aws

package
v0.9.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 20, 2022 License: MIT Imports: 20 Imported by: 0

Documentation

Overview

Copyright (c) WarnerMedia Direct, LLC. All rights reserved. Licensed under the MIT license. See the LICENSE file for license information.

Copyright (c) WarnerMedia Direct, LLC. All rights reserved. Licensed under the MIT license. See the LICENSE file for license information.

Copyright (c) WarnerMedia Direct, LLC. All rights reserved. Licensed under the MIT license. See the LICENSE file for license information.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func AssertDAXClusterEncrypted added in v0.1.0 

func AssertDAXClusterEncrypted(t *testing.T, ctx context.Context, client DAXClient, name string)

AssertDAXClusterEncrypted asserts that a DAX cluster has server side encryption enabled.

func AssertDAXClusterSecurityGroup added in v0.1.0 

func AssertDAXClusterSecurityGroup(t *testing.T, ctx context.Context, client DAXClient, ec2client EC2Client, name string, securityGroupName string)

AssertDAXClusterSecurityGroup asserts that a DAX cluster is associated with a given security group. It does not assert that the group provided is the _only_ security group associated with the cluster.

func AssertDAXClusterSubnetGroup added in v0.1.0 

func AssertDAXClusterSubnetGroup(t *testing.T, ctx context.Context, client DAXClient, name string, subnetGroupName string)

AssertDAXClusterSubnetGroup asserts that a DAX cluster has a given subnet group associated to it.

func AssertEC2InstancesBalancedInSubnets 

func AssertEC2InstancesBalancedInSubnets(t *testing.T, ctx context.Context, instances []types.Instance)

AssertEC2InstancesBalancedInSubnets asserts that EC2 instances in a list are spread evenly throughout their attached subnets. Given a list of unique EC2 instances, no subnet should have more than ceil(# instances / # subnets).

func AssertEC2TagValue 

func AssertEC2TagValue(t *testing.T, ctx context.Context, client EC2Client, input AssertEC2TagValueInput)

AssertEC2TagValue asserts that an EC2 instance has a tag with the given value.

func AssertEC2VolumeEncrypted 

func AssertEC2VolumeEncrypted(t *testing.T, ctx context.Context, client EC2Client, input AssertEC2VolumeEncryptedInput)

AssertEC2VolumeEncrypted asserts that an EBS volume is encrypted, optionally using a specified KMS key.

func AssertEC2VolumeEncryptedE 

func AssertEC2VolumeEncryptedE(ctx context.Context, client EC2Client, input AssertEC2VolumeEncryptedInput) (assertion bool, err error)

AssertEC2VolumeEncryptedE asserts that a volume attached to an EC2 instance is encrypted and (optionally) done so using a specified KMS Key. This function is deprecated in favor of the AssertEC2VolumeEncrypted method.

func AssertEC2VolumeIOPS added in v0.7.0 

func AssertEC2VolumeIOPS(t *testing.T, ctx context.Context, client EC2Client, input AssertVolumeAttributesInput)

AssertVolumeIops asserts associated Iops for given volume type

func AssertEC2VolumeTagValue added in v0.9.0 

func AssertEC2VolumeTagValue(t *testing.T, ctx context.Context, client EC2Client, input AssertEC2VolumeTagValueInput)

AssertEC2VolumeTagValue asserts that an EBS Volumes has a tag with the given value.

func AssertEC2VolumeThroughput added in v0.7.0 

func AssertEC2VolumeThroughput(t *testing.T, ctx context.Context, client EC2Client, input AssertVolumeAttributesInput)

AssertVolumeThroughput & IOPs asserts associated throughput for given volume type

func AssertEC2VolumeType added in v0.7.0 

func AssertEC2VolumeType(t *testing.T, ctx context.Context, client EC2Client, input AssertVolumeAttributesInput)

AssertVolumeType asserts the right volume type

func AssertIAMPolicyDocumentContainsResourceAction 

func AssertIAMPolicyDocumentContainsResourceAction(t *testing.T, resource string, action string, effect string, policyDocument PolicyDocument)

AssertIAMPolicyDocumentContainsResourceAction will assert the an IAM Policy Document provided contains a Statement with the given Resource, Action, and Effect. If such a Statement does not exist within the Policy the test will immediately fail.

func AssertIAMPolicyDocumentsContainResourceAction 

func AssertIAMPolicyDocumentsContainResourceAction(t *testing.T, resource string, action string, effect string, policyDocuments []PolicyDocument)

AssertIAMPolicyDocumentsContainsResourceAction will assert the _at least one_ IAM Policy Document in a provided set contains a Statement with the given Resource, Action, and Effect. If such a Statement does not exist within the provided Policies the test will immediately fail.

func AssertIAMRoleMaxSessionDuration added in v0.6.0 

func AssertIAMRoleMaxSessionDuration(t *testing.T, ctx context.Context, client IAMClient, roleName string, maxDuration int32)

