aws

package
v0.85.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 30, 2024 License: Apache-2.0 Imports: 55 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	// S3URL is the S3 URL for making bucket API calls.
	S3URL = "s3.amazonaws.com"

	// DefaultAWSRegion is the default AWS region for AWS resources.
	DefaultAWSRegion = "us-east-1"

	// ClusterIDTagKey is the tag key used to tag resources with the cluster ID that
	// it belongs to
	ClusterIDTagKey = "CloudClusterID"

	// VpcAvailableTagKey is the tag key to determine if a VPC is currently in
	// use by a cluster or not.
	VpcAvailableTagKey = "tag:Available"

	// VpcAvailableTagValueTrue is the tag value for VpcAvailableTagKey when the
	// VPC is currently not in use by a cluster and can be claimed.
	VpcAvailableTagValueTrue = "true"

	// VpcAvailableTagValueFalse is the tag value for VpcAvailableTagKey when the
	// VPC is currently in use by a cluster and cannot be claimed.
	VpcAvailableTagValueFalse = "false"

	// VpcClusterIDTagKey is the tag key used to store the cluster ID of the
	// cluster running in that VPC.
	VpcClusterIDTagKey = "tag:" + ClusterIDTagKey

	// VpcClusterOwnerKey is the tag key  used to store the owner of the
	// cluster's human name so that the VPC's owner can be identified
	VpcClusterOwnerKey = "tag:CloudClusterOwner"

	// VpcNameTagKey is the tag key used to store name of the VPC.
	VpcNameTagKey = "tag:Name"

	// VpcClusterOwnerValueNone is the tag value for VpcClusterOwnerKey when
	// there is no cluster running in the VPC.
	VpcClusterOwnerValueNone = "none"

	// VpcClusterIDTagValueNone is the tag value for VpcClusterIDTagKey when
	// there is no cluster running in the VPC.
	VpcClusterIDTagValueNone = "none"

	// DefaultDatabaseMySQLVersion is the default version of MySQL used when
	// creating databases.
	DefaultDatabaseMySQLVersion = "8.0"

	// DefaultDatabasePostgresVersion is the default version of PostgreSQL used
	// when creating databases.
	DefaultDatabasePostgresVersion = "14.8"

	// DefaultDBSubnetGroupName is the default DB subnet group name used when
	// creating DB clusters. This group name is defined by the owner of the AWS
	// accounts and can be the same across all accounts.
	// Note: This needs to be manually created before RDS databases can be used.
	DefaultDBSubnetGroupName = "mattermost-databases"

	// DatabaseTypeMySQLAurora is a MySQL database running on AWS RDS Aurora.
	DatabaseTypeMySQLAurora = "MySQL/Aurora"

	// DatabaseTypePostgresSQLAurora is a PostgreSQL database running on AWS
	// RDS Aurora.
	DatabaseTypePostgresSQLAurora = "PostgreSQL/Aurora"

	// CloudInstallationDatabaseTagKey is the common tag key for determing
	// database type.
	CloudInstallationDatabaseTagKey = "tag:MattermostCloudInstallationDatabase"

	// DefaultDBSecurityGroupTagKey is the default DB security group tag key
	// that is used to find security groups to use in configuration of the RDS
	// database.
	// Note: This needs to be manually created before RDS databases can be used.
	DefaultDBSecurityGroupTagKey = "tag:MattermostCloudInstallationDatabase"

	// DefaultDBSecurityGroupTagMySQLValue is the default DB security group tag
	// value that is used to find MySQL security groups to use in configuration
	// of the RDS database.
	// Note: This needs to be manually created before MySQL RDS databases can be
	// used.
	DefaultDBSecurityGroupTagMySQLValue = DatabaseTypeMySQLAurora

	// DefaultDBSecurityGroupTagPostgresValue is the default DB security group
	// tag value that is used to find Postgres security groups to use in
	// configuration of the RDS database.
	// Note: This needs to be manually created before MySQL RDS databases can be
	// used.
	DefaultDBSecurityGroupTagPostgresValue = DatabaseTypePostgresSQLAurora

	// DefaultDBSubnetGroupTagKey is the default DB subnet group tag key that is
	// used to find subnet groups to use in configuration of the RDS database.
	// Note: This needs to be manually created before RDS databases can be used.
	DefaultDBSubnetGroupTagKey = "tag:MattermostCloudInstallationDatabase"

	// DefaultDBSubnetGroupTagValue is the default DB subnet group tag value
	// that is used to find subnet groups to use in configuration of the RDS
	// database.
	// Note: This needs to be manually created before RDS databases can be used.
	DefaultDBSubnetGroupTagValue = DatabaseTypeMySQLAurora

	// DefaultInstallPrivateCertificatesTagKey is the default key used to find the private
	// TLS certificate ARN.
	DefaultInstallPrivateCertificatesTagKey = "tag:MattermostCloudPrivateCertificates"

	// DefaultInstallPrivateCertificatesTagValue is the default value used to find the private
	// TLS certificate ARN.
	DefaultInstallPrivateCertificatesTagValue = "true"

	// DefaultInstallCertificatesTagKey is the default key used to find the server
	// TLS certificate ARN.
	DefaultInstallCertificatesTagKey = "tag:MattermostCloudInstallationCertificates"

	// DefaultInstallCertificatesTagValue is the default value used to find the server
	// TLS certificate ARN.
	DefaultInstallCertificatesTagValue = "true"

	// DefaultCloudDNSTagKey is the default key used to find private and public hosted
	// zone IDs in AWS Route53.
	DefaultCloudDNSTagKey = "tag:MattermostCloudDNS"

	// DefaultAuditLogsCoreSecurityTagKey is the default key used to find its value which
	// has the format URL:port in which we send audit logs for each environment.
	// This URL is in Core Account and port is different for each environment
	//This tag exists in the Route53 Private hosted zones
	DefaultAuditLogsCoreSecurityTagKey = "tag:AuditLogsCoreSecurity"

	// DefaultPrivateCloudDNSTagValue is the default value used to find private hosted
	// zone ID in AWS Route53.
	DefaultPrivateCloudDNSTagValue = "private"

	// DefaultPublicCloudDNSTagValue is the default value used to find public hosted
	// zone ID in AWS Route53.
	DefaultPublicCloudDNSTagValue = "public"

	// HibernatingInstallationResourceRecordIDPrefix is a prefix given to AWS
	// route53 resource records when the installation it points to is hibernating.
	HibernatingInstallationResourceRecordIDPrefix = "[hibernating] "

	// CustomNodePolicyName is the name of the custom IAM policy that will be
	// attached in Kops Instance Profile.
	CustomNodePolicyName = "cloud-provisioning-node-policy"

	// VeleroNodePolicyName is the name of the velero IAM policy that will be
	// attached in Kops Instance Profile.
	VeleroNodePolicyName = "cloud-provisioning-node-policy-velero"

	// DefaultMultitenantDatabaseCounterTagKey is the default key used to
	// identify the counter tag used in RDS multitenant database clusters.
	DefaultMultitenantDatabaseCounterTagKey = "tag:Counter"

	// DefaultClusterInstallationSnapshotTagKey is used for tagging snapshots
	// of a cluster installation.
	DefaultClusterInstallationSnapshotTagKey = "tag:ClusterInstallationSnapshot"

	// DefaultAWSClientRetries supplies how many time the AWS client will
	// retry a failed call.
	DefaultAWSClientRetries = 3

	// KMSMaxTimeEncryptionKeyDeletion is the maximum number of days that
	// AWS will take to delete an encryption key.
	KMSMaxTimeEncryptionKeyDeletion = 30

	// DefaultMySQLContextTimeSeconds is the number of seconds that a SQL
	// client will take before cancel a call to the database.
	DefaultMySQLContextTimeSeconds = 30

	// DefaultPostgresContextTimeSeconds is the number of seconds that a SQL
	// client will take before cancel a call to a postgres database.
	DefaultPostgresContextTimeSeconds = 30

	// DefaultRDSMultitenantDatabaseMySQLCountLimit is the maximum number of
	// schemas allowed in a MySQL multitenant RDS database cluster.
	DefaultRDSMultitenantDatabaseMySQLCountLimit = 10

	// DefaultRDSMultitenantDatabasePostgresCountLimit is the maximum number of
	// schemas allowed in a Postgres multitenant RDS database cluster.
	DefaultRDSMultitenantDatabasePostgresCountLimit = 300

	// DefaultRDSMultitenantPGBouncerDatabasePostgresCountLimit is the maximum
	// number of schemas allowed in a Postgres multitenant RDS database cluster
	// with a PGBouncer proxy.
	DefaultRDSMultitenantPGBouncerDatabasePostgresCountLimit = 2500

	// DefaultRDSMultitenantPerseusDatabasePostgresCountLimit is the maximum
	// number of schemas allowed in a Postgres multitenant RDS database cluster
	// with a Perseus proxy.
	DefaultRDSMultitenantPerseusDatabasePostgresCountLimit = 2500

	// RDSMultitenantDBClusterResourceNamePrefix identifies the prefix
	// used for naming multitenant RDS DB cluster resources.
	// For example: "rds-cluster-multitenant-00000000000000000-a0000000"
	// Warning:
	// changing this value may cause the provisioner to not find some AWS resources.
	RDSMultitenantDBClusterResourceNamePrefix = "rds-cluster-multitenant"

	// DefaultMattermostInstallationIDTagKey is the default name used for
	// tagging resources with an installation ID.
	DefaultMattermostInstallationIDTagKey = "tag:InstallationId"

	// DefaultMattermostDatabaseUsername is the default username used for
	// connecting to a Mattermost database.
	// Warning:
	// changing this value may break the connection to existing installations.
	DefaultMattermostDatabaseUsername = "mmcloud"

	// DefaultPGBouncerAuthUsername is the default username used for authorizing
	// pgbouncer connections to a shared database.
	// Warning:
	// changing this value may break the connection to existing databases.
	DefaultPGBouncerAuthUsername = "pgbouncer"

	// DefaultPerseusAuthDatabaseName is the default database name used for
	// authorizing perseus connections to a database.
	// Warning:
	// changing this value may break the connection to existing databases.
	DefaultPerseusAuthDatabaseName = "perseus"

	// DefaultPerseusAuthUsername is the default username used for authorizing
	// perseus connections to a database.
	// Warning:
	// changing this value may break the connection to existing databases.
	DefaultPerseusAuthUsername = "perseus_auth"

	// DefaultPerseusDatabaseUsername is the default perseus username used for
	// connecting to shared multitenant databases.
	// Warning:
	// changing this value may break the connection to existing databases.
	DefaultPerseusDatabaseUsername = "perseus"

	// DefaultResourceTypeClusterRDS is the default resource type used by
	// AWS to identify an RDS cluster.
	DefaultResourceTypeClusterRDS = "rds:cluster"

	// DefaultRDSStatusAvailable identify that a RDS cluster is in available
	// state.
	DefaultRDSStatusAvailable = "available"

	// DefaultRDSEncryptionTagKey in the default tag key used for tagging
	// RDS encryption keys
	// Warning:
	// changing this value will break the connection to AWS resources for existing installations.
	DefaultRDSEncryptionTagKey = "rds-encryption-key"

	// VpcIDTagKey is the key used to identify resources belonging to a given
	// VPC.
	// Warning:
	// changing this value will break the connection to AWS resources for existing installations.
	VpcIDTagKey = "tag:VpcID"

	// FilestoreMultitenantS3TagKey is the key used to identify S3 buckets that
	// provide multitenant filestores.
	// Warning:
	// changing this value will break the connection to AWS resources for existing installations.
	FilestoreMultitenantS3TagKey = "tag:Filestore"

	// FilestoreMultitenantS3TagValue is FilestoreMultitenantS3TagKey value for
	// S3 multitenant databases.
	// Warning:
	// changing this value will break the connection to AWS resources for existing installations.
	FilestoreMultitenantS3TagValue = "Multitenant"

	// DefaultRDSMultitenantDatabaseIDTagKey is the key used to identify a
	// multitenant RDS database clusters.
	// Warning:
	// changing this value will break the connection to AWS resources for existing installations.
	DefaultRDSMultitenantDatabaseIDTagKey = "tag:MultitenantDatabaseID"

	// DefaultPerseusAuthDatabaseIDTagKey is the key used to identify the RDS
	// cluster ID for Perseus authentication data.
	// Warning:
	// changing this value will break the connection to AWS resources for existing installations.
	DefaultPerseusAuthDatabaseIDTagKey = "tag:PerseusAuthDatabaseID"

	// DefaultRDSMultitenantDatabaseTypeTagKey is the key used to identify a
	// multitenant RDS database clusters.
	// Warning:
	// changing this value will break the connection to AWS resources for existing installations.
	DefaultRDSMultitenantDatabaseTypeTagKey = "tag:DatabaseType"

	// DefaultRDSMultitenantDatabaseTypeTagValue key used to identify a
	// multitenant database cluster of type multitenant-rds.
	// Warning:
	// changing this value will break the connection to AWS resources for existing installations.
	DefaultRDSMultitenantDatabaseTypeTagValue = "multitenant-rds"

	// DefaultRDSMultitenantDatabaseDBProxyTypeTagValue key used to identify a
	// multitenant database cluster with pooled connections of type
	// multitenant-rds-dbproxy.
	// Warning:
	// changing this value will break the connection to AWS resources for existing installations.
	DefaultRDSMultitenantDatabaseDBProxyTypeTagValue = "multitenant-rds-dbproxy"

	// DefaultRDSMultitenantDatabasePerseusTypeTagValue key used to identify a
	// multitenant database cluster with pooled connections of type
	// multitenant-rds-multitenant-rds-perseus.
	// Warning:
	// changing this value will break the connection to AWS resources for existing installations.
	DefaultRDSMultitenantDatabasePerseusTypeTagValue = "multitenant-rds-perseus"

	// DefaultPerseusAuthDatabaseTagKey is the key used to identify a database
	// that should be used for storing authentication data for shared Perseus
	// databases.
	// Warning:
	// changing this value will break the connection to AWS resources for existing installations.
	DefaultPerseusAuthDatabaseTagKey = "tag:PerseusAuthDatabase"

	// DefaultPerseusAuthDatabaseTagValue is the value used to identify a database
	// that should be used for storing authentication data for shared Perseus
	// databases.
	// Warning:
	// changing this value will break the connection to AWS resources for existing installations.
	DefaultPerseusAuthDatabaseTagValue = "true"

	// RDSMultitenantPurposeTagKey is the key used to identify the purpose
	// of an RDS cluster.
	// Warning:
	// changing this value will break the connection to AWS resources for existing installations.
	RDSMultitenantPurposeTagKey = "tag:Purpose"

	// RDSMultitenantPurposeTagValueProvisioning is one of the purposes of
	// an RDS cluster.
	// Warning:
	// changing this value will break the connection to AWS resources for existing installations.
	RDSMultitenantPurposeTagValueProvisioning = "provisioning"

	// RDSMultitenantOwnerTagKey identifies who owns the RDS cluster.
	// Warning:
	// changing this value will break the connection to AWS resources for existing installations.
	RDSMultitenantOwnerTagKey = "tag:Owner"

	// RDSMultitenantInstallationCounterTagKey identifies the number of
	// installations in the RDS cluster.
	// Warning:
	// changing this value will break the connection to AWS resources for existing installations.
	RDSMultitenantInstallationCounterTagKey = "tag:Counter"

	// RDSMultitenantOwnerTagValueCloudTeam identifies that cloud team
	// owns the RDS cluster.
	// Warning:
	// changing this value will break the connection to AWS resources for existing installations.
	RDSMultitenantOwnerTagValueCloudTeam = "cloud-team"

	// DefaultAWSTerraformProvisionedKey identifies wether or not a AWS
	// resource has been provisioned via Terraform.
	// Warning:
	// changing this value will break the connection to AWS resources for existing installations.
	DefaultAWSTerraformProvisionedKey = "Terraform"

	// DefaultAWSTerraformProvisionedValueTrue indicates that the AWS
	// resource has been provisioned via Terraform.
	// Warning:
	// changing this value will break the connection to AWS resources for existing installations.
	DefaultAWSTerraformProvisionedValueTrue = "true"

	// VpcSecondaryClusterIDTagKey is the tag key used to store the secondary cluster ID of the
	// cluster running in that VPC.
	VpcSecondaryClusterIDTagKey = "tag:CloudSecondaryClusterID"
)

Variables

This section is empty.

Functions

func CloudID added in v0.7.0 

func CloudID(id string) string

CloudID returns the standard ID used for AWS resource names. This ID is used to correlate installations to AWS resources.

func DBSubnetGroupName added in v0.17.0 

func DBSubnetGroupName(vpcID string) string

DBSubnetGroupName formats the subnet group name used for RDS databases.

func ExternalDatabaseName added in v0.63.0 

func ExternalDatabaseName(installationID string) string

ExternalDatabaseName formats the name of an externally managed database.

func GetAWSRegion added in v0.70.0 

func GetAWSRegion() string

GetAWSRegion returns the currently setup AWS region with sensible defaults for components that only require the region and not a full AWSConfig object

func IAMSecretName added in v0.8.0 

func IAMSecretName(cloudID string) string

IAMSecretName returns the IAM Access Key secret name for a given Cloud ID.

func IsErrorCode added in v0.18.0 

func IsErrorCode(err error, code string) bool

IsErrorCode asserts that an AWS error has a certain code.

func IsErrorPermissionDuplicate added in v0.64.0 

func IsErrorPermissionDuplicate(err error) bool

IsErrorPermissionDuplicate asserts that an AWS error is InvalidPermission.Duplicate.

func IsErrorPermissionNotFound added in v0.64.0 

func IsErrorPermissionNotFound(err error) bool

IsErrorPermissionNotFound asserts that an AWS error is InvalidPermission.NotFound.

func IsErrorResourceInUseException added in v0.63.0 

func IsErrorResourceInUseException(err error) bool

IsErrorResourceInUseException asserts that an AWS error is ResourceInUseException.

func IsErrorResourceNotFound added in v0.63.0 

func IsErrorResourceNotFound(err error) bool

IsErrorResourceNotFound asserts that an AWS error is ResourceNotFoundException.

func KMSAliasNameRDS added in v0.19.0 

func KMSAliasNameRDS(awsID string) string

KMSAliasNameRDS formats the alias name associated with a KMS encryption key used specifically for RDS databases.

func KMSKeyDescriptionRDS added in v0.19.0 

func KMSKeyDescriptionRDS(awsID string) string

KMSKeyDescriptionRDS formats the description of an KMS key used for encrypting a RDS cluster.

func MattermostMultitenantDatabaseUsername added in v0.47.0 

func MattermostMultitenantDatabaseUsername(installationID string) string

MattermostMultitenantDatabaseUsername formats the name of a Mattermost user for use in a multitenant database.

func MattermostMultitenantS3Name added in v0.29.0 

func MattermostMultitenantS3Name(environmentName, vpcID string) string

MattermostMultitenantS3Name formats the name of a Mattermost S3 multitenant filestore bucket name.

func MattermostMySQLConnStrings added in v0.30.0 

func MattermostMySQLConnStrings(schema, username, password string, dbCluster *rdsTypes.DBCluster) (string, string)

MattermostMySQLConnStrings formats the connection string used for accessing a Mattermost database.

func MattermostPGBouncerDatabaseUsername added in v0.46.1 

func MattermostPGBouncerDatabaseUsername(installationID string) string

MattermostPGBouncerDatabaseUsername formats the name of a Mattermost user for use in a PGBouncer database.

func MattermostPerseusConnStrings added in v0.70.0 

func MattermostPerseusConnStrings(username, password, database string) (string, string, string)

MattermostPerseusConnStrings formats the connection strings used by Mattermost servers to access a PostgreSQL database with a Perseus proxy.

Regarding binary_parameters: https://blog.bullgare.com/2019/06/pgbouncer-and-prepared-statements

func MattermostPerseusDatabaseUsername added in v0.70.0 

func MattermostPerseusDatabaseUsername(installationID string) string

MattermostPerseusDatabaseUsername formats the name of a Mattermost user for use in a Perseus database.

func MattermostPostgresConnStrings added in v0.30.0 

func MattermostPostgresConnStrings(schema, username, password string, dbCluster *rdsTypes.DBCluster) (string, string)

MattermostPostgresConnStrings formats the connection strings used by Mattermost servers to access a PostgreSQL database.

func MattermostPostgresPGBouncerConnStrings added in v0.46.1 

func MattermostPostgresPGBouncerConnStrings(username, password, database string) (string, string, string)

MattermostPostgresPGBouncerConnStrings formats the connection strings used by Mattermost servers to access a PostgreSQL database with a PGBouncer proxy.

Regarding binary_parameters: https://blog.bullgare.com/2019/06/pgbouncer-and-prepared-statements

func MattermostRDSDatabaseName added in v0.19.0 

func MattermostRDSDatabaseName(installationID string) string

MattermostRDSDatabaseName formats the name of a Mattermost RDS database schema.

func NewAWSConfig added in v0.67.0 

func NewAWSConfig(ctx context.Context) (aws.Config, error)

NewAWSConfig retrieves the default AWS configuration from a central place for the SDK v2, using a default region if it cannot be loaded. To get the order in which the configuration is loaded read the docstring for LoadDefaultConfig

func PGBouncerAuthUserSecretName added in v0.46.1 

func PGBouncerAuthUserSecretName(vpcID string) string

PGBouncerAuthUserSecretName formats the name of a secret used for the pgbouncer auth user.

func PerseusAuthUserSecretName added in v0.70.0 

func PerseusAuthUserSecretName(vpcID string) string

PerseusAuthUserSecretName formats the name of a secret used for the perseus authentication database user.

func PerseusDatabaseUserSecretName added in v0.70.0 

func PerseusDatabaseUserSecretName(rdsID string) string

PerseusDatabaseUserSecretName formats the name of a secret used for the perseus database user.

func PerseusIAMUserSecretName added in v0.70.0 

func PerseusIAMUserSecretName(vpcID string) string

PerseusIAMUserSecretName formats the name of a secret used for the perseus IAM user.

func PerseusInstallationSecretName added in v0.70.0 

func PerseusInstallationSecretName(id string) string

PerseusInstallationSecretName formats the name of an installation secret used in a Perseus database.

func PerseusKMSAliasName added in v0.70.0 

func PerseusKMSAliasName(vpcID string) string

PerseusKMSAliasName formats the name of a KMS alias used for the perseus encrytption and decryption.

func RDSMasterInstanceID added in v0.17.0 

func RDSMasterInstanceID(installationID string) string

RDSMasterInstanceID formats the name used for RDS database master instances.

func RDSMigrationInstanceID added in v0.18.0 

func RDSMigrationInstanceID(installationID string) string

RDSMigrationInstanceID formats the name used for migrated RDS database instances.

func RDSMultitenantClusterSecretDescription added in v0.19.0 

func RDSMultitenantClusterSecretDescription(installationID, rdsClusterID string) string

RDSMultitenantClusterSecretDescription formats the text used for describing a multitenant database's secret key.

func RDSMultitenantPGBouncerClusterSecretDescription added in v0.46.1 

func RDSMultitenantPGBouncerClusterSecretDescription(vpcID string) string

RDSMultitenantPGBouncerClusterSecretDescription formats the text used for describing a PGBouncer auth user secret key.

func RDSMultitenantPGBouncerSecretName added in v0.46.1 

func RDSMultitenantPGBouncerSecretName(id string) string

RDSMultitenantPGBouncerSecretName formats the name of a secret used in a multitenant PGBouncer RDS database.

func RDSMultitenantPerseusAuthSecretDescription added in v0.70.0 

func RDSMultitenantPerseusAuthSecretDescription(vpcID string) string

RDSMultitenantPerseusAuthSecretDescription formats the text used for describing a Perseus auth database user secret key.

func RDSMultitenantPerseusClusterSecretDescription added in v0.70.0 

func RDSMultitenantPerseusClusterSecretDescription(rdsID string) string

RDSMultitenantPerseusClusterSecretDescription formats the text used for describing a Perseus multitenant database user secret key.

func RDSMultitenantSecretName added in v0.19.0 

func RDSMultitenantSecretName(id string) string

RDSMultitenantSecretName formats the name of a secret used in a multitenant RDS database.

func RDSMySQLConnString added in v0.19.0 

func RDSMySQLConnString(schema, endpoint, username, password string) string

RDSMySQLConnString formats the connection string used by the provisioner for accessing a MySQL RDS cluster.

func RDSPostgresConnString added in v0.25.0 

func RDSPostgresConnString(schema, endpoint, username, password string) string

RDSPostgresConnString formats the connection string used by the provisioner for accessing a Postgres RDS cluster.

func RDSReplicaInstanceID added in v0.35.0 

func RDSReplicaInstanceID(installationID string, id int) string

RDSReplicaInstanceID formats the name used for RDS database replica instances.

func RDSSecretName added in v0.8.0 

func RDSSecretName(cloudID string) string

RDSSecretName returns the RDS secret name for a given Cloud ID.

func RDSSnapshotTagValue added in v0.17.0 

func RDSSnapshotTagValue(cloudID string) string

RDSSnapshotTagValue returns the value for tagging a RDS snapshot.

Types

type ACMAPI added in v0.67.0 

type ACMAPI interface {
	ListCertificates(ctx context.Context, params *acm.ListCertificatesInput, optFns ...func(*acm.Options)) (*acm.ListCertificatesOutput, error)
	ListTagsForCertificate(ctx context.Context, params *acm.ListTagsForCertificateInput, optFns ...func(*acm.Options)) (*acm.ListTagsForCertificateOutput, error)
}

ACMAPI represents the series of calls we require from the AWS SDK v2 ACM Client

type AWS 

type AWS interface {
	GetCertificateSummaryByTag(key, value string, logger log.FieldLogger) (*model.Certificate, error)

	GetCloudEnvironmentName() string

	GetAndClaimVpcResources(cluster *model.Cluster, owner string, logger log.FieldLogger) (ClusterResources, error)
	ClaimVPC(vpcID string, cluster *model.Cluster, owner string, logger log.FieldLogger) (ClusterResources, error)
	ReleaseVpc(cluster *model.Cluster, logger log.FieldLogger) error
	GetClaimedVPC(clusterID string, logger log.FieldLogger) (string, error)
	AttachPolicyToRole(roleName, policyName string, logger log.FieldLogger) error
	DetachPolicyFromRole(roleName, policyName string, logger log.FieldLogger) error
	ClaimSecurityGroups(cluster *model.Cluster, ngNames string, vpcID string, logger log.FieldLogger) ([]string, error)

	GetPrivateZoneDomainName(logger log.FieldLogger) (string, error)

	CreatePrivateCNAME(dnsName string, dnsEndpoints []string, logger log.FieldLogger) error
	IsProvisionedPrivateCNAME(dnsName string, logger log.FieldLogger) bool
	DeletePrivateCNAME(dnsName string, logger log.FieldLogger) error
	DeletePublicCNAMEs(dnsName []string, logger log.FieldLogger) error
	UpsertPublicCNAMEs(dnsNames []string, endpoints []string, logger log.FieldLogger) error

	IsValidAMI(AMIImage string, logger log.FieldLogger) (bool, error)

	S3EnsureBucketDeleted(bucketName string, logger log.FieldLogger) error
	S3EnsureObjectDeleted(bucketName, path string) error
	S3LargeCopy(srcBucketName, srcKey, destBucketName, destKey *string, logger log.FieldLogger) error
	GetMultitenantBucketNameForInstallation(installationID string, store model.InstallationDatabaseStoreInterface) (string, error)
	GetS3RegionURL() string

	GeneratePerseusUtilitySecret(clusterID string, logger log.FieldLogger) (*corev1.Secret, error)
	GenerateBifrostUtilitySecret(clusterID string, logger log.FieldLogger) (*corev1.Secret, error)
	GetCIDRByVPCTag(vpcTagName string, logger log.FieldLogger) (string, error)

	FixSubnetTagsForVPC(vpc string, logger log.FieldLogger) error

	SecretsManagerGetPGBouncerAuthUserPassword(vpcID string) (string, error)

	EnsureEKSCluster(cluster *model.Cluster, resources ClusterResources) (*eksTypes.Cluster, error)
	EnsureEKSClusterUpdated(cluster *model.Cluster) (*eksTypes.Update, error)
	EnsureEKSNodeGroup(cluster *model.Cluster, nodeGroupPrefix string) (*eksTypes.Nodegroup, error)
	EnsureEKSNodeGroupMigrated(cluster *model.Cluster, nodeGroupPrefix string) error
	GetActiveEKSCluster(clusterName string) (*eksTypes.Cluster, error)
	GetActiveEKSNodeGroup(clusterName, nodeGroupName string) (*eksTypes.Nodegroup, error)
	EnsureEKSNodeGroupDeleted(clusterName, nodeGroupName string) error
	EnsureEKSClusterDeleted(clusterName string) error
	InstallEKSAddons(cluster *model.Cluster) error
	WaitForActiveEKSCluster(clusterName string, timeout int) (*eksTypes.Cluster, error)
	WaitForActiveEKSNodeGroup(clusterName, nodeGroupName string, timeout int) (*eksTypes.Nodegroup, error)
	WaitForEKSNodeGroupToBeDeleted(clusterName, nodeGroupName string, timeout int) error
	WaitForEKSClusterToBeDeleted(clusterName string, timeout int) error
	WaitForEKSClusterUpdateToBeCompleted(clusterName, updateID string, timeout int) error

	CreateLaunchTemplate(data *model.LaunchTemplateData) error
	IsLaunchTemplateAvailable(launchTemplateName string) (bool, error)
	UpdateLaunchTemplate(data *model.LaunchTemplateData) error
	DeleteLaunchTemplate(launchTemplateName string) error

	GetRegion() string
	GetAccountID() (string, error)

	GetLoadBalancerAPIByType(string) ELB
}

AWS interface for use by other packages.

type BifrostFilestore added in v0.33.0 

type BifrostFilestore struct {
	// contains filtered or unexported fields
}

BifrostFilestore is a filestore backed by a shared AWS S3 bucket with access controlled by bifrost.

func NewBifrostFilestore added in v0.33.0 

func NewBifrostFilestore(installationID string, awsClient *Client) *BifrostFilestore

NewBifrostFilestore returns a new NewBifrostFilestore interface.

func (*BifrostFilestore) GenerateFilestoreSpecAndSecret added in v0.33.0 

func (f *BifrostFilestore) GenerateFilestoreSpecAndSecret(store model.InstallationDatabaseStoreInterface, logger log.FieldLogger) (*model.FilestoreConfig, *corev1.Secret, error)

GenerateFilestoreSpecAndSecret creates the k8s filestore spec and secret for accessing the shared S3 bucket.

func (*BifrostFilestore) Provision added in v0.33.0 

func (f *BifrostFilestore) Provision(store model.InstallationDatabaseStoreInterface, logger log.FieldLogger) error

Provision completes all the steps necessary to provision an S3 multitenant filestore.

func (*BifrostFilestore) Teardown added in v0.33.0 

func (f *BifrostFilestore) Teardown(keepData bool, store model.InstallationDatabaseStoreInterface, logger log.FieldLogger) error

Teardown removes all AWS resources related to a shared S3 filestore.

type Client 

type Client struct {
	// contains filtered or unexported fields
}

Client is a client for interacting with AWS resources in a single AWS account.

func NewAWSClientWithConfig added in v0.17.0 

func NewAWSClientWithConfig(config *aws.Config, logger log.FieldLogger) (*Client, error)

NewAWSClientWithConfig returns a new instance of Client with a custom configuration.

func (*Client) AddSQLStore added in v0.10.0 

func (c *Client) AddSQLStore(store model.InstallationDatabaseStoreInterface)

AddSQLStore adds SQLStore functionality to the AWS client.

func (*Client) AttachPolicyToRole added in v0.24.0 

func (a *Client) AttachPolicyToRole(roleName, policyName string, logger log.FieldLogger) error

AttachPolicyToRole attaches a pre-created IAM policy to an IAM role.

func (*Client) ClaimSecurityGroups added in v0.71.0 

func (a *Client) ClaimSecurityGroups(cluster *model.Cluster, nodeGroup string, vpcID string, logger log.FieldLogger) ([]string, error)

func (*Client) ClaimVPC added in v0.63.0 

func (a *Client) ClaimVPC(vpcID string, cluster *model.Cluster, owner string, logger log.FieldLogger) (ClusterResources, error)

ClaimVPC claims specified VPC for specified cluster.

func (*Client) CreateLaunchTemplate added in v0.71.0 

func (a *Client) CreateLaunchTemplate(data *model.LaunchTemplateData) error

func (*Client) CreatePrivateCNAME added in v0.11.0 

func (a *Client) CreatePrivateCNAME(dnsName string, dnsEndpoints []string, logger log.FieldLogger) error

CreatePrivateCNAME creates a record in Route53 for a private domain name.

func (*Client) CreatePublicCNAME added in v0.11.0 

func (a *Client) CreatePublicCNAME(dnsName string, dnsEndpoints []string, dnsIdentifier string, logger log.FieldLogger) error

CreatePublicCNAME creates a record in Route53 for a public domain name.

func (*Client) DeleteLaunchTemplate added in v0.71.0 

func (a *Client) DeleteLaunchTemplate(launchTemplateName string) error

func (*Client) DeletePGBouncerLogicalDatabase added in v0.76.0 

func (a *Client) DeletePGBouncerLogicalDatabase(multitenantDatabase *model.MultitenantDatabase, logicalDataseName string, logger log.FieldLogger) error

func (*Client) DeletePrivateCNAME added in v0.11.0 

func (a *Client) DeletePrivateCNAME(dnsName string, logger log.FieldLogger) error

DeletePrivateCNAME deletes an AWS route53 record for a private domain name.

func (*Client) DeletePublicCNAME added in v0.11.0 

func (a *Client) DeletePublicCNAME(dnsName string, logger log.FieldLogger) error

DeletePublicCNAME deletes a AWS route53 record for a public domain name.

func (*Client) DeletePublicCNAMEs added in v0.59.0 

func (a *Client) DeletePublicCNAMEs(dnsNames []string, logger log.FieldLogger) error

DeletePublicCNAMEs deletes AWS route53 records for a public domain name.

func (*Client) DetachPolicyFromRole added in v0.24.0 

func (a *Client) DetachPolicyFromRole(roleName, policyName string, logger log.FieldLogger) error

DetachPolicyFromRole detaches an IAM policy from an IAM role.

func (*Client) DynamoDBEnsureTableDeleted added in v0.24.0 

func (a *Client) DynamoDBEnsureTableDeleted(tableName string, logger log.FieldLogger) error

DynamoDBEnsureTableDeleted is used to check if DynamoDB table exists and delete it.

func (*Client) EnsureEKSCluster added in v0.63.0 

func (c *Client) EnsureEKSCluster(cluster *model.Cluster, resources ClusterResources) (*eksTypes.Cluster, error)

EnsureEKSCluster ensures EKS cluster is created.

