assets

package
v0.27.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Aug 14, 2025 License: MIT Imports: 11 Imported by: 0

Documentation

Overview

Package assets provides the types used by the Alzlib library. It wraps Azure SDK types and provides additional functionality such as versioning and metadata handling for policy set definitions.

Use the constructor functions to create instances of the types defined in this package, such as NewPolicySetDefinitionVersion, NewRoleDefinition, and NewPolicySetDefinitionVersions.

Index

Constants

View Source 
const (
	// PolicyAssignmentNameMaxLength is the maximum length of a policy assignment name, at MG scope this is 24.
	PolicyAssignmentNameMaxLength = 24
	// PolicyAssignmentDisplayNameMaxLength is the maximum length of a policy assignment display name.
	PolicyAssignmentDisplayNameMaxLength = 128
	// PolicyAssignmentDescriptionMaxLength is the maximum length of a policy assignment description.
	PolicyAssignmentDescriptionMaxLength = 512
)
View Source 
const (
	// PolicySetDefinitionDisplayNameMaxLength is the maximum length of the display name for a policy set definition.
	PolicySetDefinitionDisplayNameMaxLength = 128
	// PolicySetDefinitionDescriptionMaxLength is the maximum length of the description for a policy set definition.
	PolicySetDefinitionDescriptionMaxLength = 512
)
View Source 
const (
	// ExpectedVersionComponents is the number of components expected in a semantic version.
	ExpectedVersionComponents = 3
)

Variables

View Source 
var (
	// ErrVersionConstraintInvalid is returned when the version constraint is invalid.
	ErrVersionConstraintInvalid = errors.New("version constraint is invalid")
)

Functions

func NameFromResourceID added in v0.27.0 

func NameFromResourceID(resID string) (string, error)

NameFromResourceID returns the name of the resource from a resource ID.

func ResourceTypeFromResourceID added in v0.27.0 

func ResourceTypeFromResourceID(resID string) (string, error)

ResourceTypeFromResourceID returns the resource type of the resource from a resource ID.

func ValidatePolicyAssignment added in v0.26.0 

func ValidatePolicyAssignment(pa *PolicyAssignment) error

ValidatePolicyAssignment performs validation checks on the policy assignment. To reduce the risk of nil pointer dereferences, it will create empty values for optional fields.

func ValidatePolicySetDefinition added in v0.27.0 

func ValidatePolicySetDefinition(psd *PolicySetDefinition) error

ValidatePolicySetDefinition performs validation checks on the policy set definition. To reduce the risk of nil pointer dereferences, it will create empty values for optional fields.

Types

type PolicyAssignment 

type PolicyAssignment struct {
	armpolicy.Assignment
}

PolicyAssignment represents a policy assignment in Azure. It wraps the armpolicy.Assignment type and provides additional methods for validation and working with policy assignments.

func NewPolicyAssignment 

func NewPolicyAssignment(pa armpolicy.Assignment) *PolicyAssignment

NewPolicyAssignment creates a new PolicyAssignment instance from an armpolicy.Assignment. The caller is responsible for ensuring that the policy assignment is valid. Use either the UnmarshalJSON method, or the ValidatePolicyAssignment function to validate the assignment.

func NewPolicyAssignmentValidate added in v0.26.0 

func NewPolicyAssignmentValidate(pa armpolicy.Assignment) (*PolicyAssignment, error)

NewPolicyAssignmentValidate creates a new PolicyAssignment instance and validates it.

func (*PolicyAssignment) IdentityType 

func (pa *PolicyAssignment) IdentityType() armpolicy.ResourceIdentityType

IdentityType returns the identity type of the policy assignment.

func (*PolicyAssignment) ParameterValueAsString 

func (pa *PolicyAssignment) ParameterValueAsString(paramName string) (string, error)

ParameterValueAsString returns the value of a policy assignment parameter. We always expect the value to be a string as it's used in calculating the additional role assignments for policy parameters with the assignPermissions metadata set to true. Therefore the value should be an ARM resourceId.

