aws

package
v0.1.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Nov 28, 2025 License: Apache-2.0 Imports: 15 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type AWSAsserter 

type AWSAsserter struct{}

AWSAsserter implements assertions for AWS resources

func NewAWSAsserter 

func NewAWSAsserter() *AWSAsserter

NewAWSAsserter creates a new AWSAsserter instance

func (*AWSAsserter) AssertBillingMode 

func (a *AWSAsserter) AssertBillingMode(tableName, expectedMode string) error

AssertBillingMode checks if the DynamoDB table has the expected billing mode.

func (*AWSAsserter) AssertBucketEncryption 

func (a *AWSAsserter) AssertBucketEncryption(bucketName string) error

func (*AWSAsserter) AssertBucketExists 

func (a *AWSAsserter) AssertBucketExists(bucketName string) error

func (*AWSAsserter) AssertBucketPublicAccessBlock 

func (a *AWSAsserter) AssertBucketPublicAccessBlock(bucketName string) error

func (*AWSAsserter) AssertBucketServerAccessLogging 

func (a *AWSAsserter) AssertBucketServerAccessLogging(bucketName string) error

func (*AWSAsserter) AssertBucketVersioning 

func (a *AWSAsserter) AssertBucketVersioning(bucketName string) error

func (*AWSAsserter) AssertCapacity 

func (a *AWSAsserter) AssertCapacity(tableName string, readCapacity, writeCapacity int64) error

AssertCapacity checks if the DynamoDB table has the expected read and write capacity.

func (*AWSAsserter) AssertDBInstanceClass 

func (a *AWSAsserter) AssertDBInstanceClass(dbInstanceID, instanceClass, region string) error

AssertDBInstanceClass checks if a DB instance has the expected instance class

func (*AWSAsserter) AssertDBInstanceEncryption 

func (a *AWSAsserter) AssertDBInstanceEncryption(dbInstanceID string, encrypted bool, region string) error

AssertDBInstanceEncryption checks if a DB instance has the expected encryption setting

func (*AWSAsserter) AssertDBInstanceEngine 

func (a *AWSAsserter) AssertDBInstanceEngine(dbInstanceID, engine, region string) error

AssertDBInstanceEngine checks if a DB instance has the expected engine

func (*AWSAsserter) AssertDBInstanceExists 

func (a *AWSAsserter) AssertDBInstanceExists(dbInstanceID, region string) error

AssertDBInstanceExists checks if a DB instance exists

func (*AWSAsserter) AssertDBInstanceMultiAZ 

func (a *AWSAsserter) AssertDBInstanceMultiAZ(dbInstanceID string, multiAZ bool, region string) error

AssertDBInstanceMultiAZ checks if a DB instance has the expected MultiAZ setting

func (*AWSAsserter) AssertDBInstancePubliclyAccessible 

func (a *AWSAsserter) AssertDBInstancePubliclyAccessible(dbInstanceID string, publiclyAccessible bool, region string) error

func (*AWSAsserter) AssertDBInstanceStatus 

func (a *AWSAsserter) AssertDBInstanceStatus(dbInstanceID, status, region string) error

AssertDBInstanceStatus checks if a DB instance has the expected status

func (*AWSAsserter) AssertDBInstanceStorage 

func (a *AWSAsserter) AssertDBInstanceStorage(dbInstanceID string, allocatedStorage int32, region string) error

AssertDBInstanceStorage checks if a DB instance has the expected allocated storage

func (*AWSAsserter) AssertDBInstanceTags 

func (a *AWSAsserter) AssertDBInstanceTags(dbInstanceID string, expectedTags map[string]string, region string) error

AssertDBInstanceTags checks if a DB instance has the expected tags

func (*AWSAsserter) AssertEBSVolumeExists added in v0.1.1 

func (a *AWSAsserter) AssertEBSVolumeExists(volumeID, region string) error

AssertEBSVolumeExists checks if an EBS volume exists

func (*AWSAsserter) AssertEBSVolumeSize added in v0.1.1 

func (a *AWSAsserter) AssertEBSVolumeSize(volumeID string, sizeGB int32, region string) error

AssertEBSVolumeSize checks if an EBS volume has the expected size

func (*AWSAsserter) AssertEBSVolumeState added in v0.1.1 

func (a *AWSAsserter) AssertEBSVolumeState(volumeID, state, region string) error

AssertEBSVolumeState checks if an EBS volume has the expected state

func (*AWSAsserter) AssertEBSVolumeTags added in v0.1.1 

func (a *AWSAsserter) AssertEBSVolumeTags(volumeID string, expectedTags map[string]string, region string) error

AssertEBSVolumeTags checks if an EBS volume has the expected tags

func (*AWSAsserter) AssertEBSVolumeType added in v0.1.1 

func (a *AWSAsserter) AssertEBSVolumeType(volumeID, volumeType, region string) error

AssertEBSVolumeType checks if an EBS volume has the expected type

func (*AWSAsserter) AssertEC2InstanceAMI added in v0.1.1 

func (a *AWSAsserter) AssertEC2InstanceAMI(instanceID, amiID, region string) error

AssertEC2InstanceAMI checks if an EC2 instance was launched from the expected AMI

func (*AWSAsserter) AssertEC2InstanceExists added in v0.1.1 

func (a *AWSAsserter) AssertEC2InstanceExists(instanceID, region string) error

AssertEC2InstanceExists checks if an EC2 instance exists

func (*AWSAsserter) AssertEC2InstanceSecurityGroups added in v0.1.1 

func (a *AWSAsserter) AssertEC2InstanceSecurityGroups(instanceID string, securityGroupIDs []string, region string) error

AssertEC2InstanceSecurityGroups checks if an EC2 instance has the expected security groups

func (*AWSAsserter) AssertEC2InstanceState added in v0.1.1 

func (a *AWSAsserter) AssertEC2InstanceState(instanceID, state, region string) error

AssertEC2InstanceState checks if an EC2 instance has the expected state

func (*AWSAsserter) AssertEC2InstanceSubnet added in v0.1.1 

func (a *AWSAsserter) AssertEC2InstanceSubnet(instanceID, subnetID, region string) error

AssertEC2InstanceSubnet checks if an EC2 instance is in the expected subnet

func (*AWSAsserter) AssertEC2InstanceTags added in v0.1.1 

func (a *AWSAsserter) AssertEC2InstanceTags(instanceID string, expectedTags map[string]string, region string) error

AssertEC2InstanceTags checks if an EC2 instance has the expected tags

func (*AWSAsserter) AssertEC2InstanceType added in v0.1.1 

func (a *AWSAsserter) AssertEC2InstanceType(instanceID, instanceType, region string) error

AssertEC2InstanceType checks if an EC2 instance has the expected instance type

func (*AWSAsserter) AssertEC2InstanceVPC added in v0.1.1 

func (a *AWSAsserter) AssertEC2InstanceVPC(instanceID, vpcID, region string) error

AssertEC2InstanceVPC checks if an EC2 instance is in the expected VPC

func (*AWSAsserter) AssertIAMDescribeRoles added in v0.1.1 

func (a *AWSAsserter) AssertIAMDescribeRoles() error

AssertIAMDescribeRoles checks if the AWS account has permission to describe IAM roles

func (*AWSAsserter) AssertInstanceProfileExists added in v0.1.1 

func (a *AWSAsserter) AssertInstanceProfileExists(instanceProfileName string) error

AssertInstanceProfileExists checks if an IAM instance profile exists

func (*AWSAsserter) AssertInstanceProfileHasRole added in v0.1.1 

func (a *AWSAsserter) AssertInstanceProfileHasRole(instanceProfileName, roleName string) error

AssertInstanceProfileHasRole checks if an instance profile contains a specific role

func (*AWSAsserter) AssertInternetGatewayAttachedToVPC added in v0.1.1 

func (a *AWSAsserter) AssertInternetGatewayAttachedToVPC(igwID, vpcID, region string) error

AssertInternetGatewayAttachedToVPC checks if an internet gateway is attached to the expected VPC

func (*AWSAsserter) AssertInternetGatewayExists added in v0.1.1 

func (a *AWSAsserter) AssertInternetGatewayExists(igwID, region string) error

AssertInternetGatewayExists checks if an internet gateway exists

func (*AWSAsserter) AssertInternetGatewayTags added in v0.1.1 

func (a *AWSAsserter) AssertInternetGatewayTags(igwID string, expectedTags map[string]string, region string) error

AssertInternetGatewayTags checks if an internet gateway has the expected tags

func (*AWSAsserter) AssertKeyPairExists added in v0.1.1 

func (a *AWSAsserter) AssertKeyPairExists(keyName, region string) error

AssertKeyPairExists checks if a key pair exists

func (*AWSAsserter) AssertPolicyAttachedToRole added in v0.1.1 

func (a *AWSAsserter) AssertPolicyAttachedToRole(roleName, policyArn string) error

AssertPolicyAttachedToRole checks if a policy is attached to a role

func (*AWSAsserter) AssertPolicyExists added in v0.1.1 

func (a *AWSAsserter) AssertPolicyExists(policyArn string) error

AssertPolicyExists checks if an IAM managed policy exists

func (*AWSAsserter) AssertRDSDescribeInstances 

func (a *AWSAsserter) AssertRDSDescribeInstances() error

AssertRDSDescribeInstances checks if the AWS account has permission to describe RDS instances

func (*AWSAsserter) AssertRDSServiceAccess 

func (a *AWSAsserter) AssertRDSServiceAccess() error

AssertRDSServiceAccess checks if the AWS account has permission to access the RDS service

TODO: This doesn't work on InfraSpec API as the API isn't supported, so we're best off leaving this call undocumented, until its ported to use something like the IAM policy simulator instead.

func (*AWSAsserter) AssertRoleExists added in v0.1.1 

func (a *AWSAsserter) AssertRoleExists(roleName string) error

AssertRoleExists checks if an IAM role exists

func (*AWSAsserter) AssertRoleMaxSessionDuration added in v0.1.1 

func (a *AWSAsserter) AssertRoleMaxSessionDuration(roleName string, expectedDuration int32) error

AssertRoleMaxSessionDuration checks if an IAM role has the expected max session duration

func (*AWSAsserter) AssertRolePath added in v0.1.1 

func (a *AWSAsserter) AssertRolePath(roleName, expectedPath string) error

AssertRolePath checks if an IAM role has the expected path

func (*AWSAsserter) AssertRoleTags added in v0.1.1 

func (a *AWSAsserter) AssertRoleTags(roleName string, expectedTags map[string]string) error

AssertRoleTags checks if an IAM role has the expected tags

func (*AWSAsserter) AssertS3DescribeBuckets added in v0.1.0 

func (a *AWSAsserter) AssertS3DescribeBuckets() error

AssertS3DescribeBuckets checks if the AWS account has permission to describe S3 buckets

func (*AWSAsserter) AssertSecurityGroupDescription added in v0.1.1 

func (a *AWSAsserter) AssertSecurityGroupDescription(groupID, description, region string) error

AssertSecurityGroupDescription checks if a security group has the expected description

func (*AWSAsserter) AssertSecurityGroupExists added in v0.1.1 

func (a *AWSAsserter) AssertSecurityGroupExists(groupID, region string) error

AssertSecurityGroupExists checks if a security group exists

func (*AWSAsserter) AssertSecurityGroupName added in v0.1.1 

func (a *AWSAsserter) AssertSecurityGroupName(groupID, groupName, region string) error

AssertSecurityGroupName checks if a security group has the expected name

func (*AWSAsserter) AssertSecurityGroupTags added in v0.1.1 

func (a *AWSAsserter) AssertSecurityGroupTags(groupID string, expectedTags map[string]string, region string) error

AssertSecurityGroupTags checks if a security group has the expected tags

func (*AWSAsserter) AssertSecurityGroupVPC added in v0.1.1 

func (a *AWSAsserter) AssertSecurityGroupVPC(groupID, vpcID, region string) error

