Documentation
¶
Index ¶
- Constants
- func IsAlreadyExists(err error) bool
- func IsNotFound(err error) bool
- type IAMService
- func (s *IAMService) DeleteKiamRole() error
- func (s *IAMService) DeleteRole() error
- func (s *IAMService) DeleteRolesForIRSA() error
- func (s *IAMService) DeleteRoute53Role() error
- func (s *IAMService) GetIRSAOpenIDForEKS(clusterName string) (string, error)
- func (s *IAMService) GetRoleARN(roleName string) (string, error)
- func (s *IAMService) ReconcileKiamRole() error
- func (s *IAMService) ReconcileRole() error
- func (s *IAMService) ReconcileRolesForIRSA(awsAccountID string, irsaTrustDomains []string) error
- func (s *IAMService) SetPrincipalRoleARN(arn string)
- type IAMServiceConfig
- type Route53RoleParams
Constants ¶
View Source
const ( BastionRole = "bastion" ControlPlaneRole = "control-plane" // also used as part of finalizer name NodesRole = "nodes" // also used as part of finalizer name Route53Role = "route53-role" KIAMRole = "kiam-role" IRSARole = "irsa-role" CertManagerRole = "cert-manager-role" ALBConrollerRole = "ALBController-Role" EBSCSIDriverRole = "ebs-csi-driver-role" EFSCSIDriverRole = "efs-csi-driver-role" ClusterAutoscalerRole = "cluster-autoscaler-role" IAMControllerOwnedTag = "capi-iam-controller/owned" ClusterIDTag = "sigs.k8s.io/cluster-api-provider-aws/cluster/%s" )
View Source
const ALBControllerPolicyTemplate = `` /* 8359-byte string literal not displayed */
View Source
const AWSReducedInstanceProfileIAMPermissionsForWorkersLabel = "alpha.aws.giantswarm.io/reduced-instance-permissions-workers"
View Source
const EBSCSIDriverPolicyTemplate = `` /* 4086-byte string literal not displayed */
View Source
const EFSCSIDriverPolicyTemplate = `` /* 1074-byte string literal not displayed */
Variables ¶
This section is empty.
Functions ¶
func IsAlreadyExists ¶
func IsNotFound ¶
Types ¶
type IAMService ¶
type IAMService struct {
// contains filtered or unexported fields
}
func New ¶
func New(config IAMServiceConfig) (*IAMService, error)
func (*IAMService) DeleteKiamRole ¶
func (s *IAMService) DeleteKiamRole() error
func (*IAMService) DeleteRole ¶
func (s *IAMService) DeleteRole() error
func (*IAMService) DeleteRolesForIRSA ¶ added in v0.7.0
func (s *IAMService) DeleteRolesForIRSA() error
func (*IAMService) DeleteRoute53Role ¶
func (s *IAMService) DeleteRoute53Role() error
func (*IAMService) GetIRSAOpenIDForEKS ¶ added in v0.10.0
func (s *IAMService) GetIRSAOpenIDForEKS(clusterName string) (string, error)
func (*IAMService) GetRoleARN ¶ added in v0.10.0
func (s *IAMService) GetRoleARN(roleName string) (string, error)
func (*IAMService) ReconcileKiamRole ¶
func (s *IAMService) ReconcileKiamRole() error
func (*IAMService) ReconcileRole ¶
func (s *IAMService) ReconcileRole() error
func (*IAMService) ReconcileRolesForIRSA ¶ added in v0.7.0
func (s *IAMService) ReconcileRolesForIRSA(awsAccountID string, irsaTrustDomains []string) error
func (*IAMService) SetPrincipalRoleARN ¶ added in v0.10.0
func (s *IAMService) SetPrincipalRoleARN(arn string)
type IAMServiceConfig ¶
type IAMServiceConfig struct {
ObjectLabels map[string]string // not always filled
AWSSession awsclientgo.ConfigProvider
ClusterName string
MainRoleName string
Log logr.Logger
RoleType string
Region string
PrincipalRoleARN string
CustomTags map[string]string
IAMClientFactory func(awsclientgo.ConfigProvider, string) iamiface.IAMAPI
}
Source Files
Click to show internal directories.
Click to hide internal directories.