func (*Client) EnsureEKSClusterDeleted added in v0.63.0 

func (a *Client) EnsureEKSClusterDeleted(clusterName string) error

EnsureEKSClusterDeleted ensures EKS cluster is deleted.

func (*Client) EnsureEKSClusterUpdated added in v0.71.0 

func (c *Client) EnsureEKSClusterUpdated(cluster *model.Cluster) (*eksTypes.Update, error)

func (*Client) EnsureEKSNodeGroup added in v0.71.0 

func (c *Client) EnsureEKSNodeGroup(cluster *model.Cluster, ngPrefix string) (*eksTypes.Nodegroup, error)

EnsureEKSNodeGroup ensures EKS cluster node groups are created.

func (*Client) EnsureEKSNodeGroupDeleted added in v0.71.0 

func (a *Client) EnsureEKSNodeGroupDeleted(clusterName, workerName string) error

EnsureEKSNodeGroupDeleted ensures EKS node groups are deleted.

func (*Client) EnsureEKSNodeGroupMigrated added in v0.71.0 

func (c *Client) EnsureEKSNodeGroupMigrated(cluster *model.Cluster, ngPrefix string) error

EnsureEKSNodeGroupMigrated updates EKS cluster node group.

func (*Client) FixSubnetTagsForVPC added in v0.71.0 

func (a *Client) FixSubnetTagsForVPC(vpcID string, logger log.FieldLogger) error

FixSubnetTagsForVPC finds and corrects subnet tagging for the ones that contain an incorrect SubnetType tag which happens after some kops commands.

func (*Client) GenerateBifrostUtilitySecret added in v0.33.0 

func (a *Client) GenerateBifrostUtilitySecret(clusterID string, logger log.FieldLogger) (*corev1.Secret, error)

GenerateBifrostUtilitySecret creates the secret needed by the bifrost service to access the shared S3 bucket for a given cluster.

func (*Client) GeneratePerseusUtilitySecret added in v0.70.0 

func (a *Client) GeneratePerseusUtilitySecret(clusterID string, logger log.FieldLogger) (*corev1.Secret, error)

GeneratePerseusUtilitySecret provisions Perseus resources and returns the k8s secret needed by the perseus service to perform secure authentication tasks.

func (*Client) GetAccountAliases added in v0.20.0 

func (a *Client) GetAccountAliases() (*iam.ListAccountAliasesOutput, error)

GetAccountAliases returns the AWS account name aliases.

func (*Client) GetAccountID added in v0.24.0 

func (a *Client) GetAccountID() (string, error)

GetAccountID gets the current AWS Account ID

func (*Client) GetActiveEKSCluster added in v0.71.0 

func (c *Client) GetActiveEKSCluster(clusterName string) (*eksTypes.Cluster, error)

GetActiveEKSCluster returns the EKS cluster if ready.

func (*Client) GetActiveEKSNodeGroup added in v0.71.0 

func (c *Client) GetActiveEKSNodeGroup(clusterName, workerName string) (*eksTypes.Nodegroup, error)

GetActiveEKSNodeGroup returns the EKS node group if active.

func (*Client) GetAndClaimVpcResources added in v0.9.0 

func (a *Client) GetAndClaimVpcResources(cluster *model.Cluster, owner string, logger log.FieldLogger) (ClusterResources, error)

GetAndClaimVpcResources creates ClusterResources from an available VPC and tags them appropriately.

func (*Client) GetCIDRByVPCTag added in v0.36.0 

func (a *Client) GetCIDRByVPCTag(vpcTagName string, logger log.FieldLogger) (string, error)

GetCIDRByVPCTag fetches VPC CIDR block by 'Name' tag.

func (*Client) GetCertificateSummaryByTag added in v0.11.0 

func (a *Client) GetCertificateSummaryByTag(key, value string, logger log.FieldLogger) (*model.Certificate, error)

GetCertificateSummaryByTag returns the certificate summary associated with a valid tag key and value in AWS.

func (*Client) GetClaimedVPC added in v0.71.0 

func (c *Client) GetClaimedVPC(clusterID string, logger log.FieldLogger) (string, error)

func (*Client) GetCloudEnvironmentName added in v0.29.0 

func (c *Client) GetCloudEnvironmentName() string

GetCloudEnvironmentName looks for a standard cloud account environment name and returns it.

func (*Client) GetHostedZonesWithTag added in v0.53.0 

func (a *Client) GetHostedZonesWithTag(tag Tag) ([]types.HostedZone, error)

GetHostedZonesWithTag returns R53 hosted zone for a given tag

func (*Client) GetLoadBalancerAPIByType added in v0.70.0 

func (c *Client) GetLoadBalancerAPIByType(elbType string) ELB

GetLoadBalancerAPIByType returns the correct ELB API based on elb type

func (*Client) GetMultitenantBucketNameForInstallation added in v0.45.0 

func (client *Client) GetMultitenantBucketNameForInstallation(installationID string, store model.InstallationDatabaseStoreInterface) (string, error)

GetMultitenantBucketNameForInstallation is a convenience function for determining the name of the S3 bucket used by an Installation which is configured to use the multitenant-s3-filestore or bifrost filestore types

func (*Client) GetPrivateHostedZoneID added in v0.41.0 

func (a *Client) GetPrivateHostedZoneID() string

GetPrivateHostedZoneID returns the private R53 hosted zone ID for the AWS account.

func (*Client) GetPrivateZoneDomainName added in v0.13.0 

func (a *Client) GetPrivateZoneDomainName(logger log.FieldLogger) (string, error)

GetPrivateZoneDomainName gets the private Route53 domain name.

func (*Client) GetPublicHostedZoneNames added in v0.54.1 

func (a *Client) GetPublicHostedZoneNames() []string

GetPublicHostedZoneNames returns the public R53 hosted zone Name list for the AWS account.

func (*Client) GetRegion added in v0.64.0 

func (c *Client) GetRegion() string

GetRegion returns current AWS region.

func (*Client) GetS3RegionURL added in v0.70.0 

func (a *Client) GetS3RegionURL() string

GetS3RegionURL returns the s3 urls with the region from the client configuration

func (*Client) GetSecurityGroupsWithFilters added in v0.17.0 

func (a *Client) GetSecurityGroupsWithFilters(filters []ec2Types.Filter) ([]ec2Types.SecurityGroup, error)

GetSecurityGroupsWithFilters returns SGs matching a given filter.

func (*Client) GetSubnetsWithFilters added in v0.17.0 

func (a *Client) GetSubnetsWithFilters(filters []ec2Types.Filter) ([]ec2Types.Subnet, error)

GetSubnetsWithFilters returns subnets matching a given filter.

func (*Client) GetTagByKeyAndZoneID added in v0.22.0 

func (a *Client) GetTagByKeyAndZoneID(key string, id string, logger log.FieldLogger) (*Tag, error)

GetTagByKeyAndZoneID returns a Tag of a given tag:key and of a given route53 id

func (*Client) GetVpcResources added in v0.38.0 

func (a *Client) GetVpcResources(clusterID string, logger log.FieldLogger) (ClusterResources, error)

GetVpcResources retrieves the VPC information for a particulary cluster.

func (*Client) GetVpcResourcesByVpcID added in v0.45.0 

func (a *Client) GetVpcResourcesByVpcID(vpcID string, logger log.FieldLogger) (ClusterResources, error)

GetVpcResourcesByVpcID retrieve the VPC information for a particulary cluster.

func (*Client) GetVpcsWithFilters added in v0.17.0 

func (a *Client) GetVpcsWithFilters(filters []ec2Types.Filter) ([]ec2Types.Vpc, error)

GetVpcsWithFilters returns VPCs matching a given filter.

func (*Client) HasSQLStore added in v0.10.0 

func (c *Client) HasSQLStore() bool

HasSQLStore returns whether the AWS client has a SQL store or not.

func (*Client) InstallEKSAddons added in v0.71.0 

func (a *Client) InstallEKSAddons(cluster *model.Cluster) error

InstallEKSAddons installs EKS EBS addon to the existing cluster.

func (*Client) IsLaunchTemplateAvailable added in v0.71.0 

func (a *Client) IsLaunchTemplateAvailable(launchTemplateName string) (bool, error)

func (*Client) IsProvisionedPrivateCNAME added in v0.19.0 

func (a *Client) IsProvisionedPrivateCNAME(dnsName string, logger log.FieldLogger) bool

IsProvisionedPrivateCNAME returns true if a record has been registered in the private hosted zone for the given CNAME (full FQDN required as input)

func (*Client) IsValidAMI added in v0.11.0 

func (a *Client) IsValidAMI(AMIImage string, logger log.FieldLogger) (bool, error)

IsValidAMI check if the provided AMI exists

func (*Client) RDSDBCLusterExists added in v0.54.0 

func (a *Client) RDSDBCLusterExists(awsID string) (bool, error)

RDSDBCLusterExists check whether RDS cluster with specified ID exists.

func (*Client) ReleaseVpc added in v0.9.0 

func (a *Client) ReleaseVpc(cluster *model.Cluster, logger log.FieldLogger) error

ReleaseVpc changes the tags on a VPC to mark it as "available" again.

func (*Client) S3BatchDelete added in v0.69.0 

func (a *Client) S3BatchDelete(bucketName string, prefix *string) error

S3BatchDelete delete objects from a bucket in batches

func (*Client) S3BatchDeleteVersions added in v0.74.0 

func (a *Client) S3BatchDeleteVersions(bucketName string, prefix *string) error

func (*Client) S3DisableVersioning added in v0.74.0 

func (a *Client) S3DisableVersioning(bucketName string) error

func (*Client) S3EnableVersioning added in v0.74.0 

func (a *Client) S3EnableVersioning(bucketName string) error

func (*Client) S3EnsureBucketDeleted added in v0.24.0 

func (a *Client) S3EnsureBucketDeleted(bucketName string, logger log.FieldLogger) error

S3EnsureBucketDeleted is used to check if S3 bucket exists, clean it and delete it.

func (*Client) S3EnsureBucketDirectoryDeleted added in v0.29.0 

func (a *Client) S3EnsureBucketDirectoryDeleted(bucketName, directory string, _ log.FieldLogger) error

S3EnsureBucketDirectoryDeleted is used to ensure that a bucket directory is deleted.

func (*Client) S3EnsureObjectDeleted added in v0.44.0 

func (a *Client) S3EnsureObjectDeleted(bucketName, path string) error

S3EnsureObjectDeleted is used to ensure that the file is deleted.

func (*Client) S3IsVersioningEnabled added in v0.74.0 

func (a *Client) S3IsVersioningEnabled(bucketName string) (bool, error)

func (*Client) S3LargeCopy added in v0.45.0 

func (a *Client) S3LargeCopy(srcBucketName, srcBucketKey, destBucketName, destBucketKey *string, logger log.FieldLogger) error

S3LargeCopy uses the "Upload Part - Copy API" from AWS to copy srcBucketName/srcBucketKey to destBucketName/destBucketKey in the case that the file being copied may be greater than 5GB in size

func (*Client) SecretsManagerGetPGBouncerAuthUserPassword added in v0.46.1 

func (a *Client) SecretsManagerGetPGBouncerAuthUserPassword(vpcID string) (string, error)

SecretsManagerGetPGBouncerAuthUserPassword returns the pgbouncer auth user password.

func (*Client) SecretsManagerRestoreSecret added in v0.45.0 

func (a *Client) SecretsManagerRestoreSecret(secretName string, logger log.FieldLogger) error

SecretsManagerRestoreSecret restores a deleted secret.

func (*Client) SecretsManagerValidateExternalDatabaseSecret added in v0.63.0 

func (a *Client) SecretsManagerValidateExternalDatabaseSecret(name string) error

SecretsManagerValidateExternalDatabaseSecret pulls down the secret with the provided name and validates it as an external database secret.

func (*Client) Service added in v0.17.0 

func (c *Client) Service() *Service

Service constructs an AWS session and configuration if not yet successfully done and returns AWS clients set up.

func (*Client) SwitchClusterTags added in v0.46.1 

func (a *Client) SwitchClusterTags(clusterID string, targetClusterID string, logger log.FieldLogger) error

SwitchClusterTags after migration.

func (*Client) TagResource 

func (a *Client) TagResource(resourceID, key, value string, logger log.FieldLogger) error

TagResource tags an AWS EC2 resource.

func (*Client) TagResourcesByCluster added in v0.45.0 

func (a *Client) TagResourcesByCluster(clusterResources ClusterResources, cluster *model.Cluster, owner string, logger log.FieldLogger) error

TagResourcesByCluster for secondary cluster.

func (*Client) UntagResource 

func (a *Client) UntagResource(resourceID, key, value string, logger log.FieldLogger) error

UntagResource deletes tags from an AWS EC2 resource.

func (*Client) UpdateLaunchTemplate added in v0.71.0 

func (a *Client) UpdateLaunchTemplate(data *model.LaunchTemplateData) error

func (*Client) UpdatePublicRecordIDForCNAME added in v0.40.0 

func (a *Client) UpdatePublicRecordIDForCNAME(dnsName, newID string, logger log.FieldLogger) error

UpdatePublicRecordIDForCNAME updates the record ID for the record corresponding to a DNS value in the public hosted zone.

func (*Client) UpsertPublicCNAMEs added in v0.54.1 

func (a *Client) UpsertPublicCNAMEs(dnsNames []string, endpoints []string, logger log.FieldLogger) error

UpsertPublicCNAMEs updates or creates specified dnsNames. The record ID will be set to DNS name with idSuffix appended after '-'.

func (*Client) WaitForActiveEKSCluster added in v0.71.0 

func (c *Client) WaitForActiveEKSCluster(clusterName string, timeout int) (*eksTypes.Cluster, error)

WaitForActiveEKSCluster waits for EKS cluster to be ready.

func (*Client) WaitForActiveEKSNodeGroup added in v0.71.0 

func (c *Client) WaitForActiveEKSNodeGroup(clusterName, nodeGroupName string, timeout int) (*eksTypes.Nodegroup, error)

func (*Client) WaitForEKSClusterToBeDeleted added in v0.71.0 

func (c *Client) WaitForEKSClusterToBeDeleted(clusterName string, timeout int) error

func (*Client) WaitForEKSClusterUpdateToBeCompleted added in v0.71.0 

func (c *Client) WaitForEKSClusterUpdateToBeCompleted(clusterName, updateID string, timeout int) error

func (*Client) WaitForEKSNodeGroupToBeDeleted added in v0.71.0 

func (c *Client) WaitForEKSNodeGroupToBeDeleted(clusterName, workerName string, timeout int) error

type ClusterResources added in v0.9.0 

type ClusterResources struct {
	VpcID                  string
	VpcCIDR                string
	PrivateSubnetIDs       []string
	PublicSubnetsIDs       []string
	MasterSecurityGroupIDs []string
	WorkerSecurityGroupIDs []string
	CallsSecurityGroupIDs  []string
}

ClusterResources is a collection of AWS resources that will be used to create a kops cluster.

func (*ClusterResources) IsValid added in v0.9.0 

func (cr *ClusterResources) IsValid() error

IsValid returns whether or not ClusterResources is valid or not.

type DynamoDBAPI added in v0.68.1 

type DynamoDBAPI interface {
	DescribeTable(ctx context.Context, params *dynamodb.DescribeTableInput, optFns ...func(*dynamodb.Options)) (*dynamodb.DescribeTableOutput, error)
	DeleteTable(ctx context.Context, params *dynamodb.DeleteTableInput, optFns ...func(*dynamodb.Options)) (*dynamodb.DeleteTableOutput, error)
}

DynamoDBAPI represents the series of calls we require from the AWS SDK v2 DynamoDB Client

type EC2API added in v0.68.0 

type EC2API interface {
	CreateTags(ctx context.Context, input *ec2.CreateTagsInput, optFns ...func(*ec2.Options)) (*ec2.CreateTagsOutput, error)
	DeleteTags(ctx context.Context, input *ec2.DeleteTagsInput, optFns ...func(*ec2.Options)) (*ec2.DeleteTagsOutput, error)
	DescribeImages(ctx context.Context, input *ec2.DescribeImagesInput, optFns ...func(*ec2.Options)) (*ec2.DescribeImagesOutput, error)
	DescribeVpcs(ctx context.Context, input *ec2.DescribeVpcsInput, optFns ...func(*ec2.Options)) (*ec2.DescribeVpcsOutput, error)
	DescribeSubnets(ctx context.Context, input *ec2.DescribeSubnetsInput, optFns ...func(*ec2.Options)) (*ec2.DescribeSubnetsOutput, error)
	DescribeSecurityGroups(ctx context.Context, input *ec2.DescribeSecurityGroupsInput, optFns ...func(*ec2.Options)) (*ec2.DescribeSecurityGroupsOutput, error)

	AuthorizeSecurityGroupIngress(ctx context.Context, input *ec2.AuthorizeSecurityGroupIngressInput, optFns ...func(*ec2.Options)) (*ec2.AuthorizeSecurityGroupIngressOutput, error)
	RevokeSecurityGroupIngress(ctx context.Context, input *ec2.RevokeSecurityGroupIngressInput, optFns ...func(*ec2.Options)) (*ec2.RevokeSecurityGroupIngressOutput, error)

	DescribeAvailabilityZones(ctx context.Context, input *ec2.DescribeAvailabilityZonesInput, optFns ...func(*ec2.Options)) (*ec2.DescribeAvailabilityZonesOutput, error)

	CreateLaunchTemplate(context.Context, *ec2.CreateLaunchTemplateInput, ...func(*ec2.Options)) (*ec2.CreateLaunchTemplateOutput, error)
	CreateLaunchTemplateVersion(ctx context.Context, params *ec2.CreateLaunchTemplateVersionInput, optFns ...func(*ec2.Options)) (*ec2.CreateLaunchTemplateVersionOutput, error)
	DescribeLaunchTemplates(context.Context, *ec2.DescribeLaunchTemplatesInput, ...func(*ec2.Options)) (*ec2.DescribeLaunchTemplatesOutput, error)
	DeleteLaunchTemplate(context.Context, *ec2.DeleteLaunchTemplateInput, ...func(*ec2.Options)) (*ec2.DeleteLaunchTemplateOutput, error)
}

EC2API represents the series of calls we require from the AWS SDK v2 EC2 Client

type EKSAPI added in v0.70.0 

type EKSAPI interface {
	CreateAddon(ctx context.Context, params *eks.CreateAddonInput, optFns ...func(*eks.Options)) (*eks.CreateAddonOutput, error)
	DeleteAddon(ctx context.Context, params *eks.DeleteAddonInput, optFns ...func(*eks.Options)) (*eks.DeleteAddonOutput, error)

	CreateCluster(ctx context.Context, params *eks.CreateClusterInput, optFns ...func(*eks.Options)) (*eks.CreateClusterOutput, error)
	UpdateClusterVersion(ctx context.Context, params *eks.UpdateClusterVersionInput, optFns ...func(*eks.Options)) (*eks.UpdateClusterVersionOutput, error)
	DeleteCluster(ctx context.Context, params *eks.DeleteClusterInput, optFns ...func(*eks.Options)) (*eks.DeleteClusterOutput, error)
	DescribeCluster(ctx context.Context, params *eks.DescribeClusterInput, optFns ...func(*eks.Options)) (*eks.DescribeClusterOutput, error)

	CreateNodegroup(ctx context.Context, params *eks.CreateNodegroupInput, optFns ...func(*eks.Options)) (*eks.CreateNodegroupOutput, error)
	UpdateNodegroupVersion(ctx context.Context, params *eks.UpdateNodegroupVersionInput, optFns ...func(*eks.Options)) (*eks.UpdateNodegroupVersionOutput, error)
	DeleteNodegroup(ctx context.Context, params *eks.DeleteNodegroupInput, optFns ...func(*eks.Options)) (*eks.DeleteNodegroupOutput, error)
	DescribeNodegroup(ctx context.Context, params *eks.DescribeNodegroupInput, optFns ...func(*eks.Options)) (*eks.DescribeNodegroupOutput, error)

	DescribeUpdate(ctx context.Context, params *eks.DescribeUpdateInput, optFns ...func(*eks.Options)) (*eks.DescribeUpdateOutput, error)
}

EKSAPI represents the series of calls we require from the AWS SDK v2 EKS Client

type ELB added in v0.70.0 

type ELB interface {
	GetLoadBalancerResource(name string) (string, error)
	TagLoadBalancer(arn string, tags map[string]string) error
}

ELB is an interface to access AWS resources

type ELBV1 added in v0.70.0 

type ELBV1 interface {
	AddTags(ctx context.Context, params *elbv1.AddTagsInput, optFns ...func(*elbv1.Options)) (*elbv1.AddTagsOutput, error)
}

ELBV1 represents the series of calls we require from the AWS SDK v2 ELB Client v1

type ELBV2 added in v0.70.0 

type ELBV2 interface {
	DescribeLoadBalancers(ctx context.Context, params *elbv2.DescribeLoadBalancersInput, optFns ...func(*elbv2.Options)) (*elbv2.DescribeLoadBalancersOutput, error)
	AddTags(ctx context.Context, params *elbv2.AddTagsInput, optFns ...func(*elbv2.Options)) (*elbv2.AddTagsOutput, error)
}

ELBV2 represents the series of calls we require from the AWS SDK v2 ELB Client v2

type ExternalDatabase added in v0.63.0 

type ExternalDatabase struct {
	// contains filtered or unexported fields
}

ExternalDatabase is a database that is created and managed outside of the cloud provisioner.

func NewExternalDatabase added in v0.63.0 

func NewExternalDatabase(installationID string, client *Client) *ExternalDatabase

NewExternalDatabase returns a new instance of ExternalDatabase that implements database interface.

func (*ExternalDatabase) GenerateDatabaseSecret added in v0.63.0 

func (d *ExternalDatabase) GenerateDatabaseSecret(store model.InstallationDatabaseStoreInterface, logger log.FieldLogger) (*corev1.Secret, error)

GenerateDatabaseSecret creates the k8s database spec and secret for accessing the external database.

func (*ExternalDatabase) IsValid added in v0.63.0 

func (d *ExternalDatabase) IsValid() error

IsValid returns if the given external database configuration is valid.

func (*ExternalDatabase) MigrateOut added in v0.63.0 

func (d *ExternalDatabase) MigrateOut(store model.InstallationDatabaseStoreInterface, dbMigration *model.InstallationDBMigrationOperation, logger log.FieldLogger) error

MigrateOut is not supported for external databases.

func (*ExternalDatabase) MigrateTo added in v0.63.0 

func (d *ExternalDatabase) MigrateTo(store model.InstallationDatabaseStoreInterface, dbMigration *model.InstallationDBMigrationOperation, logger log.FieldLogger) error

MigrateTo is not supported for external databases.

func (*ExternalDatabase) Provision added in v0.63.0 

func (d *ExternalDatabase) Provision(store model.InstallationDatabaseStoreInterface, logger log.FieldLogger) error

Provision logs that no further setup is needed for the precreated external database.

func (*ExternalDatabase) RefreshResourceMetadata added in v0.63.0 

func (d *ExternalDatabase) RefreshResourceMetadata(store model.InstallationDatabaseStoreInterface, logger log.FieldLogger) error

RefreshResourceMetadata ensures various database resource's metadata are correct.

func (*ExternalDatabase) RollbackMigration added in v0.63.0 

func (d *ExternalDatabase) RollbackMigration(store model.InstallationDatabaseStoreInterface, dbMigration *model.InstallationDBMigrationOperation, logger log.FieldLogger) error

