Documentation
¶
Index ¶
Constants ¶
const AttackerEmailEnvVarKey = "STRATUS_RED_TEAM_ATTACKER_EMAIL"
const DefaultFictitiousAttackerEmail = "stratusredteam@gmail.com"
Variables ¶
This section is empty.
Functions ¶
func GCPAssignProjectRole ¶
func GCPAssignProjectRole(gcp *providers.GCPProvider, principal string, roleToGrant string) error
GCPAssignProjectRole grants a project-wide role to a specific service account it works the same as 'gcloud projects add-iam-policy-binding': * Step 1: Read the project's IAM policy using [getIamPolicy](https://cloud.google.com/resource-manager/reference/rest/v1/projects/getIamPolicy) * Step 2: Create a binding, or add the service account to an existing binding for the role to grant * Step 3: Update the project's IAM policy using [setIamPolicy](https://cloud.google.com/resource-manager/reference/rest/v1/projects/setIamPolicy)
func GCPUnassignProjectRole ¶
func GCPUnassignProjectRole(gcp *providers.GCPProvider, principal string, roleToRemove string) error
GCPUnassignProjectRole un-assigns a project-wide role to a specific service account it works the same as 'gcloud projects remove-iam-policy-binding': * Step 1: Read the project's IAM policy using [getIamPolicy](https://cloud.google.com/resource-manager/reference/rest/v1/projects/getIamPolicy) * Step 2: Remove a binding, or remove the service account from an existing binding for the role to grant * Step 3: Update the project's IAM policy using [setIamPolicy](https://cloud.google.com/resource-manager/reference/rest/v1/projects/setIamPolicy) Note: no error is returned if the principal does not have a binding in the project's IAM policy
func GetAttackerPrincipal ¶ added in v2.8.2
func GetAttackerPrincipal() string
Types ¶
This section is empty.
Source Files