cloud

package

v0.0.0-...-5c79d48 Latest Latest Go to latest Published: Feb 15, 2024 License: AGPL-3.0 Imports: 45 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/juser0719/teleport

Documentation ¶

Index ¶

func AppendGCPClientCert(ctx context.Context, sessionCtx *common.Session, gcpClient gcp.SQLAdminClient, ...) error
func GetGCPRequireSSL(ctx context.Context, sessionCtx *common.Session, gcpClient gcp.SQLAdminClient) (requireSSL bool, err error)
type DiscoveryResourceChecker
- func NewDiscoveryResourceChecker(cfg DiscoveryResourceCheckerConfig) (DiscoveryResourceChecker, error)
type DiscoveryResourceCheckerConfig
- func (c *DiscoveryResourceCheckerConfig) CheckAndSetDefaults() error
type IAM
- func NewIAM(ctx context.Context, config IAMConfig) (*IAM, error)
type IAMConfig
- func (c *IAMConfig) Check() error
type Metadata
- func NewMetadata(config MetadataConfig) (*Metadata, error)
- func (m *Metadata) Update(ctx context.Context, database types.Database) error
type MetadataConfig
- func (c *MetadataConfig) Check() error

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func AppendGCPClientCert ¶

func AppendGCPClientCert(ctx context.Context, sessionCtx *common.Session, gcpClient gcp.SQLAdminClient, tlsConfig *tls.Config) error

AppendGCPClientCert calls the GCP API to generate an ephemeral certificate and adds it to the TLS config. An access denied error is returned when the generate call fails.

func GetGCPRequireSSL ¶

func GetGCPRequireSSL(ctx context.Context, sessionCtx *common.Session, gcpClient gcp.SQLAdminClient) (requireSSL bool, err error)

GetGCPRequireSSL requests settings for the project/instance in session from GCP and returns true when the instance requires SSL. An access denied error is returned when an unauthorized error is returned from GCP.

Types ¶

type DiscoveryResourceChecker ¶

type DiscoveryResourceChecker interface {
	// Check performs required checks on provided database resource before it
	// gets registered.
	Check(ctx context.Context, database types.Database) error
}

DiscoveryResourceChecker defines an interface for checking database resources created by the discovery service.

func NewDiscoveryResourceChecker ¶

func NewDiscoveryResourceChecker(cfg DiscoveryResourceCheckerConfig) (DiscoveryResourceChecker, error)

NewDiscoveryResourceChecker creates a new DiscoveryResourceChecker.

type DiscoveryResourceCheckerConfig ¶

type DiscoveryResourceCheckerConfig struct {
	// ResourceMatchers is a list of database resource matchers.
	ResourceMatchers []services.ResourceMatcher
	// Clients is an interface for retrieving cloud clients.
	Clients cloud.Clients
	// Context is the database server close context.
	Context context.Context
	// Log is used for logging.
	Log logrus.FieldLogger
}

DiscoveryResourceCheckerConfig is the config for DiscoveryResourceChecker.

func (*DiscoveryResourceCheckerConfig) CheckAndSetDefaults ¶

func (c *DiscoveryResourceCheckerConfig) CheckAndSetDefaults() error

CheckAndSetDefaults validates the config and sets default values.

type IAM ¶

type IAM struct {
	// contains filtered or unexported fields
}

IAM is a service that manages IAM policies for cloud databases.

A semaphore lock has to be acquired by the this service before making changes to the IAM inline policy as database agents may share the same the same policy. These tasks are processed in a background goroutine to avoid blocking callers when acquiring the locks with retries.

func NewIAM ¶

func NewIAM(ctx context.Context, config IAMConfig) (*IAM, error)

NewIAM returns a new IAM configurator service.

func (*IAM) Setup ¶

func (c *IAM) Setup(ctx context.Context, database types.Database) error

Setup sets up cloud IAM policies for the provided database.

func (*IAM) Start ¶

func (c *IAM) Start(ctx context.Context) error

Start starts the IAM configurator service.

func (*IAM) Teardown ¶

func (c *IAM) Teardown(ctx context.Context, database types.Database) error

Teardown tears down cloud IAM policies for the provided database.

func (*IAM) UpdateIAMStatus ¶

func (c *IAM) UpdateIAMStatus(database types.Database) error

UpdateIAMStatus updates the IAMPolicyExists for the Database.

type IAMConfig ¶

type IAMConfig struct {
	// Clock is used to control time.
	Clock clockwork.Clock
	// AccessPoint is a caching client connected to the Auth Server.
	AccessPoint auth.DatabaseAccessPoint
	// Clients is an interface for retrieving cloud clients.
	Clients cloud.Clients
	// HostID is the host identified where this agent is running.
	// DELETE IN 11.0.
	HostID string
	// contains filtered or unexported fields
}

IAMConfig is the IAM configurator config.

func (*IAMConfig) Check ¶

func (c *IAMConfig) Check() error

Check validates the IAM configurator config.

type Metadata ¶

type Metadata struct {
	// contains filtered or unexported fields
}

Metadata is a service that fetches cloud databases metadata.

func NewMetadata ¶

func NewMetadata(config MetadataConfig) (*Metadata, error)

NewMetadata returns a new cloud metadata service.

func (*Metadata) Update ¶

func (m *Metadata) Update(ctx context.Context, database types.Database) error

Update updates cloud metadata of the provided database.

type MetadataConfig ¶

type MetadataConfig struct {
	// Clients is an interface for retrieving cloud clients.
	Clients cloud.Clients
}

MetadataConfig is the cloud metadata service config.

func (*MetadataConfig) Check ¶

func (c *MetadataConfig) Check() error

Check validates the metadata service config.

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
users

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL