Documentation
¶
Index ¶
- Constants
- func DecodeError(statusCode int, body []byte) error
- func ErrorCode(err error) string
- func IsAccessDenied(err error) bool
- func NewHTTPClient() *http.Client
- func NewTransport() *http.Transport
- func RandomPassword() (string, error)
- type APIError
- type AttachedUserPolicy
- type Client
- func (c *Client) AttachUserPolicy(ctx context.Context, region, userName, policyArn string) error
- func (c *Client) CloudTrailLookupEvents(ctx context.Context, region string, startTime, endTime int64, maxResults int64, ...) (LookupEventsOutput, error)
- func (c *Client) CloudWatchLogsDescribeLogGroups(ctx context.Context, region string, limit int64, nextToken string) (DescribeLogGroupsOutput, error)
- func (c *Client) CostExplorerCurrentMonthSpend(ctx context.Context) (string, string, error)
- func (c *Client) CreateAccessKey(ctx context.Context, region, userName string) (CreateAccessKeyOutput, error)
- func (c *Client) CreateLoginProfile(ctx context.Context, region, userName, password string) error
- func (c *Client) CreateUser(ctx context.Context, region, userName string) (CreateUserOutput, error)
- func (c *Client) DeleteAccessKey(ctx context.Context, region, userName, accessKeyID string) error
- func (c *Client) DeleteLoginProfile(ctx context.Context, region, userName string) error
- func (c *Client) DeletePublicAccessBlock(ctx context.Context, region, bucket string) error
- func (c *Client) DeleteUser(ctx context.Context, region, userName string) error
- func (c *Client) DescribeDBInstances(ctx context.Context, region, marker string) (DescribeDBInstancesOutput, error)
- func (c *Client) DescribeInstances(ctx context.Context, region, nextToken string, maxResults int) (DescribeInstancesOutput, error)
- func (c *Client) DescribeRegions(ctx context.Context, region string) (DescribeRegionsOutput, error)
- func (c *Client) DetachUserPolicy(ctx context.Context, region, userName, policyArn string) error
- func (c *Client) DoRESTJSON(ctx context.Context, req Request, resp any) error
- func (c *Client) DoRESTXML(ctx context.Context, req Request, resp any) error
- func (c *Client) DoXML(ctx context.Context, req Request, resp any) error
- func (c *Client) GetBucketAcl(ctx context.Context, region, bucket string) (GetBucketAclOutput, error)
- func (c *Client) GetBucketLocation(ctx context.Context, region, bucket string) (GetBucketLocationOutput, error)
- func (c *Client) GetCallerIdentity(ctx context.Context, region string) (GetCallerIdentityOutput, error)
- func (c *Client) GetLoginProfile(ctx context.Context, region, userName string) (GetLoginProfileOutput, error)
- func (c *Client) ListAccessKeys(ctx context.Context, region, userName, marker string) (ListAccessKeysOutput, error)
- func (c *Client) ListAttachedUserPolicies(ctx context.Context, region, userName, marker string) (ListAttachedUserPoliciesOutput, error)
- func (c *Client) ListBuckets(ctx context.Context, region string) (ListBucketsOutput, error)
- func (c *Client) ListObjectsV2(ctx context.Context, region, bucket, continuationToken string, maxKeys int) (ListObjectsV2Output, error)
- func (c *Client) ListUsers(ctx context.Context, region, marker string) (ListUsersOutput, error)
- func (c *Client) ModifyDBInstanceMasterPassword(ctx context.Context, region, instanceID, masterPassword string) (ModifyDBInstanceOutput, error)
- func (c *Client) PutBucketAcl(ctx context.Context, region, bucket, cannedACL string) error
- func (c *Client) Route53ListHostedZones(ctx context.Context, marker string, maxItems int) (ListHostedZonesOutput, error)
- func (c *Client) Route53ListResourceRecordSets(ctx context.Context, zoneID, startName, startType, startIdentifier string, ...) (ListResourceRecordSetsOutput, error)
- func (c *Client) SSMGetCommandInvocation(ctx context.Context, region, commandID, instanceID string) (GetCommandInvocationOutput, error)
- func (c *Client) SSMSendCommand(ctx context.Context, region, documentName string, ...) (SendCommandOutput, error)
- type CloudTrailEvent
- type CloudTrailResource
- type CostMetric
- type CostResultByTime
- type CostTimePeriod
- type CreateAccessKeyOutput
- type CreateUserOutput
- type DBInstance
- type DescribeDBInstancesOutput
- type DescribeInstancesOutput
- type DescribeLogGroupsInput
- type DescribeLogGroupsOutput
- type DescribeRegionsOutput
- type EC2Instance
- type EC2Region
- type EC2Tag
- type GetBucketAclOutput
- type GetBucketLocationOutput
- type GetCallerIdentityOutput
- type GetCommandInvocationInput
- type GetCommandInvocationOutput
- type GetCostAndUsageInput
- type GetCostAndUsageOutput
- type GetLoginProfileOutput
- type HostedZone
- type IAMAccessKey
- type IAMAccessKeySecret
- type IAMUser
- type ListAccessKeysOutput
- type ListAttachedUserPoliciesOutput
- type ListBucketsOutput
- type ListHostedZonesOutput
- type ListObjectsV2Output
- type ListResourceRecordSetsOutput
- type ListUsersOutput
- type LogGroup
- type LookupAttribute
- type LookupEventsInput
- type LookupEventsOutput
- type ModifyDBInstanceOutput
- type Option
- type Request
- type RetryPolicy
- type Route53Record
- type S3Bucket
- type S3Grant
- type S3Object
- type S3Owner
- type SendCommandInput
- type SendCommandOutput
- type SigV4Signer
- type SignInput
- type Signature
Constants ¶
View Source
const ( // SSMDocumentLinux / SSMDocumentWindows are the canonical AWS-managed SSM // documents the validation flow uses to run shell or PowerShell commands. SSMDocumentLinux = "AWS-RunShellScript" SSMDocumentWindows = "AWS-RunPowerShellScript" )
AWS SSM API constants — JSON-1.1 RPC endpoint with X-Amz-Target dispatch.
View Source
const (
DefaultTimeout = 30 * time.Second
)
Variables ¶
This section is empty.
Functions ¶
func DecodeError ¶
func IsAccessDenied ¶ added in v0.2.5
func NewHTTPClient ¶
func NewTransport ¶
func RandomPassword ¶ added in v0.3.1
RandomPassword returns a base64 string suitable for an AWS RDS master password rotation when callers want to lock out access (the `userdel` branch). 24 random bytes encode to 32 base64 chars — well below the RDS 41-char limit and above the 8-char minimum.
Types ¶
type AttachedUserPolicy ¶
type Client ¶
type Client struct {
// contains filtered or unexported fields
}
func (*Client) AttachUserPolicy ¶
func (*Client) CloudTrailLookupEvents ¶ added in v0.3.1
func (c *Client) CloudTrailLookupEvents(ctx context.Context, region string, startTime, endTime int64, maxResults int64, nextToken string) (LookupEventsOutput, error)
CloudTrailLookupEvents reads recent management-event entries from AWS CloudTrail. startTime / endTime are Unix seconds (0 = unset → CloudTrail default 90-day window). nextToken paginates. The response includes both the parsed event header *and* the original `CloudTrailEvent` JSON blob, which the caller can re-parse for richer fields.
func (*Client) CloudWatchLogsDescribeLogGroups ¶ added in v0.3.1
func (c *Client) CloudWatchLogsDescribeLogGroups(ctx context.Context, region string, limit int64, nextToken string) (DescribeLogGroupsOutput, error)
CloudWatchLogsDescribeLogGroups lists log groups in `region`. nextToken paginates; pass "" for the first call.
func (*Client) CostExplorerCurrentMonthSpend ¶ added in v0.3.1
CostExplorerCurrentMonthSpend returns the unblended cost for the current calendar month in USD. The first day of the month inclusive → today exclusive matches Cost Explorer's expected window.
func (*Client) CreateAccessKey ¶ added in v0.3.1
func (*Client) CreateLoginProfile ¶
func (*Client) CreateUser ¶
func (*Client) DeleteAccessKey ¶ added in v0.3.1
func (*Client) DeleteLoginProfile ¶
func (*Client) DeletePublicAccessBlock ¶ added in v0.3.1
DeletePublicAccessBlock clears the BlockPublicAcls / IgnorePublicAcls settings on bucket so a subsequent canned ACL change actually surfaces. New AWS accounts ship with BPA enabled by default; without this call the `expose` flow will silently no-op even after PutBucketAcl returns 200.
func (*Client) DeleteUser ¶
func (*Client) DescribeDBInstances ¶ added in v0.3.1
func (c *Client) DescribeDBInstances(ctx context.Context, region, marker string) (DescribeDBInstancesOutput, error)
DescribeDBInstances paginates through RDS DescribeDBInstances. Pass an empty marker for the first call.