security

package

v0.0.2 Latest Latest Go to latest Published: Jul 10, 2025 License: MIT Imports: 1 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/Azure/aks-mcp

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
Variables
type SecurityConfig
- func NewSecurityConfig() *SecurityConfig
type ValidationError
- func (e *ValidationError) Error() string
type Validator
- func NewValidator(secConfig *SecurityConfig) *Validator
- func (v *Validator) ValidateCommand(command, commandType string) error

Constants ¶

View Source

const (
	CommandTypeAz = "az"
)

Command type constants

Variables ¶

View Source

var (
	// AzReadOperations defines az operations that don't modify state
	AzReadOperations = []string{

		"az aks show",
		"az aks list",
		"az aks get-versions",
		"az aks get-upgrades",
		"az aks check-acr",
		"az aks check-network outbound",
		"az aks browse",

		"az aks addon list",
		"az aks addon show",

		"az aks nodepool list",
		"az aks nodepool show",
		"az aks nodepool get-upgrades",

		"az aks operation",
		"az aks snapshot list",
		"az aks snapshot show",

		"az aks trustedaccess rolebinding list",
		"az aks trustedaccess rolebinding show",

		"az aks install-cli",

		"az account list",
		"az account set",
		"az login",

		"az advisor recommendation list",
		"az advisor recommendation show",

		"az monitor metrics list",
		"az monitor metrics list-definitions",
		"az monitor metrics list-namespaces",

		"az find",
		"az version",
		"az help",
		"az config",
		"az group list",
		"az group show",
		"az resource list",
		"az resource show",
	}
)

Functions ¶

This section is empty.

Types ¶

type SecurityConfig ¶

type SecurityConfig struct {
	// AccessLevel controls the level of operations allowed (readonly, readwrite, admin)
	AccessLevel string
}

SecurityConfig holds security-related configuration

func NewSecurityConfig ¶

func NewSecurityConfig() *SecurityConfig

NewSecurityConfig creates a new SecurityConfig instance

type ValidationError ¶

type ValidationError struct {
	Message string
}

ValidationError represents a security validation error

func (*ValidationError) Error ¶

func (e *ValidationError) Error() string

type Validator ¶

type Validator struct {
	// contains filtered or unexported fields
}

Validator handles validation of commands against security configuration

func NewValidator ¶

func NewValidator(secConfig *SecurityConfig) *Validator

NewValidator creates a new Validator instance with the given security configuration

func (*Validator) ValidateCommand ¶

func (v *Validator) ValidateCommand(command, commandType string) error

ValidateCommand validates a command against all security settings The command parameter should be the full command string (e.g., "az aks show --name myCluster") AzReadOperations should now contain full command prefixes with "az" included

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL