s.io/cluster-autoscaler/enabled": "true" AND "terraform": "true"

func (*Client) GetInstancesMatchingAnyTags ¶

func (client *Client) GetInstancesMatchingAnyTags(tags map[string]string) (*ec2.DescribeInstancesOutput, error)

GetInstancesMatchingAnyTags returns instances that match ANY tags and their respective values in a given list. Ex: "k8s.io/cluster-autoscaler/enabled": "true" AND/OR "terraform": "true"

func (*Client) GetMostRecentAssessmentRunInfo ¶

func (client *Client) GetMostRecentAssessmentRunInfo() ([]map[string]string, error)

GetMostRecentAssessmentRunInfo returns the most recent assessment run and target group ARNs for each template

func (*Client) GetNetIAMPermissionsForRoles ¶

func (client *Client) GetNetIAMPermissionsForRoles(roleARNs []string) map[string][]string

GetNetIAMPermissionsForRoles returns the IAM permissions for each role attached via different polices

func (*Client) GetNonComplaintConfigRules ¶

func (client *Client) GetNonComplaintConfigRules() (map[string][]*configservice.EvaluationResult, error)

GetNonComplaintConfigRules returns all the non complaint rules with compliance results

func (*Client) GetResourceGroupTags ¶

func (client *Client) GetResourceGroupTags(assessmentTargetArn string) (map[string]string, error)

GetResourceGroupTags returns the resource group tags for a given assessment target ARN

func (*Client) GetRolesFromTags ¶

func (client *Client) GetRolesFromTags(tags map[string]string) ([]string, error)

GetRolesFromTags returns a list of IAM Roles with tags provided Please note, ListRoles doesn't get the tags - https://github.com/aws/aws-sdk-go/issues/2442 this would mean calling ListRoleTags API for each role to get the tags we call this API in parallel to speed up the overall execution

func (*Client) GetS3LogPrefixForCloudTrail ¶

func (client *Client) GetS3LogPrefixForCloudTrail() (*string, error)

GetS3LogPrefixForCloudTrail retruns a S3Prefix associated with CloudTrail if one available for a region derived from the authenticated session and an error if there is any https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-find-log-files.html

func (*Client) GetTableMetadata ¶

func (client *Client) GetTableMetadata(tableName string) (*athena.TableMetadata, error)

GetTableMetadata is helper function to return the athena table metadata for given table

func (*Client) GetTableforMetadata ¶

func (client *Client) GetTableforMetadata(meta *athena.TableMetadata) (*string, error)

GetTableforMetadata returns a Athena table in the form <databasename>.<tablename> for given metadata and an error if there is any. Region is derived from authenticated session

func (*Client) RunQuery ¶

func (client *Client) RunQuery(tableName, query string) (*athena.ResultSet, error)

RunQuery run the give query on the given table and returns the data and an error if there is any

type CloudTrailSVC ¶

type CloudTrailSVC interface {
	GetS3LogPrefixForCloudTrail() (*string, error)
}

CloudTrailSVC is a wrapper for CloudTrail service API calls

type ConfigServiceSVC ¶

type ConfigServiceSVC interface {
	GetNonComplaintConfigRules() (map[string][]*configservice.EvaluationResult, error)
}

ConfigServiceSVC is a wrapper for ConfigService API calls

type EC2SVC ¶

type EC2SVC interface {
	GetInstances() (*ec2.DescribeInstancesOutput, error)
	GetImageInformation(imageIds []string) (*ec2.DescribeImagesOutput, error)
	GetInstancesMatchingAllTags(tags map[string]string) (*ec2.DescribeInstancesOutput, error)
	GetInstancesMatchingAnyTags(tags map[string]string) (*ec2.DescribeInstancesOutput, error)
	GetInstancesByFilters(ec2Filters map[string][]string) (*ec2.DescribeInstancesOutput, error)
}

EC2SVC is a wrapper for EC2 API calls

type ECRSVC ¶

type ECRSVC interface {
	GetECRImagesWithTag(tag string) (map[string][]*ecr.ImageDetail, error)
	GetECRImageScanFindings(*ecr.ImageDetail) map[string]int64
}

ECRSVC is a wrapper for ECR Image Scan API calls

type HealthSVC ¶

type HealthSVC interface {
	GetHealthEvents(eventFilter *health.EventFilter, nextToken *string) (*health.DescribeEventsOutput, error)
	GetHealthEventDetails(arnArr []*string) (*health.DescribeEventDetailsOutput, error)
	GetHealthAffectedEntities(arnArr []*string, nextToken *string) (*health.DescribeAffectedEntitiesOutput, error)
}

HealthSVC is a wrapper for Support API calls related to Health Notifactions

type IAMSVC ¶

type IAMSVC interface {
	GetRolesFromTags(tags map[string]string) ([]string, error)
	GetNetIAMPermissionsForRoles(roleARNs []string) map[string][]string
}

IAMSVC is a wrapper for IAM API calls

type InspectorSVC ¶

type InspectorSVC interface {
	GenerateReport(assessmentRunArn string, reportFormat string, reportType string) (string, error)
	GetResourceGroupTags(assessmentTargetArn string) (map[string]string, error)
	GetMostRecentAssessmentRunInfo() ([]map[string]string, error)
}

InspectorSVC is a wrapper for Inspector API calls

type STSSVC ¶

type STSSVC interface {
	GetAccountID() (string, error)
}

STSSVC is a wrapper for STS API calls

type TrustedAdvisorSVC ¶

type TrustedAdvisorSVC interface {
	GetFailingTrustedAdvisorCheckResults() (map[*support.TrustedAdvisorCheckDescription]*support.TrustedAdvisorCheckResult, error)
}

TrustedAdvisorSVC is a wrapper for Support API calls related to TrustedAdvisor

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL