Documentation
¶
Overview ¶
Package deployment contains the types and methods for managing the deployment of an Azure management group hierarchy using the supplied Alzlib.
Index ¶
- Constants
- type Hierarchy
- func (h *Hierarchy) FromArchitecture(ctx context.Context, arch, externalParentId, location string) error
- func (h *Hierarchy) ManagementGroup(name string) *HierarchyManagementGroup
- func (h *Hierarchy) ManagementGroupNames() []string
- func (h *Hierarchy) ManagementGroupsAtLevel(level int) map[string]*HierarchyManagementGroup
- func (h *Hierarchy) PolicyRoleAssignments(ctx context.Context) (mapset.Set[PolicyRoleAssignment], error)
- type HierarchyManagementGroup
- func (alzmg *HierarchyManagementGroup) Children() []*HierarchyManagementGroup
- func (mg *HierarchyManagementGroup) DisplayName() string
- func (mg *HierarchyManagementGroup) Exists() bool
- func (mg *HierarchyManagementGroup) HasParent(id string) bool
- func (mg *HierarchyManagementGroup) Level() int
- func (mg *HierarchyManagementGroup) Location() string
- func (alzmg *HierarchyManagementGroup) ModifyPolicyAssignment(name string, parameters map[string]*armpolicy.ParameterValuesValue, ...) error
- func (mg *HierarchyManagementGroup) Name() string
- func (mg *HierarchyManagementGroup) Parent() *HierarchyManagementGroup
- func (mg *HierarchyManagementGroup) ParentId() string
- func (mg *HierarchyManagementGroup) ParentIsExternal() bool
- func (mg *HierarchyManagementGroup) PolicyAssignmentMap() map[string]*assets.PolicyAssignment
- func (mg *HierarchyManagementGroup) PolicyDefinitionsMap() map[string]*assets.PolicyDefinition
- func (mg *HierarchyManagementGroup) PolicySetDefinitionsMap() map[string]*assets.PolicySetDefinition
- func (mg *HierarchyManagementGroup) ResourceId() string
- func (alzmg *HierarchyManagementGroup) RoleDefinitionsMap() map[string]*assets.RoleDefinition
- type PolicyAssignmentsParameterValues
- type PolicyRoleAssignment
Constants ¶
const ( ManagementGroupIdFmt = "/providers/Microsoft.Management/managementGroups/%s" PolicyAssignmentIdFmt = "/providers/Microsoft.Management/managementGroups/%s/providers/Microsoft.Authorization/policyAssignments/%s" PolicyDefinitionIdFmt = "/providers/Microsoft.Management/managementGroups/%s/providers/Microsoft.Authorization/policyDefinitions/%s" PolicySetDefinitionIdFmt = "/providers/Microsoft.Management/managementGroups/%s/providers/Microsoft.Authorization/policySetDefinitions/%s" RoleDefinitionIdFmt = "/providers/Microsoft.Management/managementGroups/%s/providers/Microsoft.Authorization/roleDefinitions/%s" )
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Hierarchy ¶
type Hierarchy struct {
// contains filtered or unexported fields
}
Hierarchy represents a deployment of Azure management group hierarchy.
func NewHierarchy ¶
func (*Hierarchy) FromArchitecture ¶
func (*Hierarchy) ManagementGroup ¶
func (h *Hierarchy) ManagementGroup(name string) *HierarchyManagementGroup
ManagementGroup returns the management group with the given name.
func (*Hierarchy) ManagementGroupNames ¶
ManagementGroupNames returns the management group names as a slice of string.
func (*Hierarchy) ManagementGroupsAtLevel ¶
func (h *Hierarchy) ManagementGroupsAtLevel(level int) map[string]*HierarchyManagementGroup
func (*Hierarchy) PolicyRoleAssignments ¶
type HierarchyManagementGroup ¶
type HierarchyManagementGroup struct {
// contains filtered or unexported fields
}
HierarchyManagementGroup represents an Azure Management Group within a hierarchy, with links to parent and children. Note: this is not thread safe, and should not be used concurrently without an external mutex.
func (*HierarchyManagementGroup) Children ¶
func (alzmg *HierarchyManagementGroup) Children() []*HierarchyManagementGroup
Children returns the children of the management group.