RollbackMigration is not supported for external databases.

func (*ExternalDatabase) Snapshot added in v0.63.0 

func (d *ExternalDatabase) Snapshot(store model.InstallationDatabaseStoreInterface, logger log.FieldLogger) error

Snapshot is not supported for external databases.

func (*ExternalDatabase) Teardown added in v0.63.0 

func (d *ExternalDatabase) Teardown(store model.InstallationDatabaseStoreInterface, keepData bool, logger log.FieldLogger) error

Teardown logs that no further actions are required for external database teardown.

func (*ExternalDatabase) TeardownMigrated added in v0.63.0 

func (d *ExternalDatabase) TeardownMigrated(store model.InstallationDatabaseStoreInterface, migrationOp *model.InstallationDBMigrationOperation, logger log.FieldLogger) error

TeardownMigrated is not supported for external databases.

type IAMAPI added in v0.69.0 

type IAMAPI interface {
	CreateUser(ctx context.Context, params *iam.CreateUserInput, optFns ...func(*iam.Options)) (*iam.CreateUserOutput, error)
	DeleteUser(ctx context.Context, params *iam.DeleteUserInput, optFns ...func(*iam.Options)) (*iam.DeleteUserOutput, error)
	GetUser(ctx context.Context, params *iam.GetUserInput, optFns ...func(*iam.Options)) (*iam.GetUserOutput, error)

	AttachUserPolicy(ctx context.Context, params *iam.AttachUserPolicyInput, optFns ...func(*iam.Options)) (*iam.AttachUserPolicyOutput, error)
	ListAttachedUserPolicies(ctx context.Context, params *iam.ListAttachedUserPoliciesInput, optFns ...func(*iam.Options)) (*iam.ListAttachedUserPoliciesOutput, error)
	DetachUserPolicy(ctx context.Context, params *iam.DetachUserPolicyInput, optFns ...func(*iam.Options)) (*iam.DetachUserPolicyOutput, error)

	ListAccountAliases(ctx context.Context, params *iam.ListAccountAliasesInput, optFns ...func(*iam.Options)) (*iam.ListAccountAliasesOutput, error)

	CreateAccessKey(ctx context.Context, params *iam.CreateAccessKeyInput, optFns ...func(*iam.Options)) (*iam.CreateAccessKeyOutput, error)
	DeleteAccessKey(ctx context.Context, params *iam.DeleteAccessKeyInput, optFns ...func(*iam.Options)) (*iam.DeleteAccessKeyOutput, error)
	ListAccessKeys(ctx context.Context, params *iam.ListAccessKeysInput, optFns ...func(*iam.Options)) (*iam.ListAccessKeysOutput, error)

	AttachRolePolicy(ctx context.Context, params *iam.AttachRolePolicyInput, optFns ...func(*iam.Options)) (*iam.AttachRolePolicyOutput, error)
	DetachRolePolicy(ctx context.Context, params *iam.DetachRolePolicyInput, optFns ...func(*iam.Options)) (*iam.DetachRolePolicyOutput, error)

	CreatePolicy(ctx context.Context, params *iam.CreatePolicyInput, optFns ...func(*iam.Options)) (*iam.CreatePolicyOutput, error)
	DeletePolicy(ctx context.Context, params *iam.DeletePolicyInput, optFns ...func(*iam.Options)) (*iam.DeletePolicyOutput, error)
	GetPolicy(ctx context.Context, params *iam.GetPolicyInput, optFns ...func(*iam.Options)) (*iam.GetPolicyOutput, error)
}

IAMAPI represents the series of calls we require from the AWS SDK v2 IAM Client

type IAMAccessKey added in v0.7.0 

type IAMAccessKey struct {
	ID     string
	Secret string
}

IAMAccessKey is the ID and Secret of an AWS IAM user's access key.

func (*IAMAccessKey) Validate added in v0.8.0 

func (s *IAMAccessKey) Validate() error

Validate performs a basic sanity check on the IAM Access Key secret.

type InstallationDBSecret added in v0.59.0 

type InstallationDBSecret struct {
	InstallationSecretName string
	ConnectionString       string
	DBCheckURL             string
	ReadReplicasURL        string
}

InstallationDBSecret represents data required for creating database secret for an Installation.

func (InstallationDBSecret) ToK8sSecret added in v0.59.0 

func (s InstallationDBSecret) ToK8sSecret(disableDBCheck bool) *corev1.Secret

ToK8sSecret creates Kubernetes secret from InstallationDBSecret.

type KMSAPI added in v0.69.0 

type KMSAPI interface {
	CreateAlias(ctx context.Context, params *kms.CreateAliasInput, optFns ...func(*kms.Options)) (*kms.CreateAliasOutput, error)
	CreateKey(ctx context.Context, params *kms.CreateKeyInput, optFns ...func(*kms.Options)) (*kms.CreateKeyOutput, error)
	DisableKey(ctx context.Context, params *kms.DisableKeyInput, optFns ...func(*kms.Options)) (*kms.DisableKeyOutput, error)
	DescribeKey(ctx context.Context, params *kms.DescribeKeyInput, optFns ...func(*kms.Options)) (*kms.DescribeKeyOutput, error)
	ScheduleKeyDeletion(ctx context.Context, params *kms.ScheduleKeyDeletionInput, optFns ...func(*kms.Options)) (*kms.ScheduleKeyDeletionOutput, error)
	Encrypt(ctx context.Context, params *kms.EncryptInput, optFns ...func(*kms.Options)) (*kms.EncryptOutput, error)
}

KMSAPI represents the series of calls we require from the AWS SDK v2 KMS Client

type LoadBalancerAPI added in v0.70.0 

type LoadBalancerAPI interface {
	GetLoadBalancerAPI(string) ELB
}

LoadBalancerAPI holds a method to return right ELB API

type PerseusDatabase added in v0.70.0 

type PerseusDatabase struct {
	// contains filtered or unexported fields
}

PerseusDatabase is a database backed by RDS that supports multi-tenancy and pooled connections via Perseus.

func NewPerseusDatabase added in v0.70.0 

func NewPerseusDatabase(databaseType, instanceID, installationID string, client *Client, installationsLimit int, disableDBCheck bool) *PerseusDatabase

NewPerseusDatabase returns a new instance of PerseusDatabase that implements the database interface.

func (*PerseusDatabase) DatabaseEngineTypeTagValue added in v0.70.0 

func (d *PerseusDatabase) DatabaseEngineTypeTagValue() string

DatabaseEngineTypeTagValue returns the tag value used for filtering RDS cluster resources based on database engine type.

func (*PerseusDatabase) GenerateDatabaseSecret added in v0.70.0 

func (d *PerseusDatabase) GenerateDatabaseSecret(store model.InstallationDatabaseStoreInterface, logger log.FieldLogger) (*corev1.Secret, error)

GenerateDatabaseSecret creates the k8s database spec and secret for accessing a single schema inside a RDS multitenant cluster with a Perseus proxy.

func (*PerseusDatabase) MaxSupportedDatabases added in v0.70.0 

func (d *PerseusDatabase) MaxSupportedDatabases() int

MaxSupportedDatabases returns the maximum number of databases supported on one RDS cluster for this database type.

func (*PerseusDatabase) MigrateOut added in v0.70.0 

func (d *PerseusDatabase) MigrateOut(store model.InstallationDatabaseStoreInterface, dbMigration *model.InstallationDBMigrationOperation, logger log.FieldLogger) error

MigrateOut migrating out of MySQL Operator managed database is not supported.

func (*PerseusDatabase) MigrateTo added in v0.70.0 

func (d *PerseusDatabase) MigrateTo(store model.InstallationDatabaseStoreInterface, dbMigration *model.InstallationDBMigrationOperation, logger log.FieldLogger) error

MigrateTo migration to MySQL Operator managed database is not supported.

func (*PerseusDatabase) Provision added in v0.70.0 

func (d *PerseusDatabase) Provision(store model.InstallationDatabaseStoreInterface, logger log.FieldLogger) error

Provision claims a multitenant RDS cluster and creates a database schema for the installation.

func (*PerseusDatabase) RefreshResourceMetadata added in v0.70.0 

func (d *PerseusDatabase) RefreshResourceMetadata(store model.InstallationDatabaseStoreInterface, logger log.FieldLogger) error

RefreshResourceMetadata ensures various operator database resource's metadata are correct.

func (*PerseusDatabase) RollbackMigration added in v0.70.0 

func (d *PerseusDatabase) RollbackMigration(store model.InstallationDatabaseStoreInterface, dbMigration *model.InstallationDBMigrationOperation, logger log.FieldLogger) error

RollbackMigration rolling back migration is not supported for MySQL Operator managed database.

func (*PerseusDatabase) Snapshot added in v0.70.0 

func (d *PerseusDatabase) Snapshot(store model.InstallationDatabaseStoreInterface, logger log.FieldLogger) error

Snapshot creates a snapshot of single RDS multitenant database.

func (*PerseusDatabase) Teardown added in v0.70.0 

func (d *PerseusDatabase) Teardown(store model.InstallationDatabaseStoreInterface, keepData bool, logger log.FieldLogger) error

Teardown removes all AWS resources related to a Perseus database.

func (*PerseusDatabase) TeardownMigrated added in v0.70.0 

func (d *PerseusDatabase) TeardownMigrated(store model.InstallationDatabaseStoreInterface, migrationOp *model.InstallationDBMigrationOperation, logger log.FieldLogger) error

TeardownMigrated tearing down migrated databases is not supported for MySQL Operator managed database.

func (*PerseusDatabase) Validate added in v0.70.0 

func (d *PerseusDatabase) Validate() error

Validate validates the configuration of a PerseusDatabase.

type RDSAPI added in v0.69.0 

type RDSAPI interface {
	AddTagsToResource(ctx context.Context, params *rds.AddTagsToResourceInput, optFns ...func(*rds.Options)) (*rds.AddTagsToResourceOutput, error)

	CreateDBCluster(ctx context.Context, params *rds.CreateDBClusterInput, optFns ...func(*rds.Options)) (*rds.CreateDBClusterOutput, error)
	DescribeDBClusters(ctx context.Context, params *rds.DescribeDBClustersInput, optFns ...func(*rds.Options)) (*rds.DescribeDBClustersOutput, error)
	DeleteDBCluster(ctx context.Context, params *rds.DeleteDBClusterInput, optFns ...func(*rds.Options)) (*rds.DeleteDBClusterOutput, error)

	DescribeDBClusterEndpoints(ctx context.Context, params *rds.DescribeDBClusterEndpointsInput, optFns ...func(*rds.Options)) (*rds.DescribeDBClusterEndpointsOutput, error)

	DescribeDBSubnetGroups(ctx context.Context, params *rds.DescribeDBSubnetGroupsInput, optFns ...func(*rds.Options)) (*rds.DescribeDBSubnetGroupsOutput, error)

	CreateDBClusterSnapshot(ctx context.Context, params *rds.CreateDBClusterSnapshotInput, optFns ...func(*rds.Options)) (*rds.CreateDBClusterSnapshotOutput, error)

	CreateDBInstance(ctx context.Context, params *rds.CreateDBInstanceInput, optFns ...func(*rds.Options)) (*rds.CreateDBInstanceOutput, error)
	DeleteDBInstance(ctx context.Context, params *rds.DeleteDBInstanceInput, optFns ...func(*rds.Options)) (*rds.DeleteDBInstanceOutput, error)
	DescribeDBInstances(ctx context.Context, params *rds.DescribeDBInstancesInput, optFns ...func(*rds.Options)) (*rds.DescribeDBInstancesOutput, error)
}

RDSAPI represents the series of calls we require from the AWS SDK v2 RDS Client

type RDSDatabase added in v0.8.0 

type RDSDatabase struct {
	// contains filtered or unexported fields
}

RDSDatabase is a database backed by AWS RDS.

