Documentation
¶
Index ¶
- Constants
- type AWS
- type AWSMetadata
- type AWSOIDCDeployDatabaseServiceRequest
- type AWSOIDCDeployDatabaseServiceResponse
- type AWSOIDCDeployEC2ICERequest
- type AWSOIDCDeployEC2ICERequestEndpoint
- type AWSOIDCDeployEC2ICEResponse
- type AWSOIDCDeployEC2ICEResponseEndpoint
- type AWSOIDCDeployServiceRequest
- type AWSOIDCDeployServiceResponse
- type AWSOIDCEnrollEKSClustersRequest
- type AWSOIDCEnrollEKSClustersResponse
- type AWSOIDCListDatabasesRequest
- type AWSOIDCListDatabasesResponse
- type AWSOIDCListEC2ICERequest
- type AWSOIDCListEC2ICEResponse
- type AWSOIDCListEC2Request
- type AWSOIDCListEC2Response
- type AWSOIDCListEKSClustersRequest
- type AWSOIDCListEKSClustersResponse
- type AWSOIDCListSecurityGroupsRequest
- type AWSOIDCListSecurityGroupsResponse
- type AWSOIDCRequiredVPCSRequest
- type AWSOIDCRequiredVPCSResponse
- type AccessCapabilities
- type App
- type ApplicationAndFriendlyName
- type ChangedUserAuthn
- type Cluster
- type ConnectMyComputerLoginsListResponse
- type ConnectionDiagnostic
- type ConnectionDiagnosticTraceUI
- type Database
- type DatabaseService
- type DeployDatabaseServiceDeployment
- type Desktop
- type DesktopService
- type DiscoveryConfig
- type DiscoveryConfigsListResponse
- type EKSCluster
- type EKSClusterEnrollmentResult
- type Integration
- type IntegrationAWSOIDCSpec
- type IntegrationsListResponse
- type KubeCluster
- type KubeResource
- type Label
- type Lock
- type MFADevice
- type MakeAppsConfig
- type RecoveryCodes
- type ResetPasswordToken
- type ResourceItem
- type Server
- type UpdateDiscoveryConfigRequest
- type UpdateIntegrationRequest
- type User
- type UserContext
- type UserGroup
- type UserGroupAndDescription
- type UserListEntry
Constants ¶
View Source
const (
// LabelStatus is the label key containing the database status, e.g. "available"
LabelStatus = "status"
)
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type AWS ¶
type AWS struct {
// embeds types.AWS fields into this struct when des/serializing.
types.AWS `json:""`
// Status describes the current server status as reported by AWS.
// Currently this field is populated for AWS RDS Databases when Listing Databases using the AWS OIDC Integration
Status string `json:"status,omitempty"`
}
AWS contains AWS specific fields.
type AWSMetadata ¶
type AWSMetadata struct {
AccountID string `json:"accountId"`
InstanceID string `json:"instanceId"`
Region string `json:"region"`
VPCID string `json:"vpcId"`
Integration string `json:"integration"`
SubnetID string `json:"subnetId"`
}
AWSMetadata describes the AWS metadata for instances hosted in AWS. This type is the same as types.AWSInfo but has json fields in camelCase form for the WebUI.
type AWSOIDCDeployDatabaseServiceRequest ¶
type AWSOIDCDeployDatabaseServiceRequest struct {
// Region is the AWS Region for the Service.
Region string `json:"region"`
// TaskRoleARN is the AWS Role's ARN used within the Task execution.
// Ensure the AWS Client's Role has `iam:PassRole` for this Role's ARN.
// This can be either the ARN or the short name of the AWS Role.
TaskRoleARN string `json:"taskRoleArn"`
// Deployments is a list of Services to be deployed.
// If the target deployment already exists, the deployment is skipped.
Deployments []DeployDatabaseServiceDeployment `json:"deployments"`
}
AWSOIDCDeployDatabaseServiceRequest contains the required fields to perform a DeployService request. Each deployed DatabaseService will be proxying the resources that match the following labels: -region: <Region> -account-id: <AccountID> -vpc-id: <Deployments[].VPCID>
type AWSOIDCDeployDatabaseServiceResponse ¶
type AWSOIDCDeployDatabaseServiceResponse struct {
// ClusterARN is the Amazon ECS Cluster ARN where the Services were started.
ClusterARN string `json:"clusterArn"`
// ClusterDashboardURL is the URL for the Cluster Dashbord.
// Users can open this link and see which Services are running.
ClusterDashboardURL string `json:"clusterDashboardUrl"`
}
AWSOIDCDeployServiceDatabaseResponse contains links to the ECS Cluster Dashboard where the current status for each Service is displayed.
type AWSOIDCDeployEC2ICERequest ¶
type AWSOIDCDeployEC2ICERequest struct {
// Region is the AWS Region.
Region string `json:"region"`
// Endpoints is a list of endpoinst to create.
Endpoints []AWSOIDCDeployEC2ICERequestEndpoint `json:"endpoints"`
// SubnetID is the subnet id for the EC2 Instance Connect Endpoint.
// Deprecated: use Endpoints instead.
SubnetID string `json:"subnetId"`
// SecurityGroupIDs is the list of SecurityGroups to apply to the Endpoint.
// If not specified, the Endpoint will receive the default SG for the Subnet's VPC.
// Deprecated: use Endpoints instead.
SecurityGroupIDs []string `json:"securityGroupIds"`
}
AWSOIDCDeployEC2ICERequest is a request to create an AWS EC2 Instance Connect Endpoint.
type AWSOIDCDeployEC2ICERequestEndpoint ¶
type AWSOIDCDeployEC2ICERequestEndpoint struct {
// SubnetID is the subnet id for the EC2 Instance Connect Endpoint.
SubnetID string `json:"subnetId"`
// SecurityGroupIDs is the list of SecurityGroups to apply to the Endpoint.
// If not specified, the Endpoint will receive the default SG for the Subnet's VPC.
SecurityGroupIDs []string `json:"securityGroupIds"`
}
AWSOIDCDeployEC2ICERequestEndpoint is a single Endpoint that should be created.
type AWSOIDCDeployEC2ICEResponse ¶
type AWSOIDCDeployEC2ICEResponse struct {
// Name is the name of the endpoint that was created.
// If multiple endpoints were created, this will contain all of them joined by a `,`.
// Eg, eice-1,eice-2
// Deprecated: use Endpoints instead.
Name string `json:"name"`
// Endpoints is a list of created endpoints
Endpoints []AWSOIDCDeployEC2ICEResponseEndpoint `json:"endpoints"`
}
AWSOIDCDeployEC2ICEResponse is the response after creating an AWS EC2 Instance Connect Endpoint.
type AWSOIDCDeployEC2ICEResponseEndpoint ¶
type AWSOIDCDeployEC2ICEResponseEndpoint struct {
// Name is the EC2 Instance Connect Endpoint name.
Name string `json:"name"`
// SubnetID is the subnet where this endpoint was created.
SubnetID string `json:"subnetId"`
}
AWSOIDCDeployEC2ICEResponseEndpoint describes a single endpoint that was created.
type AWSOIDCDeployServiceRequest ¶
type AWSOIDCDeployServiceRequest struct {
// Region is the AWS Region for the Service.
Region string `json:"region"`
// AccountID is the AWS Account ID.
// Optional. sts.GetCallerIdentity is used if the value is not provided.
AccountID string `json:"accountId"`
// SubnetIDs associated with the Service.
// If deploying a Database Service, you should use the SubnetIDs returned by the List Database API call.
SubnetIDs []string `json:"subnetIds"`
// SecurityGroups to apply to the service's network configuration.
// If empty, the default security group for the VPC is going to be used.
SecurityGroups []string `json:"securityGroups"`
// ClusterName is the ECS Cluster to be used.
// Optional.
// Defaults to <teleport-cluster-name>-teleport, eg. acme-teleport
ClusterName *string `json:"clusterName"`
// ServiceName is the ECS Service that should be used.
// Optional.
// Defaults to <teleport-cluster-name>-teleport-service, eg acme-teleport-service
ServiceName *string `json:"serviceName"`
// TaskName is the ECS Task Definition family name.
// Optional.
// Defaults to <teleport-cluster-name>-teleport-<deployment-mode>, eg acme-teleport-database-service
TaskName *string `json:"taskName"`
// TaskRoleARN is the AWS Role's ARN used within the Task execution.
// Ensure the AWS Client's Role has `iam:PassRole` for this Role's ARN.
// This can be either the ARN or the short name of the AWS Role.
TaskRoleARN string `json:"taskRoleArn"`
// DeploymentMode is the deployment configuration for the service.
// This indicates what set of services should be deployed.
DeploymentMode string `json:"deploymentMode"`
// DatabaseAgentMatcherLabels are the labels to be used when deploying a Database Service.
// Those are the resource labels that the Service will monitor and proxy connections to.
DatabaseAgentMatcherLabels []Label `json:"databaseAgentMatcherLabels"`
}
AWSOIDCDeployServiceRequest contains the required fields to perform a DeployService request.
type AWSOIDCDeployServiceResponse ¶
type AWSOIDCDeployServiceResponse struct {
// ClusterARN is the Amazon ECS Cluster ARN where the task was started.
ClusterARN string `json:"clusterArn"`
// ServiceARN is the Amazon ECS Cluster Service ARN created to run the task.
ServiceARN string `json:"serviceArn"`
// TaskDefinitionARN is the Amazon ECS Task Definition ARN created to run the Service.
TaskDefinitionARN string `json:"taskDefinitionArn"`
// ServiceDashboardURL is a link to the service's Dashboard URL in Amazon Console.
ServiceDashboardURL string `json:"serviceDashboardUrl"`
}
AWSOIDCDeployServiceResponse contains the resources that were used to deploy a Teleport Service.
type AWSOIDCEnrollEKSClustersRequest ¶
type AWSOIDCEnrollEKSClustersRequest struct {
// Region is the AWS Region.
Region string `json:"region"`
// ClusterNames are names of the EKS clusters to enroll
ClusterNames []string `json:"clusterNames"`
// EnableAppDiscovery specifies if Teleport Kubernetes App discovery should be enabled inside enrolled clusters.
EnableAppDiscovery bool `json:"enableAppDiscovery"`
}
AWSOIDCEnrollEKSClustersRequest is a request to ListEKSClusters using the AWS OIDC Integration.
type AWSOIDCEnrollEKSClustersResponse ¶
type AWSOIDCEnrollEKSClustersResponse struct {
// Results contains enrollment result per EKS cluster.
Results []EKSClusterEnrollmentResult `json:"results"`
}
AWSOIDCEnrollEKSClustersResponse is a response to enrolling EKS cluster
type AWSOIDCListDatabasesRequest ¶
type AWSOIDCListDatabasesRequest struct {
// RDSType is either `instance` or `cluster`.
