azure

package

v0.16.0 Latest Latest Go to latest Published: Jul 31, 2023 License: Apache-2.0 Imports: 22 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/kubeguard/guard

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
Variables
func ConvertIntToString(number int) string
func DiscoverResources(ctx context.Context) error
func ReconcileDiscoverResources(ctx context.Context, wg *sync.WaitGroup, loopDuration time.Duration)
func SetDiscoverResourcesSettings(clusterType string, environment string, loginURL string, ...) error
type AuthorizationActionInfo
type AuthorizationEntity
type DataAction
type DiscoverResourcesSettings
type Display
type Operation
type OperationList
type OperationsMap
- func DeepCopyOperationsMap() OperationsMap
- func NewOperationsMap() OperationsMap
- func (o OperationsMap) String() string
type Resource
type ResourceAndVerbMap
- func NewResourceAndVerbMap() ResourceAndVerbMap
type TokenResponse
type VerbAndActionsMap
- func NewVerbAndActionsMap() VerbAndActionsMap

Constants ¶

View Source

const (
	ManagedClusters             = "Microsoft.ContainerService/managedClusters"
	Fleets                      = "Microsoft.ContainerService/fleets"
	ConnectedClusters           = "Microsoft.Kubernetes/connectedClusters"
	OperationsEndpointFormatARC = "%s/providers/Microsoft.Kubernetes/operations?api-version=2021-10-01"
	OperationsEndpointFormatAKS = "%s/providers/Microsoft.ContainerService/operations?api-version=2018-10-31"
)

Variables ¶

View Source

var (
	DiscoverResourcesTotalDuration = prometheus.NewHistogram(
		prometheus.HistogramOpts{
			Name:    "guard_discover_resources_request_duration_seconds",
			Help:    "A histogram of latencies for azure get operations requests.",
			Buckets: []float64{.25, .5, 1, 2.5, 5, 10, 15, 20},
		})
)

Functions ¶

func ConvertIntToString ¶

func ConvertIntToString(number int) string

func DiscoverResources ¶

func DiscoverResources(ctx context.Context) error

DiscoverResources does the following: 1. Fetches list of ApiResources from the apiserver 2. Fetches list of Data Actions via Get Operations call on Azure 3. creates OperationsMap which is a map of "group": { "resource": { "verb": DataAction{} } } } This map is used to create list of AuthorizationActionInfos when we get a SAR request where Resource/Verb/Group is *

func ReconcileDiscoverResources ¶ added in v0.12.2

func ReconcileDiscoverResources(ctx context.Context, wg *sync.WaitGroup, loopDuration time.Duration)

ReconcileDiscoverResources reconciles the operationsMap

func SetDiscoverResourcesSettings ¶ added in v0.12.2

func SetDiscoverResourcesSettings(clusterType string, environment string, loginURL string, kubeconfigFilePath string, tenantID string, clientID string, clientSecret string) error

Types ¶

type AuthorizationActionInfo ¶

type AuthorizationActionInfo struct {
	AuthorizationEntity
	IsDataAction bool `json:"IsDataAction"`
}

type AuthorizationEntity ¶

type AuthorizationEntity struct {
	Id string `json:"Id"`
}

type DataAction ¶

type DataAction struct {
	ActionInfo           AuthorizationActionInfo
	IsNamespacedResource bool
}

type DiscoverResourcesSettings ¶

type DiscoverResourcesSettings struct {
	// contains filtered or unexported fields
}

type Display ¶

type Display struct {
	Provider    string `json:"provider"`
	Resource    string `json:"resource"`
	Operation   string `json:"operation"`
	Description string `json:"description"`
}

type Operation ¶

type Operation struct {
	Name         string  `json:"name"`
	Display      Display `json:"display"`
	IsDataAction *bool   `json:"isDataAction,omitempty"`
}

type OperationList ¶

type OperationList struct {
	Value    []Operation `json:"value"`
	NextLink string      `json:"nextLink"`
}

type OperationsMap ¶

type OperationsMap map[string]ResourceAndVerbMap

func DeepCopyOperationsMap ¶ added in v0.12.2

func DeepCopyOperationsMap() OperationsMap

func NewOperationsMap ¶

func NewOperationsMap() OperationsMap

func (OperationsMap) String ¶

func (o OperationsMap) String() string

type Resource ¶

type Resource struct {
	Id         string
	Namespaced bool
	Name       string
	Group      string
	Verb       string
}

type ResourceAndVerbMap ¶

type ResourceAndVerbMap map[string]VerbAndActionsMap

func NewResourceAndVerbMap ¶

func NewResourceAndVerbMap() ResourceAndVerbMap

type TokenResponse ¶

type TokenResponse struct {
	AccessToken  string `json:"access_token"`
	ExpiresIn    string `json:"expires_in"`
	RefreshToken string `json:"refresh_token"`
	ExpiresOn    string `json:"expires_on"`
	NotBefore    string `json:"not_before"`
	Resource     string `json:"resource"`
	TokenType    string `json:"token_type"`
	ErrorMessage string `json:"error_message,omitempty"`
}

type VerbAndActionsMap ¶

type VerbAndActionsMap map[string]DataAction

func NewVerbAndActionsMap ¶

func NewVerbAndActionsMap() VerbAndActionsMap

Source Files ¶

View all Source files

utils.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL