Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Added structs for IAM import response #302

Merged
merged 5 commits into from
Sep 5, 2024
Merged

Added structs for IAM import response #302

Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
9e0a815
Added structs for IAM import response
shtripat Aug 30, 2024
bdee4ac
review comments
shtripat Sep 2, 2024
8ba00c3
more result attributes
shtripat Sep 2, 2024
dd64c33
detailed structure for ImportIAMResult
shtripat Sep 3, 2024
0302fd4
add explanation for structs
shtripat Sep 5, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
114 changes: 114 additions & 0 deletions iam-migrate.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,10 +21,88 @@ package madmin

import (
"context"
"encoding/json"
"io"
"net/http"
)

// ImportIAMResult - represents the structure iam import response
type ImportIAMResult struct {
// Skipped entries while import
// This could be due to groups, policies etc missing for
// impoprted entries. We dont fail hard in this case and
// skip those entries
Skipped IAMEntities `json:"skipped,omitempty"`

// Removed entries - this mostly happens for policies
// where empty might be getting imported and that's invalid
Removed IAMEntities `json:"removed,omitempty"`

// Newly added entries
Added IAMEntities `json:"added,omitmepty"`

// Failed entries while import. This would have details of
// failed entities with respective errors
Failed IAMErrEntities `json:"failed,omitmpty"`
}

// IAMEntities - represents different IAM entities
type IAMEntities struct {
// List of policy names
Policies []string `json:"policies,omitmepty"`
// List of user names
Users []string `json:"users,omitmepty"`
// List of group names
Groups []string `json:"groups,omitempty"`
// List of Service Account names
ServiceAccounts []string `json:"serviceAccounts,omitempty"`
// List of user policies, each entry in map represents list of policies
// applicable to the user
UserPolicies []map[string][]string `json:"userPolicies,omitempty"`
// List of group policies, each entry in map represents list of policies
// applicable to the group
GroupPolicies []map[string][]string `json:"groupPolicies,omitempty"`
// List of STS policies, each entry in map represents list of policies
// applicable to the STS
STSPolicies []map[string][]string `json:"stsPolicies,omitempty"`
}

// IAMErrEntities - represents errored out IAM entries while import with error
type IAMErrEntities struct {
// List of errored out policies with errors
Policies []IAMErrEntity `json:"policies,omitempty"`
// List of errored out users with errors
Users []IAMErrEntity `json:"users,omitempty"`
// List of errored out groups with errors
Groups []IAMErrEntity `json:"groups,omitempty"`
// List of errored out service accounts with errors
ServiceAccounts []IAMErrEntity `json:"serviceAccounts,omitempty"`
// List of errored out user policies with errors
UserPolicies []IAMErrPolicyEntity `json:"userPolicies,omitempty"`
// List of errored out group policies with errors
GroupPolicies []IAMErrPolicyEntity `json:"groupPolicies,omitempty"`
// List of errored out STS policies with errors
STSPolicies []IAMErrPolicyEntity `json:"stsPolicies,omitempty"`
}

// IAMErrEntity - represents errored out IAM entity
type IAMErrEntity struct {
// Name of the errored IAM entity
Name string `json:"name,omitempty"`
// Actual error
Error error `json:"error,omitempty"`
}

// IAMErrPolicyEntity - represents errored out IAM policies
type IAMErrPolicyEntity struct {
// Name of entity (user, group, STS)
Name string `json:"name,omitempty"`
// List of policies
Policies []string `json:"policies,omitempty"`
// Actual error
Error error `json:"error,omitempty"`
}

// ExportIAM makes an admin call to export IAM data
func (adm *AdminClient) ExportIAM(ctx context.Context) (io.ReadCloser, error) {
path := adminAPIPrefix + "/export-iam"
Expand Down Expand Up @@ -67,5 +145,41 @@ func (adm *AdminClient) ImportIAM(ctx context.Context, contentReader io.ReadClos
if resp.StatusCode != http.StatusOK {
return httpRespToErrorResponse(resp)
}

return nil
}

// ImportIAMV2 makes an admin call to setup IAM from imported content
func (adm *AdminClient) ImportIAMV2(ctx context.Context, contentReader io.ReadCloser) (iamr ImportIAMResult, err error) {
content, err := io.ReadAll(contentReader)
if err != nil {
return iamr, err
}

path := adminAPIPrefix + "/import-iam-v2"
resp, err := adm.executeMethod(ctx,
http.MethodPut, requestData{
relPath: path,
content: content,
},
)
defer closeResponse(resp)
if err != nil {
return iamr, err
}

if resp.StatusCode != http.StatusOK {
return iamr, httpRespToErrorResponse(resp)
}

b, err := io.ReadAll(resp.Body)
if err != nil {
return iamr, err
}

if err = json.Unmarshal(b, &iamr); err != nil {
return iamr, err
}

return iamr, nil
}
Loading