container

package
v1.4.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Nov 2, 2025 License: MIT Imports: 23 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	// Throttling behavior constants
	ThrottleThreshold       = 3           // Number of throttles before backing off more aggressively
	ThrottleBackoffDuration = time.Second // Additional backoff duration when throttled

	// Jitter constants
	JitterPercentage = 0.25 // ±25% jitter range
)

Variables

This section is empty.

Functions

This section is empty.

Types

type AssumeRoleStrategy 

type AssumeRoleStrategy struct{}

AssumeRoleStrategy handles IAM role assumption

func (*AssumeRoleStrategy) GetConfig 

func (s *AssumeRoleStrategy) GetConfig(ctx context.Context, options AuthOptions) (aws.Config, error)

func (*AssumeRoleStrategy) IsAvailable 

func (s *AssumeRoleStrategy) IsAvailable(ctx context.Context, options AuthOptions) bool

func (*AssumeRoleStrategy) Name 

func (s *AssumeRoleStrategy) Name() string

func (*AssumeRoleStrategy) Priority 

func (s *AssumeRoleStrategy) Priority() int

type AuthOptions 

type AuthOptions struct {
	Profile    string
	AssumeRole string
	Region     string
}

type AuthStrategy 

type AuthStrategy interface {
	Name() string
	IsAvailable(ctx context.Context, options AuthOptions) bool
	GetConfig(ctx context.Context, options AuthOptions) (aws.Config, error)
	Priority() int
}

type AuthenticationStrategy 

type AuthenticationStrategy struct {
	// contains filtered or unexported fields
}

func NewAuthenticationStrategy 

func NewAuthenticationStrategy() *AuthenticationStrategy

func (*AuthenticationStrategy) GetAWSConfig 

func (a *AuthenticationStrategy) GetAWSConfig(ctx context.Context, options AuthOptions) (aws.Config, error)

type CommandProcessor 

type CommandProcessor struct {
	// contains filtered or unexported fields
}

func NewCommandProcessor 

func NewCommandProcessor(awsCfg aws.Config, options ProcessorOptions) *CommandProcessor

func (*CommandProcessor) Execute 

func (p *CommandProcessor) Execute(ctx context.Context, request CommandRequest) (*ExecutionResult, error)

type CommandRequest 

type CommandRequest struct {
	Type           string
	ConfigRuleName string
	Region         string
	BatchSize      int
}

type DefaultStrategy 

type DefaultStrategy struct{}

DefaultStrategy is the fallback authentication method

func (*DefaultStrategy) GetConfig 

func (s *DefaultStrategy) GetConfig(ctx context.Context, options AuthOptions) (aws.Config, error)

func (*DefaultStrategy) IsAvailable 

func (s *DefaultStrategy) IsAvailable(ctx context.Context, options AuthOptions) bool

func (*DefaultStrategy) Name 

func (s *DefaultStrategy) Name() string

func (*DefaultStrategy) Priority 

func (s *DefaultStrategy) Priority() int

type DryRunComplianceService 

type DryRunComplianceService struct {
	// contains filtered or unexported fields
}

DryRunComplianceService wraps the real compliance service for dry-run mode

func NewDryRunComplianceService 

func NewDryRunComplianceService(realService service.ComplianceServiceInterface) *DryRunComplianceService

NewDryRunComplianceService creates a new dry-run wrapper for the compliance service

func (*DryRunComplianceService) EvaluateCompliance 

func (s *DryRunComplianceService) EvaluateCompliance(ctx context.Context, logGroupName, region string) (types.ComplianceResult, error)

EvaluateCompliance is not implemented for dry-run service This method is not used in the container implementation as compliance evaluation is handled differently through GetNonCompliantResources and ValidateResourceExistence

func (*DryRunComplianceService) GetLogGroupConfiguration 

func (s *DryRunComplianceService) GetLogGroupConfiguration(ctx context.Context, logGroupName, region string) (types.LogGroupConfiguration, error)

GetLogGroupConfiguration is a helper method for dry-run analysis

func (*DryRunComplianceService) GetNonCompliantResources 

func (s *DryRunComplianceService) GetNonCompliantResources(ctx context.Context, configRuleName, region string) ([]types.NonCompliantResource, error)

GetNonCompliantResources delegates to the real service (read-only operation)

func (*DryRunComplianceService) ProcessNonCompliantResourcesOptimized 

func (s *DryRunComplianceService) ProcessNonCompliantResourcesOptimized(ctx context.Context, request types.BatchComplianceRequest) (*types.BatchRemediationResult, error)

ProcessNonCompliantResourcesOptimized simulates batch processing without making changes

func (*DryRunComplianceService) RemediateLogGroup 

func (s *DryRunComplianceService) RemediateLogGroup(ctx context.Context, compliance types.ComplianceResult) (*types.RemediationResult, error)

RemediateLogGroup simulates remediation without making changes

func (*DryRunComplianceService) ValidateResourceExistence 

func (s *DryRunComplianceService) ValidateResourceExistence(ctx context.Context, resources []types.NonCompliantResource) ([]types.NonCompliantResource, error)

ValidateResourceExistence delegates to the real service (read-only operation)

type DryRunSummary 

type DryRunSummary struct {
	WouldApplyEncryption int `json:"would_apply_encryption"`
	WouldApplyRetention  int `json:"would_apply_retention"`
	AlreadyCompliant     int `json:"already_compliant"`
	TotalResources       int `json:"total_resources"`
}

type EnvironmentStrategy 

type EnvironmentStrategy struct{}

EnvironmentStrategy handles environment variable authentication

func (*EnvironmentStrategy) GetConfig 

func (s *EnvironmentStrategy) GetConfig(ctx context.Context, options AuthOptions) (aws.Config, error)

func (*EnvironmentStrategy) IsAvailable 

func (s *EnvironmentStrategy) IsAvailable(ctx context.Context, options AuthOptions) bool

func (*EnvironmentStrategy) Name 

func (s *EnvironmentStrategy) Name() string

func (*EnvironmentStrategy) Priority 

func (s *EnvironmentStrategy) Priority() int

type ExecutionLogEntry 

type ExecutionLogEntry struct {
	Timestamp time.Time `json:"timestamp"`
	Level     string    `json:"level"`
	Message   string    `json:"message"`
	Details   any       `json:"details,omitempty"`
}

type ExecutionResult 

type ExecutionResult struct {
	ExecutionID    string              `json:"execution_id"`
	Status         string              `json:"status"`
	Mode           string              `json:"mode"`
	ConfigRuleName string              `json:"config_rule_name"`
	Region         string              `json:"region"`
	TotalProcessed int                 `json:"total_processed"`
	SuccessCount   int                 `json:"success_count"`
	FailureCount   int                 `json:"failure_count"`
	Duration       string              `json:"duration"`
	Timestamp      time.Time           `json:"timestamp"`
	Resources      []ResourceResult    `json:"resources,omitempty"`
	DryRunSummary  *DryRunSummary      `json:"dry_run_summary,omitempty"`
	Error          string              `json:"error,omitempty"`
	ExecutionLog   []ExecutionLogEntry `json:"execution_log,omitempty"`
}

type ExplicitCredentialsStrategy 

type ExplicitCredentialsStrategy struct{}

ExplicitCredentialsStrategy handles explicitly provided credentials

func (*ExplicitCredentialsStrategy) GetConfig 

func (s *ExplicitCredentialsStrategy) GetConfig(ctx context.Context, options AuthOptions) (aws.Config, error)

func (*ExplicitCredentialsStrategy) IsAvailable 

func (s *ExplicitCredentialsStrategy) IsAvailable(ctx context.Context, options AuthOptions) bool

func (*ExplicitCredentialsStrategy) Name 

func (s *ExplicitCredentialsStrategy) Name() string

func (*ExplicitCredentialsStrategy) Priority 

func (s *ExplicitCredentialsStrategy) Priority() int

type InstanceProfileStrategy 

type InstanceProfileStrategy struct{}

InstanceProfileStrategy handles EC2 instance profile authentication

func (*InstanceProfileStrategy) GetConfig 

func (s *InstanceProfileStrategy) GetConfig(ctx context.Context, options AuthOptions) (aws.Config, error)

func (*InstanceProfileStrategy) IsAvailable 

func (s *InstanceProfileStrategy) IsAvailable(ctx context.Context, options AuthOptions) bool

func (*InstanceProfileStrategy) Name 

func (s *InstanceProfileStrategy) Name() string

func (*InstanceProfileStrategy) Priority 

func (s *InstanceProfileStrategy) Priority() int

type ProcessorOptions 

type ProcessorOptions struct {
	DryRun       bool
	ExecutionID  string
	OutputFormat string
}

type ProfileStrategy 

type ProfileStrategy struct{}

ProfileStrategy handles AWS profile-based authentication

func (*ProfileStrategy) GetConfig 

func (s *ProfileStrategy) GetConfig(ctx context.Context, options AuthOptions) (aws.Config, error)

func (*ProfileStrategy) IsAvailable 

func (s *ProfileStrategy) IsAvailable(ctx context.Context, options AuthOptions) bool

func (*ProfileStrategy) Name 

func (s *ProfileStrategy) Name() string

func (*ProfileStrategy) Priority 

func (s *ProfileStrategy) Priority() int

type RateLimiter 

type RateLimiter struct {
	// contains filtered or unexported fields
}

RateLimiter provides rate limiting functionality with thread-safe operations

func NewRateLimiter 

func NewRateLimiter(ratePerSecond int) *RateLimiter

NewRateLimiter creates a new rate limiter

func (*RateLimiter) GetSuccessCount 

func (rl *RateLimiter) GetSuccessCount() int32

GetSuccessCount returns the current success count (thread-safe)

func (*RateLimiter) GetThrottleCount 

func (rl *RateLimiter) GetThrottleCount() int32

GetThrottleCount returns the current throttle count (thread-safe)

func (*RateLimiter) Stop 

func (rl *RateLimiter) Stop()