Asserts the MaxSessionDuration attribute of a given IAM Role

func AssertRoute53HostedZoneExists 

func AssertRoute53HostedZoneExists(t *testing.T, ctx context.Context, client Route53Client, zoneName string)

AssertRoute53HostedZoneExists asserts whether or not the Route53 zone name it's passed is found amongst those reported by the AWS API.

func AssertRoute53RecordExistsInHostedZone added in v0.3.0 

func AssertRoute53RecordExistsInHostedZone(t *testing.T, ctx context.Context, client Route53Client, recordInput AssertRecordInput)

AssertRoute53RecordExistsInHostedZone asserts whether or not the Route53 record name it's passed exists amongst those associated with the the Route53 zone whose name it's passed.

func AssertRoute53ZoneIsAssociatedWithVPC added in v0.8.0 

func AssertRoute53ZoneIsAssociatedWithVPC(t *testing.T, ctx context.Context, client Route53Client, associationInput AssertRoute53ZoneIsAssociatedWithVPCInput)

AssertRoute53ZoneIsAssociatedWithVPC asserts whether or not the Route53 zone is associated with the given VPC.

func CreateFiltersFromMap 

func CreateFiltersFromMap(input map[string][]string) (output []types.Filter)

CreateFiltersFromMap is a utility method that creates a Filter object from a map of strings. It's designed to make creating filter objects easier without worrying about pointers and the like.

func GetEC2SecurityGroupByName added in v0.1.0 

func GetEC2SecurityGroupByName(ctx context.Context, client EC2Client, name string) (securityGroup *types.SecurityGroup, err error)

GetEC2SecurityGroupByName returns a security group object based on the name provided. If no matching group is found, it will return a nil value.

func GetEKSTokenE added in v0.5.0 

func GetEKSTokenE(ctx context.Context, clusterName string, opts ...func(*GetEKSTokenEOptions) error) (tkn token.Token, err error)

GetEKSTokenE generates a new bearer token for authenticating with EKS clusters. It assumes you have AWS credentials configured in your environment in accordance with the [`aws-iam-authenticator` guidelines](https://pkg.go.dev/sigs.k8s.io/aws-iam-authenticator@v0.5.3#readme-specifying-credentials-using-aws-profiles). You can alter that configuring by passing in functional options that modify the GetTokenOptions object.

Types

type AssertEC2TagValueEInput 

type AssertEC2TagValueEInput struct {
	// The name of the tag to assert exists.
	TagName string
	// The value of the tag to assert.
	Value string
	// The Instance ID that the tag mustbe set on.
	InstanceID string
}

AssertEC2TagValueEInput is used as an input to the AssertEC2TagValueE method. This is deprecated.

type AssertEC2TagValueInput 

type AssertEC2TagValueInput struct {
	// The name of the tag to assert exists.
	TagName string
	// The value of the tag to assert.
	Value string
	// The Instance ID that the method will assert has a tag with the specified tag name and the specified value.
	InstanceID string
}

AssertEC2TagValueInput is used as an input to the AssertEC2TagValue method.

type AssertEC2VolumeEncryptedInput 

type AssertEC2VolumeEncryptedInput struct {
	// The device ID that the volume is mapped to on the instance.
	DeviceID string
	// The KMS key ID that must be used to encrypt the volume. If left blank, then matching on this attribute will not be performed.
	KMSKeyID string
	// The Instance ID the volume must be attached to.
	InstanceID string
}

AssertEC2VolumeEncryptedInput is used as an input to the AssertEC2VolumeEncryptedE and AssertEC2VolumeEncrypted methods.

type AssertEC2VolumeTagValueInput added in v0.9.0 

type AssertEC2VolumeTagValueInput struct {
	// The name of the tag to assert exists.
	TagName string
	// The value of the tag to assert.
	Value string
	// The Volume ID that the method will assert has a tag with the specified tag name and the specified value.
	VolumeID string
}

AssertEC2VolumeTagValueInput is used as an input to the AssertEC2VolumeTagValue method.

type AssertRecordInput added in v0.2.0 

type AssertRecordInput struct {
	// The record name.
	RecordName string

	// The record type.
	RecordType types.RRType

	// The zone name.
	ZoneName string
}

AssertRecordInput is used as an input to the AssertRecordExistsInHostedZone method.

type AssertRoute53ZoneIsAssociatedWithVPCInput added in v0.8.0 

type AssertRoute53ZoneIsAssociatedWithVPCInput struct {
	// The ID of the VPC to check for zone association (required).
	VPCID string

	// The region of the VPC to check for zone association (required).
	VPCRegion types.VPCRegion

	// The name of the zone to check for VPC association (required).
	ZoneName string
}

AssertRoute53ZoneIsAssociatedVPCInput is used as input to the AssertRoute53ZoneIsAssociatedWithVPC method.

