deployment

package

v0.14.0 Latest Latest Go to latest Published: Jun 24, 2024 License: MIT Imports: 13 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/Azure/alzlib

Links

Open Source Insights

Documentation ¶

Overview ¶

Package deployment contains the types and methods for managing the deployment of an Azure management group hierarchy using the supplied Alzlib.

Index ¶

Constants
type Hierarchy
- func NewHierarchy(alzlib *alzlib.AlzLib) *Hierarchy
type HierarchyManagementGroup
type PolicyAssignmentsParameterValues
type PolicyRoleAssignment

Constants ¶

View Source

const (
	ManagementGroupIdFmt     = "/providers/Microsoft.Management/managementGroups/%s"
	PolicyAssignmentIdFmt    = "/providers/Microsoft.Management/managementGroups/%s/providers/Microsoft.Authorization/policyAssignments/%s"
	PolicyDefinitionIdFmt    = "/providers/Microsoft.Management/managementGroups/%s/providers/Microsoft.Authorization/policyDefinitions/%s"
	PolicySetDefinitionIdFmt = "/providers/Microsoft.Management/managementGroups/%s/providers/Microsoft.Authorization/policySetDefinitions/%s"
	RoleDefinitionIdFmt      = "/providers/Microsoft.Management/managementGroups/%s/providers/Microsoft.Authorization/roleDefinitions/%s"
)

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type Hierarchy ¶

type Hierarchy struct {
	// contains filtered or unexported fields
}

Hierarchy represents a deployment of Azure management group hierarchy.

func NewHierarchy ¶

func NewHierarchy(alzlib *alzlib.AlzLib) *Hierarchy

func (*Hierarchy) FromArchitecture ¶

func (h *Hierarchy) FromArchitecture(ctx context.Context, arch, externalParentId, location string) error

func (*Hierarchy) ManagementGroup ¶

func (h *Hierarchy) ManagementGroup(name string) *HierarchyManagementGroup

ManagementGroup returns the management group with the given name.

func (*Hierarchy) ManagementGroupNames ¶

func (h *Hierarchy) ManagementGroupNames() []string

ManagementGroupNames returns the management group names as a slice of string.

func (*Hierarchy) ManagementGroupsAtLevel ¶

func (h *Hierarchy) ManagementGroupsAtLevel(level int) map[string]*HierarchyManagementGroup

func (*Hierarchy) PolicyRoleAssignments ¶

func (h *Hierarchy) PolicyRoleAssignments(ctx context.Context) (mapset.Set[PolicyRoleAssignment], error)

type HierarchyManagementGroup ¶

type HierarchyManagementGroup struct {
	// contains filtered or unexported fields
}

HierarchyManagementGroup represents an Azure Management Group within a hierarchy, with links to parent and children. Note: this is not thread safe, and should not be used concurrently without an external mutex.

func (*HierarchyManagementGroup) Children ¶

func (alzmg *HierarchyManagementGroup) Children() []*HierarchyManagementGroup

Children returns the children of the management group.

func (*HierarchyManagementGroup) DisplayName ¶

func (mg *HierarchyManagementGroup) DisplayName() string

DisplayName returns the display name of the management group.

func (*HierarchyManagementGroup) HasParent ¶

func (mg *HierarchyManagementGroup) HasParent(id string) bool

HasParent returns a bool value depending on whether the management group has a given parent. Only works for internal parents.

func (*HierarchyManagementGroup) ModifyPolicyAssignment ¶

func (alzmg *HierarchyManagementGroup) ModifyPolicyAssignment(
	name string,
	parameters map[string]*armpolicy.ParameterValuesValue,
	enforcementMode *armpolicy.EnforcementMode,
	nonComplianceMessages []*armpolicy.NonComplianceMessage,
	identity *armpolicy.Identity,
	resourceSelectors []*armpolicy.ResourceSelector,
	overrides []*armpolicy.Override,
) error

ModifyPolicyAssignment modifies an existing policy assignment in the management group. It will deep merge the supplied assignments with the existing assignments.

func (*HierarchyManagementGroup) Name ¶

func (mg *HierarchyManagementGroup) Name() string

Name returns the name/id of the management group.

func (*HierarchyManagementGroup) Parent ¶

func (mg *HierarchyManagementGroup) Parent() *HierarchyManagementGroup

Parent returns parent *AlzManagementGroup. If the parent is external, the result will be nil.

func (*HierarchyManagementGroup) ParentId ¶

func (mg *HierarchyManagementGroup) ParentId() string

ParentId returns the ID of the parent management group. If the parent is external, this will be preferred. If neither are set an empty string is returned (though this should never happen).

func (*HierarchyManagementGroup) ParentIsExternal ¶

func (mg *HierarchyManagementGroup) ParentIsExternal() bool

ParentIsExternal returns a bool value depending on whether the parent MG is external or not.

func (*HierarchyManagementGroup) PolicyAssignmentMap ¶

func (mg *HierarchyManagementGroup) PolicyAssignmentMap() map[string]*assets.PolicyAssignment

PolicyAssignmentMap returns a copy of the policy assignments map.

func (*HierarchyManagementGroup) PolicyDefinitionsMap ¶

func (mg *HierarchyManagementGroup) PolicyDefinitionsMap() map[string]*assets.PolicyDefinition

PolicyDefinitionsMap returns a copy of the policy definitions map.

func (*HierarchyManagementGroup) PolicySetDefinitionsMap ¶

func (mg *HierarchyManagementGroup) PolicySetDefinitionsMap() map[string]*assets.PolicySetDefinition

PolicySetDefinitionsMap returns a copy of the policy definitions map.

func (*HierarchyManagementGroup) ResourceId ¶

func (mg *HierarchyManagementGroup) ResourceId() string

ResourceId returns the resource ID of the management group.

func (*HierarchyManagementGroup) RoleDefinitionsMap ¶

func (alzmg *HierarchyManagementGroup) RoleDefinitionsMap() map[string]*assets.RoleDefinition

RoleDefinitionsMap returns a copy of the role definitions map.

type PolicyAssignmentsParameterValues ¶

type PolicyAssignmentsParameterValues map[string]map[string]*armpolicy.ParameterValuesValue

PolicyAssignmentsParameterValues is a map of policy assignments names toa map of policy parameter names to parameter values.

type PolicyRoleAssignment ¶

type PolicyRoleAssignment struct {
	RoleDefinitionId string
	Scope            string
	AssignmentName   string
}

PolicyRoleAssignment represents the role assignments that need to be created for a management group. Since we could be using system assigned identities, we don't know the principal ID until after the deployment. Therefore this data can be used to create the role assignments after the deployment.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL