Documentation ¶
Index ¶
Constants ¶
const ( Invalid = Entity("") Group = Entity("AGPA") InstanceProfile = Entity("AIPA") ManagedPolicy = Entity("ANPA") PolicyVersion = Entity("ANVA") Role = Entity("AROA") Root = Entity("A3T") ServerCert = Entity("ASCA") TempKey = Entity("ASIA") User = Entity("AIDA") UserKey = Entity("AKIA") )
IAM entity ID prefixes (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html#identifiers-prefixes).
const ( Allow = Effect("Allow") Deny = Effect("Deny") )
Effect values.
const PolicyVersion2012 = "2012-10-17"
PolicyVersion2012 is the IAM policy version supported by iamx package.
Variables ¶
This section is empty.
Functions ¶
func ManagedPolicyARN ¶
ManagedPolicyARN returns the ARN of a managed IAM policy. Partition defaults to aws, if not specified. An empty ARN is returned if resource is empty. Job functions may be specified without a path, but it is required for other managed policies. If resource is already an ARN, it is returned with an updated partition.
Types ¶
type Client ¶
Client is an extended IAM client with additional methods for managing users and roles.
func (Client) DeleteRole ¶
DeleteRole deletes the specified role, ensuring that all prerequisites for deletion are met.
func (Client) DeleteRoles ¶
DeleteRoles deletes all roles under the specified IAM path.
func (Client) DeleteUser ¶
DeleteUser deletes the specified user, ensuring that all prerequisites for deletion are met.
func (Client) DeleteUsers ¶
DeleteUsers deletes all users under the specified IAM path.
type ConditionMap ¶
type ConditionMap map[string]Conditions
ConditionMap associates policy condition type with a set of conditions.
type Conditions ¶
type Conditions map[string]PolicyMultiVal
Conditions contains one or more policy conditions of the same type.
type Policy ¶
type Policy struct { Version string `json:",omitempty"` ID string `json:"Id,omitempty"` Statement []*Statement }
Policy is an IAM policy document.
func AssumeRolePolicy ¶
AssumeRolePolicy returns an AssumeRole policy document.
func ParsePolicy ¶
ParsePolicy decodes an IAM policy document.
type PolicyMultiVal ¶
type PolicyMultiVal []string
PolicyMultiVal is a JSON type that may be encoded either as a string or an array, depending on the number of entries.
func (PolicyMultiVal) Equal ¶
func (v PolicyMultiVal) Equal(o PolicyMultiVal) bool
Equal returns true if both policy values contain the same entries in the same order.
func (PolicyMultiVal) MarshalJSON ¶
func (v PolicyMultiVal) MarshalJSON() ([]byte, error)
MarshalJSON implements json.Marshaler interface.
func (*PolicyMultiVal) UnmarshalJSON ¶
func (v *PolicyMultiVal) UnmarshalJSON(b []byte) error
UnmarshalJSON implements json.Unmarshaler interface.
type Principal ¶
type Principal struct { PrincipalMap Any bool }
Principal specifies the entity to which a statement applies.
func NewAWSPrincipal ¶
NewAWSPrincipal returns a new Principal containing the specified AWS ids.
func (*Principal) MarshalJSON ¶
MarshalJSON implements json.Marshaler interface.
func (*Principal) UnmarshalJSON ¶
UnmarshalJSON implements json.Unmarshaler interface.
type PrincipalMap ¶
type PrincipalMap struct { AWS PolicyMultiVal `json:",omitempty"` Federated PolicyMultiVal `json:",omitempty"` Service PolicyMultiVal `json:",omitempty"` }
PrincipalMap is a non-wildcard principal value.
type Statement ¶
type Statement struct { SID string `json:"Sid,omitempty"` Effect Effect `json:""` Principal *Principal `json:",omitempty"` NotPrincipal *Principal `json:",omitempty"` Action PolicyMultiVal `json:",omitempty"` NotAction PolicyMultiVal `json:",omitempty"` Resource PolicyMultiVal `json:",omitempty"` NotResource PolicyMultiVal `json:",omitempty"` Condition ConditionMap `json:",omitempty"` }
Statement is an IAM policy statement.