AssertSecurityGroupVPC checks if a security group belongs to the expected VPC

func (*AWSAsserter) AssertSubnetAvailabilityZone added in v0.1.1 

func (a *AWSAsserter) AssertSubnetAvailabilityZone(subnetID, az, region string) error

AssertSubnetAvailabilityZone checks if a subnet is in the expected availability zone

func (*AWSAsserter) AssertSubnetCIDR added in v0.1.1 

func (a *AWSAsserter) AssertSubnetCIDR(subnetID, cidrBlock, region string) error

AssertSubnetCIDR checks if a subnet has the expected CIDR block

func (*AWSAsserter) AssertSubnetExists added in v0.1.1 

func (a *AWSAsserter) AssertSubnetExists(subnetID, region string) error

AssertSubnetExists checks if a subnet exists

func (*AWSAsserter) AssertSubnetState added in v0.1.1 

func (a *AWSAsserter) AssertSubnetState(subnetID, state, region string) error

AssertSubnetState checks if a subnet has the expected state

func (*AWSAsserter) AssertSubnetTags added in v0.1.1 

func (a *AWSAsserter) AssertSubnetTags(subnetID string, expectedTags map[string]string, region string) error

AssertSubnetTags checks if a subnet has the expected tags

func (*AWSAsserter) AssertSubnetVPC added in v0.1.1 

func (a *AWSAsserter) AssertSubnetVPC(subnetID, vpcID, region string) error

AssertSubnetVPC checks if a subnet belongs to the expected VPC

func (*AWSAsserter) AssertTableExists 

func (a *AWSAsserter) AssertTableExists(tableName string) error

AssertTableExists checks if the DynamoDB table exists.

func (*AWSAsserter) AssertTableTags 

func (a *AWSAsserter) AssertTableTags(tableName string, expectedTags map[string]string) error

AssertTableTags checks if the DynamoDB table has the expected tags.

func (*AWSAsserter) AssertVPCCIDR added in v0.1.1 

func (a *AWSAsserter) AssertVPCCIDR(vpcID, cidrBlock, region string) error

AssertVPCCIDR checks if a VPC has the expected CIDR block

func (*AWSAsserter) AssertVPCExists added in v0.1.1 

func (a *AWSAsserter) AssertVPCExists(vpcID, region string) error

AssertVPCExists checks if a VPC exists

func (*AWSAsserter) AssertVPCIsDefault added in v0.1.1 

func (a *AWSAsserter) AssertVPCIsDefault(vpcID string, isDefault bool, region string) error

AssertVPCIsDefault checks if a VPC is or is not the default VPC

func (*AWSAsserter) AssertVPCState added in v0.1.1 

func (a *AWSAsserter) AssertVPCState(vpcID, state, region string) error

AssertVPCState checks if a VPC has the expected state

func (*AWSAsserter) AssertVPCTags added in v0.1.1 

func (a *AWSAsserter) AssertVPCTags(vpcID string, expectedTags map[string]string, region string) error

AssertVPCTags checks if a VPC has the expected tags

func (*AWSAsserter) GetName added in v0.0.14 

func (a *AWSAsserter) GetName() string

GetName returns the name of the asserter

type DynamoDBAsserter 

type DynamoDBAsserter interface {
	AssertTableExists(tableName string) error
	AssertTableTags(tableName string, expectedTags map[string]string) error
	AssertBillingMode(tableName, expectedMode string) error
	AssertCapacity(tableName string, readCapacity, writeCapacity int64) error
}

DynamoDBAsserter defines DynamoDB-specific assertions

type EC2Asserter added in v0.1.1 

type EC2Asserter interface {
	// Instance assertions
	AssertEC2InstanceExists(instanceID, region string) error
	AssertEC2InstanceState(instanceID, state, region string) error
	AssertEC2InstanceType(instanceID, instanceType, region string) error
	AssertEC2InstanceAMI(instanceID, amiID, region string) error
	AssertEC2InstanceSubnet(instanceID, subnetID, region string) error
	AssertEC2InstanceVPC(instanceID, vpcID, region string) error
	AssertEC2InstanceSecurityGroups(instanceID string, securityGroupIDs []string, region string) error
	AssertEC2InstanceTags(instanceID string, expectedTags map[string]string, region string) error