func NewRDSDatabase added in v0.8.0 

func NewRDSDatabase(databaseType, installationID string, client *Client, disableDBCheck bool) *RDSDatabase

NewRDSDatabase returns a new RDSDatabase interface.

func (*RDSDatabase) GenerateDatabaseSecret added in v0.38.0 

func (d *RDSDatabase) GenerateDatabaseSecret(store model.InstallationDatabaseStoreInterface, logger log.FieldLogger) (*corev1.Secret, error)

GenerateDatabaseSecret creates the k8s database spec and secret for accessing the RDS database.

func (*RDSDatabase) MigrateOut added in v0.45.0 

func (d *RDSDatabase) MigrateOut(store model.InstallationDatabaseStoreInterface, dbMigration *model.InstallationDBMigrationOperation, logger log.FieldLogger) error

MigrateOut migration is not supported for single tenant RDS.

func (*RDSDatabase) MigrateTo added in v0.45.0 

func (d *RDSDatabase) MigrateTo(store model.InstallationDatabaseStoreInterface, dbMigration *model.InstallationDBMigrationOperation, logger log.FieldLogger) error

MigrateTo migration is not supported for single tenant RDS.

func (*RDSDatabase) Provision added in v0.8.0 

func (d *RDSDatabase) Provision(store model.InstallationDatabaseStoreInterface, logger log.FieldLogger) error

Provision completes all the steps necessary to provision a RDS database.

func (*RDSDatabase) RefreshResourceMetadata added in v0.43.0 

func (d *RDSDatabase) RefreshResourceMetadata(store model.InstallationDatabaseStoreInterface, logger log.FieldLogger) error

RefreshResourceMetadata ensures various database resource's metadata are correct.

func (*RDSDatabase) RollbackMigration added in v0.45.0 

func (d *RDSDatabase) RollbackMigration(store model.InstallationDatabaseStoreInterface, dbMigration *model.InstallationDBMigrationOperation, logger log.FieldLogger) error

RollbackMigration rolling back migration is not supported for single tenant RDS.

func (*RDSDatabase) Snapshot added in v0.17.0 

func (d *RDSDatabase) Snapshot(store model.InstallationDatabaseStoreInterface, logger log.FieldLogger) error

Snapshot creates a snapshot of the RDS database.

func (*RDSDatabase) Teardown added in v0.8.0 

func (d *RDSDatabase) Teardown(store model.InstallationDatabaseStoreInterface, keepData bool, logger log.FieldLogger) error

Teardown removes all AWS resources related to a RDS database.

func (*RDSDatabase) TeardownMigrated added in v0.45.0 

func (d *RDSDatabase) TeardownMigrated(store model.InstallationDatabaseStoreInterface, migrationOp *model.InstallationDBMigrationOperation, logger log.FieldLogger) error

TeardownMigrated tearing down migrated databases is not supported for single tenant RDS.

type RDSDatabaseMigration added in v0.18.0 

type RDSDatabaseMigration struct {
	// contains filtered or unexported fields
}

RDSDatabaseMigration is a migrated database backed by AWS RDS.

func NewRDSDatabaseMigration added in v0.18.0 

func NewRDSDatabaseMigration(masterInstallationID, slaveInstallationID string, awsClient *Client) *RDSDatabaseMigration

NewRDSDatabaseMigration returns a new RDSDatabaseMigration.

func (*RDSDatabaseMigration) Replicate added in v0.18.0 

func (d *RDSDatabaseMigration) Replicate(logger log.FieldLogger) (string, error)

Replicate starts the process for replicating an master RDS database. This method must return an resplication status or an error.

func (*RDSDatabaseMigration) Setup added in v0.18.0 

func (d *RDSDatabaseMigration) Setup(logger log.FieldLogger) (string, error)

Setup sets access from one RDS database to another and sets any configuration needed for replication.

func (*RDSDatabaseMigration) Teardown added in v0.18.0 

func (d *RDSDatabaseMigration) Teardown(logger log.FieldLogger) (string, error)

Teardown removes access from one RDS database to another and rollback any previous database configuration.

type RDSMultitenantDatabase added in v0.19.0 

type RDSMultitenantDatabase struct {
	// contains filtered or unexported fields
}

RDSMultitenantDatabase is a database backed by RDS that supports multi-tenancy.

func NewRDSMultitenantDatabase added in v0.19.0 

func NewRDSMultitenantDatabase(databaseType, instanceID, installationID string, client *Client, installationsLimit int, diableDBCheck bool) *RDSMultitenantDatabase

NewRDSMultitenantDatabase returns a new instance of RDSMultitenantDatabase that implements database interface.

func (*RDSMultitenantDatabase) DatabaseEngineTypeTagValue added in v0.70.0 

func (d *RDSMultitenantDatabase) DatabaseEngineTypeTagValue() string

DatabaseEngineTypeTagValue returns the tag value used for filtering RDS cluster resources based on database engine type.

func (*RDSMultitenantDatabase) GenerateDatabaseSecret added in v0.38.0 

func (d *RDSMultitenantDatabase) GenerateDatabaseSecret(store model.InstallationDatabaseStoreInterface, logger log.FieldLogger) (*corev1.Secret, error)

GenerateDatabaseSecret creates the k8s database spec and secret for accessing a single database inside a RDS multitenant cluster.

func (*RDSMultitenantDatabase) IsValid added in v0.25.0 

func (d *RDSMultitenantDatabase) IsValid() error

IsValid returns if the given RDSMultitenantDatabase configuration is valid.

func (*RDSMultitenantDatabase) MaxSupportedDatabases added in v0.25.0 

func (d *RDSMultitenantDatabase) MaxSupportedDatabases() int

MaxSupportedDatabases returns the maximum number of databases supported on one RDS cluster for this database type.

func (*RDSMultitenantDatabase) MigrateOut added in v0.45.0 

func (d *RDSMultitenantDatabase) MigrateOut(store model.InstallationDatabaseStoreInterface, dbMigration *model.InstallationDBMigrationOperation, logger log.FieldLogger) error

MigrateOut marks Installation as migrated from the database but does not remove the actual data.

func (*RDSMultitenantDatabase) MigrateTo added in v0.45.0 

func (d *RDSMultitenantDatabase) MigrateTo(store model.InstallationDatabaseStoreInterface, dbMigration *model.InstallationDBMigrationOperation, logger log.FieldLogger) error

MigrateTo creates new logical database in the database cluster for already existing Installation.

func (*RDSMultitenantDatabase) Provision added in v0.19.0 

func (d *RDSMultitenantDatabase) Provision(store model.InstallationDatabaseStoreInterface, logger log.FieldLogger) error

Provision claims a multitenant RDS cluster and creates a database schema for the installation.

func (*RDSMultitenantDatabase) RefreshResourceMetadata added in v0.43.0 

func (d *RDSMultitenantDatabase) RefreshResourceMetadata(store model.InstallationDatabaseStoreInterface, logger log.FieldLogger) error

RefreshResourceMetadata ensures various multitenant database resource's metadata are correct.

func (*RDSMultitenantDatabase) RollbackMigration added in v0.45.0 

func (d *RDSMultitenantDatabase) RollbackMigration(store model.InstallationDatabaseStoreInterface, dbMigration *model.InstallationDBMigrationOperation, logger log.FieldLogger) error

RollbackMigration rollbacks Installation to the source database.

func (*RDSMultitenantDatabase) Snapshot added in v0.19.0 

func (d *RDSMultitenantDatabase) Snapshot(store model.InstallationDatabaseStoreInterface, logger log.FieldLogger) error

Snapshot creates a snapshot of single RDS multitenant database.

func (*RDSMultitenantDatabase) Teardown added in v0.19.0 

func (d *RDSMultitenantDatabase) Teardown(store model.InstallationDatabaseStoreInterface, keepData bool, logger log.FieldLogger) error

Teardown removes all AWS resources related to a RDS multitenant database.

func (*RDSMultitenantDatabase) TeardownMigrated added in v0.45.0 

func (d *RDSMultitenantDatabase) TeardownMigrated(store model.InstallationDatabaseStoreInterface, migrationOp *model.InstallationDBMigrationOperation, logger log.FieldLogger) error

TeardownMigrated removes database from which Installation was migrated out.

type RDSMultitenantPGBouncerDatabase added in v0.46.1 

type RDSMultitenantPGBouncerDatabase struct {
	// contains filtered or unexported fields
}

RDSMultitenantPGBouncerDatabase is a database backed by RDS that supports multi-tenancy and pooled connections.

func NewRDSMultitenantPGBouncerDatabase added in v0.46.1 

func NewRDSMultitenantPGBouncerDatabase(databaseType, instanceID, installationID string, client *Client, installationsLimit int, disableDBCheck bool) *RDSMultitenantPGBouncerDatabase

NewRDSMultitenantPGBouncerDatabase returns a new instance of RDSMultitenantPGBouncerDatabase that implements database interface.

func (*RDSMultitenantPGBouncerDatabase) DatabaseEngineTypeTagValue added in v0.70.0 

func (d *RDSMultitenantPGBouncerDatabase) DatabaseEngineTypeTagValue() string

DatabaseEngineTypeTagValue returns the tag value used for filtering RDS cluster resources based on database engine type.

func (*RDSMultitenantPGBouncerDatabase) GenerateDatabaseSecret added in v0.46.1 

func (d *RDSMultitenantPGBouncerDatabase) GenerateDatabaseSecret(store model.InstallationDatabaseStoreInterface, logger log.FieldLogger) (*corev1.Secret, error)

GenerateDatabaseSecret creates the k8s database spec and secret for accessing a single schema inside a RDS multitenant cluster with a PGBouncer proxy.

func (*RDSMultitenantPGBouncerDatabase) IsValid added in v0.46.1 

func (d *RDSMultitenantPGBouncerDatabase) IsValid() error

IsValid returns if the given RDSMultitenantDatabase configuration is valid.

func (*RDSMultitenantPGBouncerDatabase) MaxSupportedDatabases added in v0.46.1 

func (d *RDSMultitenantPGBouncerDatabase) MaxSupportedDatabases() int

MaxSupportedDatabases returns the maximum number of databases supported on one RDS cluster for this database type.

func (*RDSMultitenantPGBouncerDatabase) MigrateOut added in v0.46.1 

func (d *RDSMultitenantPGBouncerDatabase) MigrateOut(store model.InstallationDatabaseStoreInterface, dbMigration *model.InstallationDBMigrationOperation, logger log.FieldLogger) error

MigrateOut migrating out of MySQL Operator managed database is not supported.

func (*RDSMultitenantPGBouncerDatabase) MigrateTo added in v0.46.1 

func (d *RDSMultitenantPGBouncerDatabase) MigrateTo(store model.InstallationDatabaseStoreInterface, dbMigration *model.InstallationDBMigrationOperation, logger log.FieldLogger) error

MigrateTo migration to MySQL Operator managed database is not supported.

func (*RDSMultitenantPGBouncerDatabase) Provision added in v0.46.1 

func (d *RDSMultitenantPGBouncerDatabase) Provision(store model.InstallationDatabaseStoreInterface, logger log.FieldLogger) error

Provision claims a multitenant RDS cluster and creates a database schema for the installation.

func (*RDSMultitenantPGBouncerDatabase) RefreshResourceMetadata added in v0.46.1 

func (d *RDSMultitenantPGBouncerDatabase) RefreshResourceMetadata(store model.InstallationDatabaseStoreInterface, logger log.FieldLogger) error

RefreshResourceMetadata ensures various operator database resource's metadata are correct.

func (*RDSMultitenantPGBouncerDatabase) RollbackMigration added in v0.46.1 

func (d *RDSMultitenantPGBouncerDatabase) RollbackMigration(store model.InstallationDatabaseStoreInterface, dbMigration *model.InstallationDBMigrationOperation, logger log.FieldLogger) error