Stop cleanly stops the rate limiter

func (*RateLimiter) Success 

func (rl *RateLimiter) Success()

Success indicates a successful operation

func (*RateLimiter) Throttle 

func (rl *RateLimiter) Throttle() time.Duration

Throttle indicates that a throttling error occurred Returns a duration to wait if backoff is needed, or 0 if no backoff required

func (*RateLimiter) Wait 

func (rl *RateLimiter) Wait(ctx context.Context) error

Wait blocks until a rate limit token is available

type ResourceResult 

type ResourceResult struct {
	ResourceID        string    `json:"resource_id"`
	ResourceName      string    `json:"resource_name"`
	Status            string    `json:"status"`
	EncryptionApplied bool      `json:"encryption_applied"`
	RetentionApplied  bool      `json:"retention_applied"`
	Error             string    `json:"error,omitempty"`
	Timestamp         time.Time `json:"timestamp"`
}

type RetryOptions 

type RetryOptions struct {
	MaxAttempts     int
	InitialDelay    time.Duration
	MaxDelay        time.Duration
	BackoffFunction func(attempt int, err error) time.Duration
}

RetryOptions configures retry behavior for AWS service calls

func DefaultRetryOptions 

func DefaultRetryOptions() RetryOptions

DefaultRetryOptions provides sensible defaults for retry behavior

type ServiceAdapter 

type ServiceAdapter struct {
	// contains filtered or unexported fields
}

ServiceAdapter provides an abstraction layer for AWS service interactions with built-in retry logic, error handling, and circuit breaking capabilities

func NewServiceAdapter 

func NewServiceAdapter(config aws.Config, opts ...func(*RetryOptions)) *ServiceAdapter

NewServiceAdapter creates a new service adapter with the given configuration

func (*ServiceAdapter) CloudWatchLogsClient 

func (s *ServiceAdapter) CloudWatchLogsClient() *cloudwatchlogs.Client

CloudWatchLogsClient returns a CloudWatch Logs client with retry configuration

func (*ServiceAdapter) ConfigServiceClient 

func (s *ServiceAdapter) ConfigServiceClient() *configservice.Client

ConfigServiceClient returns a Config Service client with retry configuration

func (*ServiceAdapter) ExecuteWithRateLimit 

func (s *ServiceAdapter) ExecuteWithRateLimit(ctx context.Context, operation func() error, rateLimit *RateLimiter) error

ExecuteWithRateLimit performs an operation with rate limit handling

func (*ServiceAdapter) ExecuteWithRetry 

func (s *ServiceAdapter) ExecuteWithRetry(ctx context.Context, operation func() error) error

ExecuteWithRetry performs an operation with retry logic and exponential backoff

func (*ServiceAdapter) KMSClient 

func (s *ServiceAdapter) KMSClient() *kms.Client

KMSClient returns a KMS client with retry configuration

type ServiceMetrics 

type ServiceMetrics struct {
	TotalCalls      int64
	SuccessfulCalls int64
	FailedCalls     int64
	RetryCount      int64
	ThrottleCount   int64
}

ServiceMetrics tracks service call metrics

func (*ServiceMetrics) RecordFailure 

func (m *ServiceMetrics) RecordFailure()

RecordFailure records a failed service call

func (*ServiceMetrics) RecordRetry 

func (m *ServiceMetrics) RecordRetry()

RecordRetry records a retry attempt

func (*ServiceMetrics) RecordSuccess 

func (m *ServiceMetrics) RecordSuccess()

RecordSuccess records a successful service call

func (*ServiceMetrics) RecordThrottle 

func (m *ServiceMetrics) RecordThrottle()

RecordThrottle records a throttling event

type TaskRoleStrategy 

type TaskRoleStrategy struct{}

TaskRoleStrategy handles ECS/Fargate task role authentication

func (*TaskRoleStrategy) GetConfig 

func (s *TaskRoleStrategy) GetConfig(ctx context.Context, options AuthOptions) (aws.Config, error)

func (*TaskRoleStrategy) IsAvailable 

func (s *TaskRoleStrategy) IsAvailable(ctx context.Context, options AuthOptions) bool

func (*TaskRoleStrategy) Name 

func (s *TaskRoleStrategy) Name() string

func (*TaskRoleStrategy) Priority 

func (s *TaskRoleStrategy) Priority() int

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.