Documentation ¶
Index ¶
- type DateGreaterThan
- type DateLessThan
- type IAMClientInterface
- type IAMProvider
- func (awsiam *IAMProvider) DeletePolicys(accountName, roleName string, InlinePolicysNames []string) error
- func (awsiam *IAMProvider) FindPolicysForRole(accountName, roleName string) (map[string]string, error)
- func (awsiam *IAMProvider) GetCloudUserId(accountName string, roleName string) (string, error)
- func (awsiam *IAMProvider) PutPolicy(accountName, roleName, policyName, policy string) error
- type IamCondition
- type IamPolicy
- type IamPolicyMan
- type IamStatement
- type ListOrString
- type StringEqualsIgnoreCase
- type StringLike
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type DateGreaterThan ¶
type DateGreaterThan struct {
AwsCurrentTime string `json:"aws:CurrentTime,omitempty"`
}
type DateLessThan ¶
type DateLessThan struct {
AwsCurrentTime string `json:"aws:CurrentTime,omitempty"`
}
type IAMClientInterface ¶
type IAMClientInterface interface { iam.ListRolePoliciesAPIClient iam.GetRoleAPIClient PutRolePolicy(ctx context.Context, params *iam.PutRolePolicyInput, optFns ...func(*iam.Options)) (*iam.PutRolePolicyOutput, error) DeleteRolePolicy(ctx context.Context, params *iam.DeleteRolePolicyInput, optFns ...func(*iam.Options)) (*iam.DeleteRolePolicyOutput, error) GetRolePolicy(ctx context.Context, params *iam.GetRolePolicyInput, optFns ...func(*iam.Options)) (*iam.GetRolePolicyOutput, error) }
type IAMProvider ¶
type IAMProvider struct { Client IAMClientInterface Settings localconfig.Settings STSProvider *sts.Client }
func NewIAMClient ¶
func NewIAMClient(cfg aws.Config) *IAMProvider
func (*IAMProvider) DeletePolicys ¶
func (awsiam *IAMProvider) DeletePolicys(accountName, roleName string, InlinePolicysNames []string) error
func (*IAMProvider) FindPolicysForRole ¶
func (awsiam *IAMProvider) FindPolicysForRole(accountName, roleName string) (map[string]string, error)
func (*IAMProvider) GetCloudUserId ¶
func (awsiam *IAMProvider) GetCloudUserId(accountName string, roleName string) (string, error)
func (*IAMProvider) PutPolicy ¶
func (awsiam *IAMProvider) PutPolicy(accountName, roleName, policyName, policy string) error
type IamCondition ¶
type IamCondition struct { StringLike *StringLike `json:"StringLike,omitempty"` StringEqualsIgnoreCase *StringEqualsIgnoreCase `json:"StringEqualsIgnoreCase,omitempty"` DateGreaterThan *DateGreaterThan `json:"DateGreaterThan,omitempty"` DateLessThan *DateLessThan `json:"DateLessThan,omitempty"` }
type IamPolicy ¶
type IamPolicy struct { Version string `json:"Version"` Statement []IamStatement `json:"Statement"` }
type IamPolicyMan ¶
type IamPolicyMan struct { *IAMProvider // contains filtered or unexported fields }
func NewPolicyManager ¶
func (*IamPolicyMan) GeneratePolicyFromAuditObj ¶
func (i *IamPolicyMan) GeneratePolicyFromAuditObj(curTime time.Time, object internal.AuditObject, tmpls, tmplFieldNames map[string]string) ([]byte, error)
func (IamPolicyMan) IsPolicyExpired ¶
func (i IamPolicyMan) IsPolicyExpired(policy string) (bool, error)
IsPolicyExpired takes in a iam policy as a string and will marshall it into IamPolicy and check that the Statements aren't expired. Returns true(Expired) , false(Not expired or no time params)
type IamStatement ¶
type IamStatement struct { Sid string `json:"Sid"` Effect string `json:"Effect"` Action ListOrString `json:"Action"` Resource ListOrString `json:"Resource"` Condition *IamCondition `json:"Condition"` }
type ListOrString ¶
type ListOrString []string
func (*ListOrString) UnmarshalJSON ¶
func (a *ListOrString) UnmarshalJSON(b []byte) error
type StringEqualsIgnoreCase ¶
type StringEqualsIgnoreCase struct {
AwsUserid string `json:"aws:userid,omitempty"`
}
type StringLike ¶
type StringLike struct {
AwsUserid string `json:"aws:userid,omitempty"`
}
Click to show internal directories.
Click to hide internal directories.