RollbackMigration rolling back migration is not supported for MySQL Operator managed database.

func (*RDSMultitenantPGBouncerDatabase) Snapshot added in v0.46.1 

func (d *RDSMultitenantPGBouncerDatabase) Snapshot(store model.InstallationDatabaseStoreInterface, logger log.FieldLogger) error

Snapshot creates a snapshot of single RDS multitenant database.

func (*RDSMultitenantPGBouncerDatabase) Teardown added in v0.46.1 

func (d *RDSMultitenantPGBouncerDatabase) Teardown(store model.InstallationDatabaseStoreInterface, keepData bool, logger log.FieldLogger) error

Teardown removes all AWS resources related to a RDS multitenant database.

func (*RDSMultitenantPGBouncerDatabase) TeardownMigrated added in v0.46.1 

func (d *RDSMultitenantPGBouncerDatabase) TeardownMigrated(store model.InstallationDatabaseStoreInterface, migrationOp *model.InstallationDBMigrationOperation, logger log.FieldLogger) error

TeardownMigrated tearing down migrated databases is not supported for MySQL Operator managed database.

type RDSSecret added in v0.8.0 

type RDSSecret struct {
	MasterUsername string
	MasterPassword string
}

RDSSecret is the Secret payload for RDS configuration.

func (*RDSSecret) Validate added in v0.8.0 

func (s *RDSSecret) Validate() error

Validate performs a basic sanity check on the RDS secret.

type ResourceGroupsTaggingAPIAPI added in v0.69.0 

type ResourceGroupsTaggingAPIAPI interface {
	GetResources(ctx context.Context, params *gt.GetResourcesInput, optFns ...func(*gt.Options)) (*gt.GetResourcesOutput, error)
}

ResourceGroupsTaggingAPIAPI represents the series of calls we require from the AWS SDK v2 ResourceGroupsTaggingAPI Client

type Route53API added in v0.69.0 

type Route53API interface {
	ChangeResourceRecordSets(ctx context.Context, input *route53.ChangeResourceRecordSetsInput, optFns ...func(*route53.Options)) (*route53.ChangeResourceRecordSetsOutput, error)
	ListResourceRecordSets(ctx context.Context, input *route53.ListResourceRecordSetsInput, optFns ...func(*route53.Options)) (*route53.ListResourceRecordSetsOutput, error)

	GetHostedZone(ctx context.Context, input *route53.GetHostedZoneInput, optFns ...func(*route53.Options)) (*route53.GetHostedZoneOutput, error)
	ListHostedZones(ctx context.Context, input *route53.ListHostedZonesInput, optFns ...func(*route53.Options)) (*route53.ListHostedZonesOutput, error)

	ListTagsForResource(ctx context.Context, input *route53.ListTagsForResourceInput, optFns ...func(*route53.Options)) (*route53.ListTagsForResourceOutput, error)
}

Route53API represents the series of calls we require from the AWS SDK v2 Route53 Client

type S3API added in v0.69.0 

type S3API interface {
	HeadBucket(ctx context.Context, params *s3.HeadBucketInput, optFns ...func(*s3.Options)) (*s3.HeadBucketOutput, error)
	CreateBucket(ctx context.Context, params *s3.CreateBucketInput, optFns ...func(*s3.Options)) (*s3.CreateBucketOutput, error)
	DeleteBucket(ctx context.Context, params *s3.DeleteBucketInput, optFns ...func(*s3.Options)) (*s3.DeleteBucketOutput, error)

	HeadObject(ctx context.Context, params *s3.HeadObjectInput, optFns ...func(*s3.Options)) (*s3.HeadObjectOutput, error)
	DeleteObject(ctx context.Context, params *s3.DeleteObjectInput, optFns ...func(*s3.Options)) (*s3.DeleteObjectOutput, error)
	DeleteObjects(ctx context.Context, params *s3.DeleteObjectsInput, optFns ...func(*s3.Options)) (*s3.DeleteObjectsOutput, error)
	ListObjectsV2(ctx context.Context, params *s3.ListObjectsV2Input, optFns ...func(*s3.Options)) (*s3.ListObjectsV2Output, error)

	UploadPartCopy(ctx context.Context, params *s3.UploadPartCopyInput, optFns ...func(*s3.Options)) (*s3.UploadPartCopyOutput, error)
	CreateMultipartUpload(ctx context.Context, params *s3.CreateMultipartUploadInput, optFns ...func(*s3.Options)) (*s3.CreateMultipartUploadOutput, error)
	CompleteMultipartUpload(ctx context.Context, params *s3.CompleteMultipartUploadInput, optFns ...func(*s3.Options)) (*s3.CompleteMultipartUploadOutput, error)

	PutPublicAccessBlock(ctx context.Context, params *s3.PutPublicAccessBlockInput, optFns ...func(*s3.Options)) (*s3.PutPublicAccessBlockOutput, error)

	PutBucketEncryption(ctx context.Context, params *s3.PutBucketEncryptionInput, optFns ...func(*s3.Options)) (*s3.PutBucketEncryptionOutput, error)

	GetBucketTagging(ctx context.Context, params *s3.GetBucketTaggingInput, optFns ...func(*s3.Options)) (*s3.GetBucketTaggingOutput, error)
	GetBucketVersioning(ctx context.Context, params *s3.GetBucketVersioningInput, optFns ...func(*s3.Options)) (*s3.GetBucketVersioningOutput, error)
	PutBucketVersioning(ctx context.Context, params *s3.PutBucketVersioningInput, optFns ...func(*s3.Options)) (*s3.PutBucketVersioningOutput, error)
	ListObjectVersions(ctx context.Context, params *s3.ListObjectVersionsInput, optFns ...func(*s3.Options)) (*s3.ListObjectVersionsOutput, error)
}

S3API represents the series of calls we require from the AWS SDK v2 S3 Client

type S3Filestore added in v0.7.0 

type S3Filestore struct {
	// contains filtered or unexported fields
}

S3Filestore is a filestore backed by AWS S3.

func NewS3Filestore added in v0.7.0 

func NewS3Filestore(installationID string, awsClient *Client, enableVersioning bool) *S3Filestore

NewS3Filestore returns a new S3Filestore interface.

func (*S3Filestore) GenerateFilestoreSpecAndSecret added in v0.7.0 

func (f *S3Filestore) GenerateFilestoreSpecAndSecret(store model.InstallationDatabaseStoreInterface, logger log.FieldLogger) (*model.FilestoreConfig, *corev1.Secret, error)

GenerateFilestoreSpecAndSecret creates the k8s filestore spec and secret for accessing the S3 bucket.

func (*S3Filestore) Provision added in v0.7.0 

func (f *S3Filestore) Provision(store model.InstallationDatabaseStoreInterface, logger log.FieldLogger) error

Provision completes all the steps necessary to provision an S3 filestore.

func (*S3Filestore) Teardown added in v0.7.0 

func (f *S3Filestore) Teardown(keepData bool, store model.InstallationDatabaseStoreInterface, logger log.FieldLogger) error

Teardown removes all AWS resources related to an S3 filestore.

type S3MultitenantFilestore added in v0.29.0 

type S3MultitenantFilestore struct {
	// contains filtered or unexported fields
}

S3MultitenantFilestore is a filestore backed by a shared AWS S3 bucket.

func NewS3MultitenantFilestore added in v0.29.0 

func NewS3MultitenantFilestore(installationID string, awsClient *Client) *S3MultitenantFilestore

NewS3MultitenantFilestore returns a new NewS3MultitenantFilestore interface.

func (*S3MultitenantFilestore) GenerateFilestoreSpecAndSecret added in v0.29.0 

func (f *S3MultitenantFilestore) GenerateFilestoreSpecAndSecret(store model.InstallationDatabaseStoreInterface, logger log.FieldLogger) (*model.FilestoreConfig, *corev1.Secret, error)

GenerateFilestoreSpecAndSecret creates the k8s filestore spec and secret for accessing the shared S3 bucket.

func (*S3MultitenantFilestore) Provision added in v0.29.0 

func (f *S3MultitenantFilestore) Provision(store model.InstallationDatabaseStoreInterface, logger log.FieldLogger) error

Provision completes all the steps necessary to provision an S3 multitenant filestore.

func (*S3MultitenantFilestore) Teardown added in v0.29.0 

func (f *S3MultitenantFilestore) Teardown(keepData bool, store model.InstallationDatabaseStoreInterface, logger log.FieldLogger) error

Teardown removes all AWS resources related to a shared S3 filestore.

type SQLDatabaseManager added in v0.19.0 

type SQLDatabaseManager interface {
	QueryContext(ctx context.Context, query string, args ...interface{}) (*sql.Rows, error)
	Close() error
}

SQLDatabaseManager is an interface that describes operations to query and to close connection with a database. It's used mainly to implement a client that needs to perform non-complex queries in a SQL database instance.

type STSAPI added in v0.70.0 

type STSAPI interface {
	GetCallerIdentity(ctx context.Context, params *sts.GetCallerIdentityInput, optFns ...func(*sts.Options)) (*sts.GetCallerIdentityOutput, error)
}

STSAPI represents the series of calls we require from the AWS SDK v2 STS Client

type SecretsManagerAPI added in v0.70.0 

type SecretsManagerAPI interface {
	CreateSecret(ctx context.Context, params *secretsmanager.CreateSecretInput, optFns ...func(*secretsmanager.Options)) (*secretsmanager.CreateSecretOutput, error)
	DeleteSecret(ctx context.Context, params *secretsmanager.DeleteSecretInput, optFns ...func(*secretsmanager.Options)) (*secretsmanager.DeleteSecretOutput, error)
	RestoreSecret(ctx context.Context, params *secretsmanager.RestoreSecretInput, optFns ...func(*secretsmanager.Options)) (*secretsmanager.RestoreSecretOutput, error)
	GetSecretValue(ctx context.Context, params *secretsmanager.GetSecretValueInput, optFns ...func(*secretsmanager.Options)) (*secretsmanager.GetSecretValueOutput, error)
}

SecretsManagerAPI represents the series of calls we require from the AWS SDK v2 SecretsManager Client

type Service added in v0.17.0 

type Service struct {
	// contains filtered or unexported fields
}

Service hold AWS clients for each service.

func NewService added in v0.17.0 

func NewService(cfg aws.Config) *Service

NewService creates a new instance of Service.

type Tag added in v0.11.0 

type Tag struct {
	Key   string
	Value string
}

Tag is a package specific tag with convenient methods for interacting with AWS Route53 resource tags.

func (*Tag) Compare added in v0.11.0 

func (t *Tag) Compare(tag types.Tag) bool

Compare a package specific tag with a AWS Route53 resource tag.

func (*Tag) String added in v0.11.0 

func (t *Tag) String() string

String prints tag's key/value.

type Tags added in v0.66.0 

type Tags struct {
	// contains filtered or unexported fields
}

Tags an abstract represtation of tags that can be converted to different AWS resource tags. Output order is not guaranteed.

func NewTags added in v0.66.0 

func NewTags(items ...string) (*Tags, error)

NewTags create a new instance of AWSTags optionally adding some of them on creation

func (*Tags) Add added in v0.66.0 

func (t *Tags) Add(key, value string)

Add adds a new tag in a key,value format

func (*Tags) AddMany added in v0.66.0 

func (t *Tags) AddMany(items ...string) error

AddMany adds an indetermited amount of tags, must be even

func (*Tags) Len added in v0.66.0 

func (t *Tags) Len() int

Len returns the number of tags

func (*Tags) ToEC2Tags added in v0.66.0 

func (t *Tags) ToEC2Tags() []ec2Types.Tag

ToEC2Tags convert the tags into an EC2 tags format

func (*Tags) ToRDSTags added in v0.66.0 

func (t *Tags) ToRDSTags() []rdsTypes.Tag

ToRDSTags convert the tags into an RDS tags format

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.