func (*HierarchyManagementGroup) DisplayName ¶
func (mg *HierarchyManagementGroup) DisplayName() string
DisplayName returns the display name of the management group.
func (*HierarchyManagementGroup) Exists ¶ added in v0.15.0
func (mg *HierarchyManagementGroup) Exists() bool
Exists returns a bool value depending on whether the management group exists.
func (*HierarchyManagementGroup) HasParent ¶
func (mg *HierarchyManagementGroup) HasParent(id string) bool
HasParent returns a bool value depending on whether the management group has a given parent. Only works for internal parents.
func (*HierarchyManagementGroup) Level ¶ added in v0.15.0
func (mg *HierarchyManagementGroup) Level() int
Level returns the level of the management group in the hierarchy.
func (*HierarchyManagementGroup) Location ¶ added in v0.15.0
func (mg *HierarchyManagementGroup) Location() string
Location returns the default location to use for artifacts in the management group.
func (*HierarchyManagementGroup) ModifyPolicyAssignment ¶
func (alzmg *HierarchyManagementGroup) ModifyPolicyAssignment( name string, parameters map[string]*armpolicy.ParameterValuesValue, enforcementMode *armpolicy.EnforcementMode, nonComplianceMessages []*armpolicy.NonComplianceMessage, identity *armpolicy.Identity, resourceSelectors []*armpolicy.ResourceSelector, overrides []*armpolicy.Override, ) error
ModifyPolicyAssignment modifies an existing policy assignment in the management group. It will deep merge the supplied assignments with the existing assignments.
func (*HierarchyManagementGroup) Name ¶
func (mg *HierarchyManagementGroup) Name() string
Name returns the name/id of the management group.
func (*HierarchyManagementGroup) Parent ¶
func (mg *HierarchyManagementGroup) Parent() *HierarchyManagementGroup
Parent returns parent *AlzManagementGroup. If the parent is external, the result will be nil.
func (*HierarchyManagementGroup) ParentId ¶
func (mg *HierarchyManagementGroup) ParentId() string
ParentId returns the ID of the parent management group. If the parent is external, this will be preferred. If neither are set an empty string is returned (though this should never happen).
func (*HierarchyManagementGroup) ParentIsExternal ¶
func (mg *HierarchyManagementGroup) ParentIsExternal() bool
ParentIsExternal returns a bool value depending on whether the parent MG is external or not.
func (*HierarchyManagementGroup) PolicyAssignmentMap ¶
func (mg *HierarchyManagementGroup) PolicyAssignmentMap() map[string]*assets.PolicyAssignment
PolicyAssignmentMap returns a copy of the policy assignments map.
func (*HierarchyManagementGroup) PolicyDefinitionsMap ¶
func (mg *HierarchyManagementGroup) PolicyDefinitionsMap() map[string]*assets.PolicyDefinition
PolicyDefinitionsMap returns a copy of the policy definitions map.
func (*HierarchyManagementGroup) PolicySetDefinitionsMap ¶
func (mg *HierarchyManagementGroup) PolicySetDefinitionsMap() map[string]*assets.PolicySetDefinition
PolicySetDefinitionsMap returns a copy of the policy definitions map.
func (*HierarchyManagementGroup) ResourceId ¶
func (mg *HierarchyManagementGroup) ResourceId() string
ResourceId returns the resource ID of the management group.
func (*HierarchyManagementGroup) RoleDefinitionsMap ¶
func (alzmg *HierarchyManagementGroup) RoleDefinitionsMap() map[string]*assets.RoleDefinition
RoleDefinitionsMap returns a copy of the role definitions map.
type PolicyAssignmentsParameterValues ¶
type PolicyAssignmentsParameterValues map[string]map[string]*armpolicy.ParameterValuesValue
PolicyAssignmentsParameterValues is a map of policy assignments names toa map of policy parameter names to parameter values.
type PolicyRoleAssignment ¶
PolicyRoleAssignment represents the role assignments that need to be created for a management group. Since we could be using system assigned identities, we don't know the principal ID until after the deployment. Therefore this data can be used to create the role assignments after the deployment.
Source Files