func (*PolicyAssignment) ReferencedPolicyDefinitionResourceID added in v0.27.0 

func (pa *PolicyAssignment) ReferencedPolicyDefinitionResourceID() (*arm.ResourceID, error)

ReferencedPolicyDefinitionResourceID returns the resource ID of the policy definition referenced by the policy assignment.

func (*PolicyAssignment) UnmarshalJSON added in v0.26.0 

func (pa *PolicyAssignment) UnmarshalJSON(data []byte) error

UnmarshalJSON implements the json.Unmarshaler interface for type PolicyAssignment. It performs validity checks on mandatory fields as well as some validation checks on certain fields.

type PolicyDefinition 

type PolicyDefinition struct {
	armpolicy.Definition
}

PolicyDefinition is a wrapper around armpolicy.Definition that provides additional methods to work with policy definitions, such as extracting role definition IDs and managing parameters.

func NewPolicyDefinition 

func NewPolicyDefinition(pd armpolicy.Definition) *PolicyDefinition

NewPolicyDefinition creates a new PolicyDefinition from an armpolicy.Definition.

func (*PolicyDefinition) AssignPermissionsParameterNames 

func (pd *PolicyDefinition) AssignPermissionsParameterNames() ([]string, error)

AssignPermissionsParameterNames returns a list of parameter names that have the AssignPermissions metadata field set to true in the policy definition.

func (*PolicyDefinition) NormalizedRoleDefinitionResourceIDs added in v0.27.0 

func (pd *PolicyDefinition) NormalizedRoleDefinitionResourceIDs() ([]string, error)

NormalizedRoleDefinitionResourceIDs returns a list of normalized role definition IDs from the policy definition. Normalized IDs are those without the management group portion, e.g.: /providers/Microsoft.Authorization/roleDefinitions/{roleDefinitionId}.

func (*PolicyDefinition) Parameter added in v0.18.1 

func (pd *PolicyDefinition) Parameter(name string) *armpolicy.ParameterDefinitionsValue

Parameter returns the parameter with the given name from the policy definition.

func (*PolicyDefinition) ParameterIsOptional added in v0.19.1 

func (pd *PolicyDefinition) ParameterIsOptional(name string) (bool, error)

ParameterIsOptional checks if the parameter with the given name is optional in the policy definition.

func (*PolicyDefinition) RoleDefinitionResourceIDs added in v0.27.0 

func (pd *PolicyDefinition) RoleDefinitionResourceIDs() ([]string, error)

RoleDefinitionResourceIDs returns the role definition ids referenced in a policy definition if they exist. We marshall the policyRule as JSON and then unmarshal into a custom type.

func (*PolicyDefinition) SetAssignPermissionsOnParameter added in v0.25.0 

func (pd *PolicyDefinition) SetAssignPermissionsOnParameter(parameterName string)

SetAssignPermissionsOnParameter sets the AssignPermissions metadata field to true for the parameter with the given name.

func (*PolicyDefinition) UnsetAssignPermissionsOnParameter added in v0.25.0 

func (pd *PolicyDefinition) UnsetAssignPermissionsOnParameter(parameterName string)

UnsetAssignPermissionsOnParameter removes the AssignPermissions metadata field for the parameter with the given name.

type PolicyDefinitionVersion added in v0.26.0 

type PolicyDefinitionVersion struct {
	armpolicy.DefinitionVersion
}

PolicyDefinitionVersion represents a version of a policy definition with version information. It embeds the armpolicy.DefinitionVersion struct and provides additional methods to work with it.

func NewPolicyDefinitionVersion added in v0.26.0 

func NewPolicyDefinitionVersion(pd armpolicy.DefinitionVersion) *PolicyDefinitionVersion

NewPolicyDefinitionVersion creates a new PolicyDefinitionVersion from an armpolicy.DefinitionVersion.

func (*PolicyDefinitionVersion) AssignPermissionsParameterNames added in v0.26.0 

func (pd *PolicyDefinitionVersion) AssignPermissionsParameterNames() ([]string, error)

AssignPermissionsParameterNames returns a list of parameter names that have the AssignPermissions metadata field set to true.