RDSType string `json:"rdsType"`
// Engines filters the returned Databases based on their engine.
// Eg, mysql, postgres, mariadb, aurora, aurora-mysql, aurora-postgresql
Engines []string `json:"engines"`
// Region is the AWS Region.
Region string `json:"region"`
// NextToken is the token to be used to fetch the next page.
// If empty, the first page is fetched.
NextToken string `json:"nextToken"`
}
AWSOIDCListDatabasesRequest is a request to ListDatabases using the AWS OIDC Integration.
type AWSOIDCListDatabasesResponse ¶
type AWSOIDCListDatabasesResponse struct {
// Databases contains the page of Databases
Databases []Database `json:"databases"`
// NextToken is used for pagination.
// If non-empty, it can be used to request the next page.
NextToken string `json:"nextToken,omitempty"`
}
AWSOIDCListDatabasesResponse contains a list of databases and a next token if more pages are available.
type AWSOIDCListEC2ICERequest ¶
type AWSOIDCListEC2ICERequest struct {
// Region is the AWS Region.
Region string `json:"region"`
// VPCID is the VPC to filter EC2 Instance Connect Endpoints.
// Deprecated: use VPCIDs instead.
VPCID string `json:"vpcId"`
// VPCIDs is a list of VPCs to filter EC2 Instance Connect Endpoints.
VPCIDs []string `json:"vpcIds"`
// NextToken is the token to be used to fetch the next page.
// If empty, the first page is fetched.
NextToken string `json:"nextToken"`
}
AWSOIDCListEC2ICERequest is a request to ListEC2ICEs using the AWS OIDC Integration.
type AWSOIDCListEC2ICEResponse ¶
type AWSOIDCListEC2ICEResponse struct {
// EC2ICEs contains the page of Endpoints
EC2ICEs []awsoidc.EC2InstanceConnectEndpoint `json:"ec2Ices"`
// DashboardLink is the URL for AWS Web Console that lists all the Endpoints for the queries VPCs.
DashboardLink string `json:"dashboardLink,omitempty"`
// NextToken is used for pagination.
// If non-empty, it can be used to request the next page.
NextToken string `json:"nextToken,omitempty"`
}
AWSOIDCListEC2ICEResponse contains a list of AWS Instance Connect Endpoints and a next token if more pages are available.
type AWSOIDCListEC2Request ¶
type AWSOIDCListEC2Request struct {
// Region is the AWS Region.
Region string `json:"region"`
// NextToken is the token to be used to fetch the next page.
// If empty, the first page is fetched.
NextToken string `json:"nextToken"`
}
AWSOIDCListEC2Request is a request to ListEC2s using the AWS OIDC Integration.
type AWSOIDCListEC2Response ¶
type AWSOIDCListEC2Response struct {
// Servers contains the page of Servers
Servers []Server `json:"servers"`
// NextToken is used for pagination.
// If non-empty, it can be used to request the next page.
NextToken string `json:"nextToken,omitempty"`
}
AWSOIDCListEC2Response contains a list of Servers and a next token if more pages are available.
type AWSOIDCListEKSClustersRequest ¶
type AWSOIDCListEKSClustersRequest struct {
// Region is the AWS Region.
Region string `json:"region"`
// NextToken is the token to be used to fetch the next page.
// If empty, the first page is fetched.
NextToken string `json:"nextToken"`
}
AWSOIDCListEKSClustersRequest is a request to ListEKSClusters using the AWS OIDC Integration.
type AWSOIDCListEKSClustersResponse ¶
type AWSOIDCListEKSClustersResponse struct {
// Clusters contains the page with list of EKSCluster
Clusters []EKSCluster `json:"clusters"`
// NextToken is used for pagination.
// If non-empty, it can be used to request the next page.
NextToken string `json:"nextToken,omitempty"`
}
AWSOIDCListEKSClustersResponse contains a list of clusters and a next token if more pages are available.
type AWSOIDCListSecurityGroupsRequest ¶
type AWSOIDCListSecurityGroupsRequest struct {
// Region is the AWS Region.
Region string `json:"region"`
// VPCID is the VPC to filter security groups by.
VPCID string `json:"vpcId"`
// NextToken is the token to be used to fetch the next page.
// If empty, the first page is fetched.
NextToken string `json:"nextToken"`
}
AWSOIDCListSecurityGroupsRequest is a request to ListSecurityGroups using the AWS OIDC Integration.
type AWSOIDCListSecurityGroupsResponse ¶
type AWSOIDCListSecurityGroupsResponse struct {
// SecurityGroups contains the page of SecurityGroups
SecurityGroups []awsoidc.SecurityGroup `json:"securityGroups"`
// NextToken is used for pagination.
// If non-empty, it can be used to request the next page.
NextToken string `json:"nextToken,omitempty"`
}
AWSOIDCListSecurityGroupsResponse contains a list of VPC Security Groups and a next token if more pages are available.
type AWSOIDCRequiredVPCSRequest ¶
type AWSOIDCRequiredVPCSRequest struct {
// Region is the AWS Region.
Region string `json:"region"`
// AccountID is the AWS Account ID.
AccountID string `json:"accountId"`
}
AWSOIDCRequiredVPCSRequest is a request to get required (missing) VPC's and its subnets.
type AWSOIDCRequiredVPCSResponse ¶
type AWSOIDCRequiredVPCSResponse struct {
// VPCMapOfSubnets is a map of vpc ids and its subnets.