type AssertVolumeAttributesInput added in v0.7.0 

type AssertVolumeAttributesInput struct {
	// The Instance ID that is used to get devices associated to it.
	InstanceID string
	// The device ID that the volume is mapped to on the instance.
	// Used for informational purpose
	DeviceID string
	// The Volume Type for each volume
	VolumeType string
	// The Volume IOPS for each volume
	VolumeIOPS *int32
	// The Volume throughput for each volume
	VolumeThroughput *int32
}

AssertVolumeAttributesInput is used as an input to the AssertEC2VolumeType,AssertEC2VolumeIops,AssertEC2VolumeThroughput methods.

type DAXClient added in v0.1.0 

type DAXClient interface {
	DescribeClusters(context.Context, *dax.DescribeClustersInput, ...func(*dax.Options)) (*dax.DescribeClustersOutput, error)
}

DAXClient serves as a stub client interface for the AWS SDK [DAX client](https://pkg.go.dev/github.com/aws/aws-sdk-go-v2/service/dax#Client).

type EC2Client 

type EC2Client interface {
	DescribeInstances(context.Context, *ec2.DescribeInstancesInput, ...func(*ec2.Options)) (*ec2.DescribeInstancesOutput, error)

	DescribeVolumes(context.Context, *ec2.DescribeVolumesInput, ...func(*ec2.Options)) (*ec2.DescribeVolumesOutput, error)

	DescribeTags(context.Context, *ec2.DescribeTagsInput, ...func(*ec2.Options)) (*ec2.DescribeTagsOutput, error)

	DescribeSecurityGroups(context.Context, *ec2.DescribeSecurityGroupsInput, ...func(*ec2.Options)) (*ec2.DescribeSecurityGroupsOutput, error)
}

type EKSClient added in v0.5.0 

type EKSClient interface {
	DescribeCluster(context.Context, *eks.DescribeClusterInput, ...func(*eks.Options)) (*eks.DescribeClusterOutput, error)
}

type GetEKSClusterEOptions added in v0.5.0 

type GetEKSClusterEOptions struct {
	// Options that are passed to the underlying DescribeCluster method.
	EKSOptions []func(*eks.Options)
}

GetEKSClusterEOptions is a struct for use with functional options for the GetEKSClusterE method.

type GetEKSClusterEOptionsFunc added in v0.5.0 

type GetEKSClusterEOptionsFunc func(GetEKSClusterEOptions) error

GetEKSClusterEOptionsFunc is a type used for functional options for the GetEKSClusterE method.

type GetEKSClusterOutput added in v0.5.0 

type GetEKSClusterOutput struct {
	Endpoint string
	CAData   []byte
}

func GetEKSClusterE added in v0.5.0 

func GetEKSClusterE(ctx context.Context, client EKSClient, clusterName string, optFns ...GetEKSClusterEOptionsFunc) (output *GetEKSClusterOutput, err error)

GetEKSClusterE returns some metadata about the specified EKS cluster, such as the endpoint and the CA certificate information. It must be passed an AWS SDK v2 [EKS client object](https://pkg.go.dev/github.com/aws/aws-sdk-go-v2/service/eks#Client).

type GetEKSTokenEOptions added in v0.5.0 

type GetEKSTokenEOptions struct {
	// The object used for generating the token. Generally this should only be specified in the context of tests.
	Generator generator
	// The input object passed to the GetWithOptions method.
	GetTokenOptions *token.GetTokenOptions
}

type GetEKSTokenEOptionsFunc added in v0.5.0 

type GetEKSTokenEOptionsFunc func(*GetEKSTokenEOptions) error

GetEKSTokenEOptionsFunc is a type for the functional options of the GetEKSTokenE method.

type IAMClient added in v0.6.0 

type IAMClient interface {
	GetRole(context.Context, *iam.GetRoleInput, ...func(*iam.Options)) (*iam.GetRoleOutput, error)
}

IAMClient serves as a stub client interface for the AWS SDK [IAM client](https://pkg.go.dev/github.com/aws/aws-sdk-go/service/iam#hdr-Using_the_Client).

type PolicyDocument 

type PolicyDocument struct {
	Version   string
	Statement []StatementEntry
}

type Route53Client 

type Route53Client interface {
	ListHostedZonesByName(context.Context, *route53.ListHostedZonesByNameInput) (*route53.ListHostedZonesOutput, error)
	ListHostedZonesByVPC(context.Context, *route53.ListHostedZonesByVPCInput) (*route53.ListHostedZonesByVPCOutput, error)
	ListResourceRecordSets(context.Context, *route53.ListResourceRecordSetsInput) (*route53.ListResourceRecordSetsOutput, error)
}

Route53Client is an AWS Route53 API client. Typically, it's a [Route53](https://pkg.go.dev/github.com/aws/aws-sdk-go-v2/service/route53#Client).

type StatementEntry 

type StatementEntry struct {
	Effect   string
	Action   interface{}
	Resource interface{}
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.