func (*PolicyDefinitionVersion) GetName added in v0.26.0 

func (pd *PolicyDefinitionVersion) GetName() *string

GetName returns the name of the policy definition version.

func (*PolicyDefinitionVersion) GetVersion added in v0.26.0 

func (pd *PolicyDefinitionVersion) GetVersion() *string

GetVersion returns the version of the policy definition, if it exists. If the version is not set, it returns nil.

func (*PolicyDefinitionVersion) NormalizedRoleDefinitionResourceIDs added in v0.27.0 

func (pd *PolicyDefinitionVersion) NormalizedRoleDefinitionResourceIDs() ([]string, error)

NormalizedRoleDefinitionResourceIDs normalizes a role definition id by removing the version suffix (if present) and returning the resource id in the format: /subscriptions/{subscriptionId}/providers/Microsoft.Authorization/roleDefinitions/{roleDefinitionId}.

func (*PolicyDefinitionVersion) Parameter added in v0.26.0 

func (pd *PolicyDefinitionVersion) Parameter(name string) *armpolicy.ParameterDefinitionsValue

Parameter returns the parameter definition for the given name.

func (*PolicyDefinitionVersion) ParameterIsOptional added in v0.26.0 

func (pd *PolicyDefinitionVersion) ParameterIsOptional(name string) (bool, error)

ParameterIsOptional checks if the parameter with the given name is optional.

func (*PolicyDefinitionVersion) RoleDefinitionResourceIDs added in v0.27.0 

func (pd *PolicyDefinitionVersion) RoleDefinitionResourceIDs() ([]string, error)

RoleDefinitionResourceIDs returns the role definition ids referenced in a policy definition if they exist. We marshall the policyRule as JSON and then unmarshal into a custom type.

func (*PolicyDefinitionVersion) SetAssignPermissionsOnParameter added in v0.26.0 

func (pd *PolicyDefinitionVersion) SetAssignPermissionsOnParameter(parameterName string)

SetAssignPermissionsOnParameter sets the AssignPermissions metadata field to true for the parameter with the given name.

func (*PolicyDefinitionVersion) UnsetAssignPermissionsOnParameter added in v0.26.0 

func (pd *PolicyDefinitionVersion) UnsetAssignPermissionsOnParameter(parameterName string)

UnsetAssignPermissionsOnParameter removes the AssignPermissions metadata field for the parameter with the given name.

type PolicyDefinitionVersions added in v0.26.0 

type PolicyDefinitionVersions = VersionedPolicyCollection[*PolicyDefinitionVersion]

PolicyDefinitionVersions is a type alias for the generic collection.

func NewPolicyDefinitionVersions added in v0.26.0 

func NewPolicyDefinitionVersions() *PolicyDefinitionVersions

NewPolicyDefinitionVersions creates a collection of PolicyDefinitionVersion.

type PolicySetDefinition 

type PolicySetDefinition struct {
	armpolicy.SetDefinition
}

PolicySetDefinition represents a policy set definition and embeds the armpolicy.SetDefinition struct.

func NewPolicySetDefinition 

func NewPolicySetDefinition(psd armpolicy.SetDefinition) *PolicySetDefinition

NewPolicySetDefinition creates a new PolicySetDefinition from an armpolicy.SetDefinition.

func (*PolicySetDefinition) Parameter added in v0.19.0 

func (psd *PolicySetDefinition) Parameter(name string) *armpolicy.ParameterDefinitionsValue

Parameter returns the parameter definition for the given name.

func (*PolicySetDefinition) PolicyDefinitionReferences 

func (psd *PolicySetDefinition) PolicyDefinitionReferences() []*armpolicy.DefinitionReference

PolicyDefinitionReferences returns the policy definition references for the policy set definition.

func (*PolicySetDefinition) ReferencedPolicyDefinitionNames 

func (psd *PolicySetDefinition) ReferencedPolicyDefinitionNames() ([]string, error)

ReferencedPolicyDefinitionNames returns the names of the policy definitions referenced by the policy set definition.