// Will be empty if no vpc's are required.
VPCMapOfSubnets map[string][]string `json:"vpcMapOfSubnets"`
}
AWSOIDCRequiredVPCSResponse returns a list of required VPC's and its subnets.
type AccessCapabilities ¶
type AccessCapabilities struct {
// RequestableRoles is a list of roles that the user can select when requesting access.
RequestableRoles []string `json:"requestableRoles"`
// SuggestedReviewers is a list of reviewers that the user can select when creating a request.
SuggestedReviewers []string `json:"suggestedReviewers"`
}
AccessCapabilities defines allowable access request rules defined in a user's roles.
type App ¶
type App struct {
// Kind is the kind of resource. Used to parse which kind in a list of unified resources in the UI
Kind string `json:"kind"`
// Name is the name of the application.
Name string `json:"name"`
// Description is the app description.
Description string `json:"description"`
// URI is the internal address the application is available at.
URI string `json:"uri"`
// PublicAddr is the public address the application is accessible at.
PublicAddr string `json:"publicAddr"`
// FQDN is a fully qualified domain name of the application (app.example.com)
FQDN string `json:"fqdn"`
// ClusterID is this app cluster ID
ClusterID string `json:"clusterId"`
// Labels is a map of static labels associated with an application.
Labels []Label `json:"labels"`
// AWSConsole if true, indicates that the app represents AWS management console.
AWSConsole bool `json:"awsConsole"`
// AWSRoles is a list of AWS IAM roles for the application representing AWS console.
AWSRoles []aws.Role `json:"awsRoles,omitempty"`
// FriendlyName is a friendly name for the app.
FriendlyName string `json:"friendlyName,omitempty"`
// UserGroups is a list of associated user groups.
UserGroups []UserGroupAndDescription `json:"userGroups,omitempty"`
// SAMLApp if true, indicates that the app is a SAML Application (SAML IdP Service Provider)
SAMLApp bool `json:"samlApp,omitempty"`
}
App describes an application
func MakeApp ¶
func MakeApp(app types.Application, c MakeAppsConfig) App
MakeApp creates an application object for the WebUI.
func MakeApps ¶
func MakeApps(c MakeAppsConfig) []App
MakeApps creates application objects (either Application Servers or SAML IdP Service Provider) for the WebUI.
func MakeSAMLApp ¶
func MakeSAMLApp(app types.SAMLIdPServiceProvider, c MakeAppsConfig) App
MakeSAMLApp creates a SAMLIdPServiceProvider object for the WebUI. Keep in sync with lib/teleterm/apiserver/handler/handler_apps.go.
type ApplicationAndFriendlyName ¶
type ApplicationAndFriendlyName struct {
// Name is the name of the application.
Name string `json:"name"`
// FriendlyName is the friendly name of the application.
FriendlyName string `json:"friendlyName"`
}
ApplicationAndFriendlyName is an application name and its friendly name.
type ChangedUserAuthn ¶
type ChangedUserAuthn struct {
Recovery RecoveryCodes `json:"recovery"`
PrivateKeyPolicyEnabled bool `json:"privateKeyPolicyEnabled,omitempty"`
}
ChangedUserAuthn describes response after successfully changing authn.
type Cluster ¶
type Cluster struct {
// Name is the cluster name
Name string `json:"name"`
// LastConnected is the cluster last connected time
LastConnected time.Time `json:"lastConnected"`
// Status is the cluster status
Status string `json:"status"`
// PublicURL is this cluster public URL (its first available proxy URL),
// or possibly empty if no proxies could be loaded.
PublicURL string `json:"publicURL"`
// AuthVersion is the cluster auth's service version
AuthVersion string `json:"authVersion"`
// ProxyVersion is the cluster proxy's service version,
// or possibly empty if no proxies could be loaded.
ProxyVersion string `json:"proxyVersion"`
}
Cluster describes a cluster
func GetClusterDetails ¶
func GetClusterDetails(ctx context.Context, site reversetunnelclient.RemoteSite, opts ...services.MarshalOption) (*Cluster, error)
GetClusterDetails retrieves and sets details about a cluster
func NewClusters ¶
func NewClusters(remoteClusters []reversetunnelclient.RemoteSite) ([]Cluster, error)
NewClusters creates a slice of Cluster's, containing data about each cluster.
func NewClustersFromRemote ¶
func NewClustersFromRemote(remoteClusters []types.RemoteCluster) ([]Cluster, error)
NewClustersFromRemote creates a slice of Cluster's, containing data about each cluster.
type ConnectMyComputerLoginsListResponse ¶
type ConnectMyComputerLoginsListResponse struct {
Logins []string `json:"logins"`
}
ConnectMyComputerLoginsListResponse contains a list of logins available to the user through their Connect My Computer role. If the user does not have a Connect My Computer role assigned, the list will be empty.
type ConnectionDiagnostic ¶
type ConnectionDiagnostic struct {
// ID is the identifier of the connection diagnostic.
