Versions in this module Expand all Collapse all v0 v0.8.0 Jun 30, 2023 Changes in this version + const AccountTypeServiceAccount + const AccountTypeUser + const DatasetRoleOwner + const DatasetRoleReader + const DatasetRoleWriter + const ResourceTypeDataset + const ResourceTypeTable + var BigQueryAuditMetadataMethods = []string + var ErrCannotVerifyTablePermission = errors.New(...) + var ErrEmptyActivityPayload = errors.New("couldn't get payload from log entry") + var ErrEmptyResource = errors.New("this bigquery project has no resources") + var ErrInvalidActivityPayloadType = errors.New("payload is not of type *audit.AuditLog") + var ErrInvalidCredentials = errors.New("invalid credentials type") + var ErrInvalidCredentialsType = errors.New("invalid credentials type") + var ErrInvalidDatasetPermission = errors.New("provided permission is not supported for dataset resource") + var ErrInvalidPermissionConfig = errors.New("invalid permission config type") + var ErrInvalidResourceType = errors.New("invalid resource type") + var ErrInvalidRole = errors.New("invalid role") + var ErrInvalidTablePermission = errors.New("provided permission is not supported for table resource") + var ErrInvalidTableURN = errors.New("table URN is invalid") + var ErrNilAppeal = errors.New("appeal can't be nil") + var ErrNilProviderConfig = errors.New("provider config can't be nil") + var ErrNilResource = errors.New("designated resource can't be nil") + var ErrPermissionAlreadyExists = errors.New("permission already exists") + var ErrPermissionNotFound = errors.New("permission not found") + var ErrProviderTypeMismatch = errors.New("provider type in the config and in the appeal don't match") + var ErrProviderURNMismatch = errors.New("provider urn in the config and in the appeal don't match") + var ErrUnableToDecryptNilCredentials = errors.New("unable to decrypt nil credentials") + var ErrUnableToEncryptNilCredentials = errors.New("unable to encrypt nil credentials") + func NewBigQueryClient(projectID string, opts ...option.ClientOption) (*bigQueryClient, error) + func NewCloudLoggingClient(ctx context.Context, projectID string, credentialsJSON []byte) (*cloudLoggingClient, error) + type Activity struct + func (a Activity) ToDomainActivity(p domain.Provider) (*domain.Activity, error) + type BigQueryClient interface + GetDatasets func(context.Context) ([]*Dataset, error) + GetRolePermissions func(context.Context, string) ([]string, error) + GetTables func(ctx context.Context, datasetID string) ([]*Table, error) + GrantDatasetAccess func(ctx context.Context, d *Dataset, user, role string) error + GrantTableAccess func(ctx context.Context, t *Table, accountType, accountID, role string) error + ListAccess func(ctx context.Context, resources []*domain.Resource) (domain.MapResourceAccess, error) + ResolveDatasetRole func(role string) (bq.AccessRole, error) + RevokeDatasetAccess func(ctx context.Context, d *Dataset, user, role string) error + RevokeTableAccess func(ctx context.Context, t *Table, accountType, accountID, role string) error + type BigQueryResourceName string + func (r BigQueryResourceName) BigQueryResourceID() string + func (r BigQueryResourceName) DatasetID() string + func (r BigQueryResourceName) ProjectID() string + func (r BigQueryResourceName) TableID() string + type Config struct + ProviderConfig *domain.ProviderConfig + func NewConfig(pc *domain.ProviderConfig, crypto domain.Crypto) *Config + func (c *Config) EncryptCredentials() error + func (c *Config) ParseAndValidate() error + type Credentials struct + ResourceName string + ServiceAccountKey string + func ParseCredentials(v interface{}, decryptor domain.Decryptor) (*Credentials, error) + func (c *Credentials) Decrypt(decryptor domain.Decryptor) error + func (c *Credentials) Encrypt(encryptor domain.Encryptor) error + func (c Credentials) ProjectID() string + type Dataset struct + DatasetID string + Labels map[string]string + ProjectID string + func (d *Dataset) FromDomain(r *domain.Resource) error + func (d *Dataset) ToDomain() *domain.Resource + type ImportActivitiesFilter struct + Authorizations []string + Limit int + Types []string + type Permission string + type Provider struct + Clients map[string]BigQueryClient + LogClients map[string]cloudLoggingClientI + func NewProvider(typeName string, c encryptor, logger log.Logger) *Provider + func (p *Provider) CreateConfig(pc *domain.ProviderConfig) error + func (p *Provider) GetAccountTypes() []string + func (p *Provider) GetActivities(ctx context.Context, pd domain.Provider, filter domain.ImportActivitiesFilter) ([]*domain.Activity, error) + func (p *Provider) GetResources(pc *domain.ProviderConfig) ([]*domain.Resource, error) + func (p *Provider) GetRoles(pc *domain.ProviderConfig, resourceType string) ([]*domain.Role, error) + func (p *Provider) GetType() string + func (p *Provider) GrantAccess(pc *domain.ProviderConfig, a domain.Grant) error + func (p *Provider) ListAccess(ctx context.Context, pc domain.ProviderConfig, resources []*domain.Resource) (domain.MapResourceAccess, error) + func (p *Provider) RevokeAccess(pc *domain.ProviderConfig, a domain.Grant) error + type Table struct + DatasetID string + Labels map[string]string + ProjectID string + TableID string + func (t *Table) FromDomain(r *domain.Resource) error + func (t *Table) ToDomain() *domain.Resource
Go to main page