	// VPC assertions
	AssertVPCExists(vpcID, region string) error
	AssertVPCState(vpcID, state, region string) error
	AssertVPCCIDR(vpcID, cidrBlock, region string) error
	AssertVPCIsDefault(vpcID string, isDefault bool, region string) error
	AssertVPCTags(vpcID string, expectedTags map[string]string, region string) error

	// Subnet assertions
	AssertSubnetExists(subnetID, region string) error
	AssertSubnetState(subnetID, state, region string) error
	AssertSubnetCIDR(subnetID, cidrBlock, region string) error
	AssertSubnetVPC(subnetID, vpcID, region string) error
	AssertSubnetAvailabilityZone(subnetID, az, region string) error
	AssertSubnetTags(subnetID string, expectedTags map[string]string, region string) error

	// Security Group assertions
	AssertSecurityGroupExists(groupID, region string) error
	AssertSecurityGroupName(groupID, groupName, region string) error
	AssertSecurityGroupVPC(groupID, vpcID, region string) error
	AssertSecurityGroupDescription(groupID, description, region string) error
	AssertSecurityGroupTags(groupID string, expectedTags map[string]string, region string) error

	// Internet Gateway assertions
	AssertInternetGatewayExists(igwID, region string) error
	AssertInternetGatewayAttachedToVPC(igwID, vpcID, region string) error
	AssertInternetGatewayTags(igwID string, expectedTags map[string]string, region string) error

	// EBS Volume assertions
	AssertEBSVolumeExists(volumeID, region string) error
	AssertEBSVolumeState(volumeID, state, region string) error
	AssertEBSVolumeSize(volumeID string, sizeGB int32, region string) error
	AssertEBSVolumeType(volumeID, volumeType, region string) error
	AssertEBSVolumeTags(volumeID string, expectedTags map[string]string, region string) error

	// Key Pair assertions
	AssertKeyPairExists(keyName, region string) error
}

EC2Asserter defines EC2-specific assertions

type IAMAsserter added in v0.1.1 

type IAMAsserter interface {
	AssertIAMDescribeRoles() error
	AssertRoleExists(roleName string) error
	AssertRolePath(roleName, expectedPath string) error
	AssertRoleMaxSessionDuration(roleName string, expectedDuration int32) error
	AssertRoleTags(roleName string, expectedTags map[string]string) error
	AssertPolicyExists(policyArn string) error
	AssertPolicyAttachedToRole(roleName, policyArn string) error
	AssertInstanceProfileExists(instanceProfileName string) error
	AssertInstanceProfileHasRole(instanceProfileName, roleName string) error
}

IAMAsserter defines IAM-specific assertions

type RDSAsserter 

type RDSAsserter interface {
	AssertRDSServiceAccess() error
	AssertRDSDescribeInstances() error
	AssertDBInstanceExists(dbInstanceID, region string) error
	AssertDBInstanceStatus(dbInstanceID, status, region string) error
	AssertDBInstanceClass(dbInstanceID, instanceClass, region string) error
	AssertDBInstanceEngine(dbInstanceID, engine, region string) error
	AssertDBInstanceStorage(dbInstanceID string, allocatedStorage int32, region string) error
	AssertDBInstanceMultiAZ(dbInstanceID string, multiAZ bool, region string) error
	AssertDBInstanceEncryption(dbInstanceID string, encrypted bool, region string) error
	AssertDBInstancePubliclyAccessible(dbInstanceID string, publiclyAccessible bool, region string) error
	AssertDBInstanceTags(dbInstanceID string, expectedTags map[string]string, region string) error
}

RDSAsserter defines RDS-specific assertions

type S3Asserter 

type S3Asserter interface {
	AssertS3DescribeBuckets() error
	AssertBucketExists(bucketName string) error
	AssertBucketVersioning(bucketName string) error
	AssertBucketEncryption(bucketName string) error
	AssertBucketPublicAccessBlock(bucketName string) error
	AssertBucketServerAccessLogging(bucketName string) error
}

S3Asserter defines S3-specific assertions

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.