ID string `json:"id"`
// Success is whether the connection was successful
Success bool `json:"success"`
// Message is the diagnostic summary
Message string `json:"message"`
// Traces contains multiple checkpoints results
Traces []ConnectionDiagnosticTraceUI `json:"traces,omitempty"`
}
ConnectionDiagnostic describes a connection diagnostic.
type ConnectionDiagnosticTraceUI ¶
type ConnectionDiagnosticTraceUI struct {
// TraceType as string
TraceType string `json:"traceType,omitempty"`
// Status as string
Status string `json:"status,omitempty"`
// Details of the trace
Details string `json:"details,omitempty"`
// Error in case of failure
Error string `json:"error,omitempty"`
}
ConnectionDiagnosticTraceUI describes a connection diagnostic trace using a UI representation. This is required in order to have a more friendly representation of the enum fields - TraceType and Status. They are converted into string instead of using the numbers (as they are represented in gRPC).
func ConnectionDiagnosticTraceUIFromTypes ¶
func ConnectionDiagnosticTraceUIFromTypes(traces []*types.ConnectionDiagnosticTrace) []ConnectionDiagnosticTraceUI
ConnectionDiagnosticTraceUIFromTypes converts a list of ConnectionDiagnosticTrace into its format for HTTP API. This is mostly copying things around and converting the enum into a string value.
type Database ¶
type Database struct {
// Kind is the kind of resource. Used to parse which kind in a list of unified resources in the UI
Kind string `json:"kind"`
// Name is the name of the database.
Name string `json:"name"`
// Desc is the database description.
Desc string `json:"desc"`
// Protocol is the database description.
Protocol string `json:"protocol"`
// Type is the database type, self-hosted or cloud-hosted.
Type string `json:"type"`
// Labels is a map of static and dynamic labels associated with a database.
Labels []Label `json:"labels"`
// Hostname is the database connection endpoint (URI) hostname (without port and protocol).
Hostname string `json:"hostname"`
// URI of the database.
URI string `json:"uri"`
// DatabaseUsers is the list of allowed Database RBAC users that the user can login.
DatabaseUsers []string `json:"database_users,omitempty"`
// DatabaseNames is the list of allowed Database RBAC names that the user can login.
DatabaseNames []string `json:"database_names,omitempty"`
// AWS contains AWS specific fields.
AWS *AWS `json:"aws,omitempty"`
}
Database describes a database server.
func MakeDatabase ¶
MakeDatabase creates database objects.
type DatabaseService ¶
type DatabaseService struct {
// Name is the name of the database.
Name string `json:"name"`
// ResourceMatchers is a list of resource matchers of the DatabaseService.
ResourceMatchers []*types.DatabaseResourceMatcher `json:"resource_matchers"`
}
DatabaseService describes a DatabaseService resource.
func MakeDatabaseService ¶
func MakeDatabaseService(databaseService types.DatabaseService) DatabaseService
MakeDatabaseService creates DatabaseService resource.
func MakeDatabaseServices ¶
func MakeDatabaseServices(databaseServices []types.DatabaseService) []DatabaseService
MakeDatabaseServices creates database service objects.
type DeployDatabaseServiceDeployment ¶
type DeployDatabaseServiceDeployment struct {
// VPCID is the VPCID where the service is going to be deployed.
VPCID string `json:"vpcId"`
// SubnetIDs are the subnets for the network configuration.
// They must belong to the VPCID above.
SubnetIDs []string `json:"subnetIds"`
// SecurityGroups are the SecurityGroup IDs to associate with this particular deployment.
// If empty, the default security group for the VPC is going to be used.
SecurityGroups []string `json:"securityGroups"`
}
DeployDatabaseServiceDeployment identifies the required fields to deploy a DatabaseService.
type Desktop ¶
type Desktop struct {
// Kind is the kind of resource. Used to parse which kind in a list of unified resources in the UI
Kind string `json:"kind"`
// OS is the os of this desktop. Should be one of constants.WindowsOS, constants.LinuxOS, or constants.DarwinOS.
OS string `json:"os"`
// Name is name (uuid) of the windows desktop.
Name string `json:"name"`
// Addr is the network address the desktop can be reached at.
Addr string `json:"addr"`
// Labels is a map of static and dynamic labels associated with a desktop.
Labels []Label `json:"labels"`
// HostID is the ID of the Windows Desktop Service reporting the desktop.
HostID string `json:"host_id"`
// Logins is the list of logins this user can use on this desktop.
Logins []string `json:"logins"`
}
Desktop describes a desktop to pass to the ui.
func MakeDesktop ¶
func MakeDesktop(windowsDesktop types.WindowsDesktop, accessChecker services.AccessChecker) (Desktop, error)
MakeDesktop converts a desktop from its API form to a type the UI can display.
func MakeDesktops ¶
func MakeDesktops(windowsDesktops []types.WindowsDesktop, accessChecker services.AccessChecker) ([]Desktop, error)
MakeDesktops converts desktops from their API form to a type the UI can display.
type DesktopService ¶
type DesktopService struct {
// Name is hostname of the Windows Desktop Service.
Name string `json:"name"`
// Hostname is hostname of the Windows Desktop Service.
Hostname string `json:"hostname"`
// Addr is the network address the Windows Desktop Service can be reached at.
Addr string `json:"addr"`
// Labels is a map of static and dynamic labels associated with a desktop.
Labels []Label `json:"labels"`
}
DesktopService describes a desktop service to pass to the ui.
func MakeDesktopService ¶
func MakeDesktopService(desktopService types.WindowsDesktopService) DesktopService
MakeDesktop converts a desktop from its API form to a type the UI can display.
func MakeDesktopServices ¶
func MakeDesktopServices(windowsDesktopServices []types.WindowsDesktopService) []DesktopService
MakeDesktopServices converts desktops from their API form to a type the UI can display.
type DiscoveryConfig ¶
type DiscoveryConfig struct {
// Name is the DiscoveryConfig name.
Name string `json:"name,omitempty"`
// DiscoveryGroup is the Group of the DiscoveryConfig.
DiscoveryGroup string `json:"discoveryGroup,omitempty"`
// AWS is a list of matchers for AWS resources.
AWS []types.AWSMatcher `json:"aws,omitempty"`
// Azure is a list of matchers for Azure resources.
Azure []types.AzureMatcher `json:"azureMatchers,omitempty"`
// GCP is a list of matchers for GCP resources.
GCP []types.GCPMatcher `json:"gcpMatchers,omitempty"`
// Kube is a list of matchers for AWS resources.
Kube []types.KubernetesMatcher `json:"kube,omitempty"`
}
DiscoveryConfig describes DiscoveryConfig fields
func MakeDiscoveryConfig ¶
func MakeDiscoveryConfig(dc *discoveryconfig.DiscoveryConfig) DiscoveryConfig
MakeDiscoveryConfig creates a UI DiscoveryConfig representation.
func MakeDiscoveryConfigs ¶
func MakeDiscoveryConfigs(dcs []*discoveryconfig.DiscoveryConfig) []DiscoveryConfig
MakeDiscoveryConfigs creates a UI list of DiscoveryConfigs.
func (*DiscoveryConfig) CheckAndSetDefaults ¶
func (r *DiscoveryConfig) CheckAndSetDefaults() error
CheckAndSetDefaults for the create request. Name and SubKind is required.
type DiscoveryConfigsListResponse ¶
type DiscoveryConfigsListResponse struct {
// Items is a list of resources retrieved.
Items []DiscoveryConfig `json:"items"`
// NextKey is the position to resume listing events.
NextKey string `json:"nextKey"`
}
DiscoveryConfigsListResponse contains a list of DiscoveryConfigs. In case of exceeding the pagination limit (either via query param `limit` or the default 1000) a `nextToken` is provided and should be used to obtain the next page (as a query param `startKey`)
type EKSCluster ¶
type EKSCluster struct {
Name string `json:"name"`
Region string `json:"region"`
Arn string `json:"arn"`
Labels []Label `json:"labels"`
JoinLabels []Label `json:"joinLabels"`
Status string `json:"status"`
}
EKSCluster represents and EKS cluster, analog of awsoidc.EKSCluster, but used by web ui.
func MakeEKSClusters ¶
func MakeEKSClusters(clusters []awsoidc.EKSCluster) []EKSCluster
MakeEKSClusters creates EKS objects for the web UI.
type EKSClusterEnrollmentResult ¶
type EKSClusterEnrollmentResult struct {
// ClusterName is the name of EKS cluster that was enrolled.
ClusterName string `json:"clusterName"`
// ResourceId is the label with resource ID from the join token for the enrolled cluster, UI can check
// if when enrolled cluster appears in Teleport by using this ID.
ResourceId string `json:"resourceId"`
// Error is an error message, if enrollment was not successful.
Error string `json:"error"`
}
EKSClusterEnrollmentResult contains result/error for a single cluster enrollment.
type Integration ¶
type Integration struct {
// Name is the Integration name.
Name string `json:"name,omitempty"`
// SubKind is the Integration SubKind.
SubKind string `json:"subKind,omitempty"`
// AWSOIDC contains the fields for `aws-oidc` subkind integration.
AWSOIDC *IntegrationAWSOIDCSpec `json:"awsoidc,omitempty"`
}
Integration describes Integration fields
func MakeIntegration ¶
func MakeIntegration(ig types.Integration) Integration
MakeIntegration creates a UI Integration representation.
func MakeIntegrations ¶
func MakeIntegrations(igs []types.Integration) []Integration
MakeIntegrations creates a UI list of Integrations.
func (*Integration) CheckAndSetDefaults ¶
func (r *Integration) CheckAndSetDefaults() error
CheckAndSetDefaults for the create request. Name and SubKind is required.
type IntegrationAWSOIDCSpec ¶
type IntegrationAWSOIDCSpec struct {
// RoleARN is the role associated with the integration when SubKind is `aws-oidc`
RoleARN string `json:"roleArn,omitempty"`
}
IntegrationAWSOIDCSpec contain the specific fields for the `aws-oidc` subkind integration.
type IntegrationsListResponse ¶
type IntegrationsListResponse struct {
// Items is a list of resources retrieved.
Items []Integration `json:"items"`
// NextKey is the position to resume listing events.
NextKey string `json:"nextKey"`
}
IntegrationsListResponse contains a list of Integrations. In case of exceeding the pagination limit (either via query param `limit` or the default 1000) a `nextToken` is provided and should be used to obtain the next page (as a query param `startKey`)
type KubeCluster ¶
type KubeCluster struct {
// Kind is the kind of resource. Used to parse which kind in a list of unified resources in the UI
Kind string `json:"kind"`
// Name is the name of the kube cluster.
Name string `json:"name"`
// Labels is a map of static and dynamic labels associated with an kube cluster.
Labels []Label `json:"labels"`
// KubeUsers is the list of allowed Kubernetes RBAC users that the user can impersonate.
KubeUsers []string `json:"kubernetes_users"`
// KubeGroups is the list of allowed Kubernetes RBAC groups that the user can impersonate.
KubeGroups []string `json:"kubernetes_groups"`
}
KubeCluster describes a kube cluster.
func MakeKubeCluster ¶
func MakeKubeCluster(cluster types.KubeCluster, accessChecker services.AccessChecker) KubeCluster
MakeKubeCluster creates a kube cluster object for the web ui
func MakeKubeClusters ¶
func MakeKubeClusters(clusters []types.KubeCluster, accessChecker services.AccessChecker) []KubeCluster
MakeKubeClusters creates ui kube objects and returns a list.
type KubeResource ¶
type KubeResource struct {
// Kind is the kind of the Kubernetes resource.
// Curently supported kinds are: pod.
Kind string `json:"kind"`
// Name is the name of the Kubernetes resource.
Name string `json:"name"`
// Labels is a map of static associated with a Kubernetes resource.
Labels []Label `json:"labels"`
// Namespace is the Kubernetes namespace where the resource is located.
Namespace string `json:"namespace"`
// KubeCluster is the Kubernetes cluster the resource blongs to.
KubeCluster string `json:"cluster"`
}
KubeResource describes a Kubernetes resource.
func MakeKubeResources ¶
func MakeKubeResources(resources []*types.KubernetesResourceV1, cluster string) []KubeResource
MakeKubeResources creates ui kube resource objects and returns a list.
type Label ¶
type Label struct {
// Name is this label name
Name string `json:"name"`
// Value is this label value
Value string `json:"value"`
}
Label describes label for webapp
type Lock ¶
type Lock struct {
// Name is the name of this lock (uid).
Name string `json:"name"`
// Message is the message displayed to locked-out users.
Message string `json:"message"`
// Expires if set specifies when the lock ceases to be in force.
Expires string `json:"expires"`
// CreatedAt is the date time that the lock was created.
CreatedAt string `json:"createdAt"`
// CreatedBy is the username of the author of the lock.
CreatedBy string `json:"createdBy"`
// Target describes the set of interactions that the lock applies to.
Targets types.LockTarget `json:"targets"`
}
Lock describes a lock suitable for webapp.
type MFADevice ¶
type MFADevice struct {
// ID is the device ID.
ID string `json:"id"`
// Name is the device name.
Name string `json:"name"`
// Type is the device type.
Type string `json:"type"`
// LastUsed is the time the user used the device last.
LastUsed time.Time `json:"lastUsed"`
// AddedAt is the time the user registered the device.
AddedAt time.Time `json:"addedAt"`
// ResidentKey is true if the device is supports passwordless authentication.
// This field is set only for Webauthn devices.
ResidentKey bool `json:"residentKey"`
}
MFADevice describes a mfa device
func MakeMFADevices ¶
MakeMFADevices creates a UI list of mfa devices.
type MakeAppsConfig ¶
type MakeAppsConfig struct {
// LocalClusterName is the name of the local cluster.
LocalClusterName string
// LocalProxyDNSName is the public hostname of the local cluster.
LocalProxyDNSName string
// AppClusterName is the name of the cluster apps reside in.
AppClusterName string
// AppsToUserGroups is a mapping of application names to user groups.
AppsToUserGroups map[string]types.UserGroups
// AppServersAndSAMLIdPServiceProviders is a list of AppServers and SAMLIdPServiceProviders.
AppServersAndSAMLIdPServiceProviders types.AppServersOrSAMLIdPServiceProviders
// Identity is identity of the logged in user.
Identity *tlsca.Identity
// UserGroupLookup is a map of user groups to provide to each App
UserGroupLookup map[string]types.UserGroup
// Logger is a logger used for debugging while making an app
Logger logrus.FieldLogger
}
MakeAppsConfig contains parameters for converting apps to UI representation.
type RecoveryCodes ¶
type RecoveryCodes struct {
// Codes are user's new recovery codes.
Codes []string `json:"codes,omitempty"`
// Created is when the codes were created.
Created *time.Time `json:"created,omitempty"`
}
RecoveryCodes describes RecoveryCodes UI object.
type ResetPasswordToken ¶
type ResetPasswordToken struct {
// TokenID is token ID
TokenID string `json:"tokenId"`
// User is user name associated with this token
User string `json:"user"`
// QRCode is a QR code value
QRCode []byte `json:"qrCode,omitempty"`
// Expiry is token expiration time
Expiry time.Time `json:"expiry,omitempty"`
}
ResetPasswordToken describes a reset password token UI object.
type ResourceItem ¶
type ResourceItem struct {
// ID is a resource ID which is a composed value based on kind and name.
// It is a composed value because while a resource name is unique to that resource,
// the name can be the same for different resource type.
ID string `json:"id"`
// Kind is a resource kind.
Kind string `json:"kind"`
// Name is a resource name.
Name string `json:"name"`
// Description is an optional resource description.
Description string `json:"description,omitempty"`
// Content is resource yaml content.
Content string `json:"content"`
}
ResourceItem is UI representation of a resource (roles, trusted clusters, auth connectors).
func NewGithubConnectors ¶
func NewGithubConnectors(connectors []types.GithubConnector) ([]ResourceItem, error)
NewGithubConnectors creates resource item for each github connector.
func NewResourceItem ¶
func NewResourceItem(resource types.Resource) (*ResourceItem, error)
NewResourceItem creates UI objects for a resource.
func NewRoles ¶
func NewRoles(roles []types.Role) ([]ResourceItem, error)
NewRoles creates resource item for each role.
func NewTrustedClusters ¶
func NewTrustedClusters(clusters []types.TrustedCluster) ([]ResourceItem, error)
NewTrustedClusters creates resource item for each cluster.
type Server ¶
type Server struct {
// Kind is the kind of resource. Used to parse which kind in a list of unified resources in the UI
Kind string `json:"kind"`
// Tunnel indicates of this server is connected over a reverse tunnel.