func (*PolicySetDefinition) UnmarshalJSON added in v0.27.0 

func (psd *PolicySetDefinition) UnmarshalJSON(data []byte) error

UnmarshalJSON implements the json.Unmarshaler interface for type PolicySetDefinition. It performs validity checks on mandatory fields as well as some validation checks on certain fields.

type PolicySetDefinitionVersion added in v0.26.0 

type PolicySetDefinitionVersion struct {
	armpolicy.SetDefinitionVersion
}

PolicySetDefinitionVersion represents a version of a policy set definition with version information. It embeds the armpolicy.SetDefinitionVersion struct and provides additional methods to work with it.

func NewPolicySetDefinitionVersion added in v0.26.0 

func NewPolicySetDefinitionVersion(psd armpolicy.SetDefinitionVersion) *PolicySetDefinitionVersion

NewPolicySetDefinitionVersion creates a new PolicySetDefinitionVersion from an armpolicy.SetDefinitionVersion.

func (*PolicySetDefinitionVersion) GetName added in v0.26.0 

func (psd *PolicySetDefinitionVersion) GetName() *string

GetName returns the name of the policy set definition.

func (*PolicySetDefinitionVersion) GetVersion added in v0.26.0 

func (psd *PolicySetDefinitionVersion) GetVersion() *string

GetVersion returns the version of the policy set definition.

func (*PolicySetDefinitionVersion) Parameter added in v0.26.0 

func (psd *PolicySetDefinitionVersion) Parameter(name string) *armpolicy.ParameterDefinitionsValue

Parameter returns the parameter definition for the given name.

func (*PolicySetDefinitionVersion) PolicyDefinitionReferences added in v0.26.0 

func (psd *PolicySetDefinitionVersion) PolicyDefinitionReferences() []*armpolicy.DefinitionReference

PolicyDefinitionReferences returns the policy definition references for the policy set definition.

func (*PolicySetDefinitionVersion) ReferencedPolicyDefinitionNames added in v0.26.0 

func (psd *PolicySetDefinitionVersion) ReferencedPolicyDefinitionNames() ([]string, error)

ReferencedPolicyDefinitionNames returns the names of the policy definitions referenced by the policy set definition.

type PolicySetDefinitionVersions added in v0.26.0 

type PolicySetDefinitionVersions = VersionedPolicyCollection[*PolicySetDefinitionVersion]

PolicySetDefinitionVersions represents a version collection of a policy set definitions.

func NewPolicySetDefinitionVersions added in v0.26.0 

func NewPolicySetDefinitionVersions() *PolicySetDefinitionVersions

NewPolicySetDefinitionVersions creates a collection of PolicySetDefinitionVersion.

type RoleDefinition 

type RoleDefinition struct {
	armauthorization.RoleDefinition
}

RoleDefinition is a wrapper around armauthorization.RoleDefinition to provide additional methods or properties if needed.

func NewRoleDefinition 

func NewRoleDefinition(rd armauthorization.RoleDefinition) *RoleDefinition

NewRoleDefinition creates a new RoleDefinition from an armauthorization.RoleDefinition.

type Versioned added in v0.26.0 

type Versioned interface {
	VersionedTypes
	GetVersion() *string
	GetName() *string
}

Versioned is an interface for versioned policy types.

type VersionedPolicyCollection added in v0.26.0 

type VersionedPolicyCollection[T Versioned] struct {
	// contains filtered or unexported fields
}

VersionedPolicyCollection is a generic collection of versioned policies.

func (*VersionedPolicyCollection[T]) Add added in v0.26.0 

func (c *VersionedPolicyCollection[T]) Add(add T) error

Add adds a new version to the collection.

func (*VersionedPolicyCollection[T]) GetVersion added in v0.26.0 

func (c *VersionedPolicyCollection[T]) GetVersion(constraintStr *string) (T, error)

GetVersion returns a policy version based on the provided constraint string. If the constraint string is nil, it returns the versionless definition if it exists. If the constraint string is nil and no versionless definition exists, it returns the latest version.

type VersionedTypes added in v0.26.0 

type VersionedTypes interface {
	*PolicyDefinitionVersion | *PolicySetDefinitionVersion
}

VersionedTypes is a type constraint for versioned policy types.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.