provisioning

package

v1.201.0 Latest Latest Go to latest Published: Dec 10, 2025 License: Apache-2.0 Imports: 11 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/cloudposse/atmos

Links

Documentation ¶

Index ¶

Constants
type Counts
type ICredentials
type Metadata
type Provisioner
type Result
type Writer
- func NewWriter() (*Writer, error)

Constants ¶

View Source

const (
	// DefaultCacheDir is the default cache directory relative to XDG_CACHE_HOME.
	DefaultCacheDir = "atmos/auth"

	// ProvisionedFileName is the filename for provisioned identities.
	ProvisionedFileName = "provisioned-identities.yaml"
)

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type Counts ¶

type Counts struct {
	// Accounts is the number of accounts/organizations discovered.
	Accounts int

	// Roles is the number of permission sets/roles discovered.
	Roles int

	// Identities is the total number of identities provisioned.
	Identities int
}

Counts provides statistics about the provisioning operation.

type ICredentials ¶

type ICredentials interface {
	GetProvider() string
	GetExpiration() (*time.Time, error)
}

ICredentials is an interface for credentials. This is a minimal interface to avoid circular dependencies.

type Metadata ¶

type Metadata struct {
	// Source identifies the external source (e.g., "aws-sso", "okta", "azure-ad").
	Source string

	// Counts provides statistics about provisioned identities.
	Counts *Counts

	// Extra holds provider-specific metadata (e.g., AWS account IDs, Okta org ID).
	Extra map[string]interface{}
}

Metadata contains provider-specific metadata about the provisioning operation.

type Provisioner ¶

type Provisioner interface {
	// ProvisionIdentities provisions identities from the external source.
	// Returns provisioned identities and metadata, or error if provisioning fails.
	// Implementations should be non-fatal - errors are logged but don't block authentication.
	ProvisionIdentities(ctx context.Context, creds ICredentials) (*Result, error)
}

Provisioner is an optional interface that auth providers can implement to auto-provision identities from external sources.

type Result ¶

type Result struct {
	// Identities maps identity names to their configuration.
	Identities map[string]*schema.Identity

	// Provider is the name of the auth provider that provisioned these identities.
	Provider string

	// ProvisionedAt is when the identities were provisioned.
	ProvisionedAt time.Time

	// Metadata contains provider-specific provisioning information.
	Metadata Metadata
}

Result contains the provisioned identities and metadata.

type Writer ¶

type Writer struct {
	// CacheDir is the base cache directory (e.g., ~/.cache/atmos/auth).
	CacheDir string
}

Writer handles writing provisioned identities to disk.

func NewWriter ¶

func NewWriter() (*Writer, error)

NewWriter creates a new provisioner writer.

func (*Writer) GetProvisionedIdentitiesPath ¶

func (w *Writer) GetProvisionedIdentitiesPath(providerName string) string

GetProvisionedIdentitiesPath returns the path to the provisioned identities file for a provider.

func (*Writer) Remove ¶

func (w *Writer) Remove(providerName string) error

Remove removes the provisioned identities file for a provider.

func (*Writer) Write ¶

func (w *Writer) Write(result *Result) (string, error)

Write writes provisioned identities to the cache directory for the specified provider.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL