Documentation
¶
Overview ¶
Package azure implements utilities that relate to more than one thing we want to do with Azure for the plugin's validation logic.
Index ¶
Constants ¶
const TestClientTimeout = 10 * time.Second
Variables ¶
This section is empty.
Functions ¶
func RoleNameFromRoleDefinitionID ¶
RoleNameFromRoleDefinitionID extracts the name of a role (aka the non-fully-qualified ID of the role) from an Azure role definition ID (aka the fully-qualified ID of the role definition).
Types ¶
type AzureAPI ¶
type AzureAPI struct {
DenyAssignmentsClient *armauthorization.DenyAssignmentsClient
RoleAssignmentsClient *armauthorization.RoleAssignmentsClient
RoleDefinitionsClient *armauthorization.RoleDefinitionsClient
// Subscription ID is needed per API call for this client, so the client can't be created until
// right before it's used while reconciling a rule.
CommunityGalleryImagesClientProducer func(string) (*armcompute.CommunityGalleryImagesClient, error)
}
AzureAPI is an container that aggregates Azure service clients.
type AzureCommunityGalleryImagesClient ¶ added in v0.0.12
type AzureCommunityGalleryImagesClient struct {
// contains filtered or unexported fields
}
AzureCommunityGalleryImagesClient is a facade over the Azure community gallery images client. Exists to make our code easier to test (it handles paging).
func NewAzureCommunityGalleryImagesClient ¶ added in v0.0.12
func NewAzureCommunityGalleryImagesClient(ctx context.Context, azClientProducer func(subscriptionID string) (*armcompute.CommunityGalleryImagesClient, error)) *AzureCommunityGalleryImagesClient
NewAzureCommunityGalleryImagesClient creates a new AzureRoleDefinitionsClient (our facade client) from a client from the Azure SDK.
func (*AzureCommunityGalleryImagesClient) GetImagesForGallery ¶ added in v0.0.12
func (c *AzureCommunityGalleryImagesClient) GetImagesForGallery(location, name, subscriptionID string) ([]*armcompute.CommunityGalleryImage, error)
GetImagesForGallery gets all the images in a community gallery.
type AzureDenyAssignmentsClient ¶
type AzureDenyAssignmentsClient struct {
// contains filtered or unexported fields
}
AzureDenyAssignmentsClient is a facade over the Azure deny assignments client. Exists to make our code easier to test (it handles paging).
func NewAzureDenyAssignmentsClient ¶
func NewAzureDenyAssignmentsClient(ctx context.Context, azClient *armauthorization.DenyAssignmentsClient) *AzureDenyAssignmentsClient
NewAzureDenyAssignmentsClient creates a new AzureDenyAssignmentsClient (our facade client) from a client from the Azure SDK.
func (*AzureDenyAssignmentsClient) GetDenyAssignmentsForScope ¶
func (c *AzureDenyAssignmentsClient) GetDenyAssignmentsForScope(scope string, filter *string) ([]*armauthorization.DenyAssignment, error)
GetDenyAssignmentsForScope gets all the deny assignments matching a scope and an optional filter.
type AzureRoleAssignmentsClient ¶
type AzureRoleAssignmentsClient struct {
// contains filtered or unexported fields
}
AzureRoleAssignmentsClient is a facade over the Azure role assignments client. Exists to make our code easier to test (it handles paging).
func NewAzureRoleAssignmentsClient ¶
func NewAzureRoleAssignmentsClient(ctx context.Context, azClient *armauthorization.RoleAssignmentsClient) *AzureRoleAssignmentsClient
NewAzureRoleAssignmentsClient creates a new AzureRoleAssignmentsClient (our facade client) from a client from the Azure SDK.
func (*AzureRoleAssignmentsClient) GetRoleAssignmentsForScope ¶
func (c *AzureRoleAssignmentsClient) GetRoleAssignmentsForScope(scope string, filter *string) ([]*armauthorization.RoleAssignment, error)
GetRoleAssignmentsForScope gets all the role assignments matching a scope and an optional filter.
type AzureRoleDefinitionsClient ¶
type AzureRoleDefinitionsClient struct {
// contains filtered or unexported fields
}
AzureRoleDefinitionsClient is a facade over the Azure role definitions client. Code that uses this instead of the actual Azure client is easier to test because it won't need to deal with finding the permissions part of the API response.
func NewAzureRoleDefinitionsClient ¶
func NewAzureRoleDefinitionsClient(ctx context.Context, azClient *armauthorization.RoleDefinitionsClient) *AzureRoleDefinitionsClient
NewAzureRoleDefinitionsClient creates a new AzureRoleDefinitionsClient (our facade client) from a client from the Azure SDK.
func (*AzureRoleDefinitionsClient) GetByID ¶
func (c *AzureRoleDefinitionsClient) GetByID(roleID string) (*armauthorization.RoleDefinition, error)
GetByID gets the role definition associated with a role assignment because it uses the fully-qualified role ID contained within the role assignment data to retrieve it from Azure.
Source Files