Tunnel bool `json:"tunnel"`
// SubKind is a node subkind such as OpenSSH
SubKind string `json:"subKind"`
// Name is this server name
Name string `json:"id"`
// ClusterName is this server cluster name
ClusterName string `json:"siteId"`
// Hostname is this server hostname
Hostname string `json:"hostname"`
// Addrr is this server ip address
Addr string `json:"addr"`
// Labels is this server list of labels
Labels []Label `json:"tags"`
// SSHLogins is the list of logins this user can use on this server
SSHLogins []string `json:"sshLogins"`
// AWS contains metadata for instances hosted in AWS.
AWS *AWSMetadata `json:"aws,omitempty"`
}
Server describes a server for webapp
func MakeServer ¶
func MakeServer(clusterName string, server types.Server, accessChecker services.AccessChecker) (Server, error)
MakeServer creates a server object for the web ui
func MakeServers ¶
func MakeServers(clusterName string, servers []types.Server, accessChecker services.AccessChecker) ([]Server, error)
MakeServers creates server objects for webapp
type UpdateDiscoveryConfigRequest ¶
type UpdateDiscoveryConfigRequest struct {
// DiscoveryGroup is the Group of the DiscoveryConfig.
DiscoveryGroup string `json:"discoveryGroup,omitempty"`
// AWS is a list of matchers for AWS resources.
AWS []types.AWSMatcher `json:"aws,omitempty"`
// Azure is a list of matchers for Azure resources.
Azure []types.AzureMatcher `json:"azureMatchers,omitempty"`
// GCP is a list of matchers for GCP resources.
GCP []types.GCPMatcher `json:"gcpMatchers,omitempty"`
// Kube is a list of matchers for AWS resources.
Kube []types.KubernetesMatcher `json:"kube,omitempty"`
}
UpdateDiscoveryConfigRequest is a request to update a DiscoveryConfig
func (*UpdateDiscoveryConfigRequest) CheckAndSetDefaults ¶
func (r *UpdateDiscoveryConfigRequest) CheckAndSetDefaults() error
CheckAndSetDefaults checks if the provided values are valid.
type UpdateIntegrationRequest ¶
type UpdateIntegrationRequest struct {
// AWSOIDC contains the fields for `aws-oidc` subkind integration.
AWSOIDC *IntegrationAWSOIDCSpec `json:"awsoidc,omitempty"`
}
UpdateIntegrationRequest is a request to update an Integration
func (*UpdateIntegrationRequest) CheckAndSetDefaults ¶
func (r *UpdateIntegrationRequest) CheckAndSetDefaults() error
CheckAndSetDefaults checks if the provided values are valid.
type User ¶
type User struct {
UserListEntry
// Traits contain select fields that define traits for local accounts.
Traits userTraits `json:"traits"`
}
User contains data needed by the web UI to display locally saved users.
type UserContext ¶
type UserContext struct {
// AuthType is auth method of this user.
AuthType authType `json:"authType"`
// Name is this user name.
Name string `json:"userName"`
// ACL contains user access control list.
ACL services.UserACL `json:"userAcl"`
// Cluster contains cluster detail for this user's context.
Cluster *Cluster `json:"cluster"`
// AccessStrategy describes how a user should access teleport resources.
AccessStrategy accessStrategy `json:"accessStrategy"`
// AccessCapabilities defines allowable access request rules defined in a user's roles.
AccessCapabilities AccessCapabilities `json:"accessCapabilities"`
// ConsumedAccessRequestID is the request ID of the access request from which the assumed role was
// obtained
ConsumedAccessRequestID string `json:"accessRequestId,omitempty"`
// AllowedSearchAsRoles is the SearchAsRoles the user has access to for creating access requests.
AllowedSearchAsRoles []string `json:"allowedSearchAsRoles"`
}
UserContext describes user settings and access to various resources.
type UserGroup ¶
type UserGroup struct {
// Name is the name of the group.
Name string `json:"name"`
// Description is the description of the group.
Description string `json:"description"`
// Labels is the user group list of labels
Labels []Label `json:"labels"`
// FriendlyName is a friendly name for the user group.
FriendlyName string `json:"friendlyName,omitempty"`
// Applications is a list of associated applications.
Applications []ApplicationAndFriendlyName `json:"applications,omitempty"`
}
UserGroup describes a user group.
type UserGroupAndDescription ¶
type UserGroupAndDescription struct {
// Name is the name of the user group.
Name string `json:"name"`
// Description is the description of the user group.
Description string `json:"description"`
}
UserGroupAndDescription is a user group name and its description.
type UserListEntry ¶
type UserListEntry struct {
// Name is the user name.
Name string `json:"name"`
// Roles is the list of roles user belongs to.
Roles []string `json:"roles"`
// AuthType is the type of auth service
// that the user was authenticated through.
AuthType string `json:"authType"`
// AllTraits returns all the traits.
// Different from "userTraits" where "userTraits"
// "selectively" returns traits.
AllTraits map[string][]string `json:"allTraits"`
}
func NewUserListEntry ¶
func NewUserListEntry(teleUser types.User) (*UserListEntry, error)
Source Files
Click to show internal directories.
Click to hide internal directories.