-
Notifications
You must be signed in to change notification settings - Fork 1.7k
/
externalauditstorage.go
122 lines (106 loc) · 5.49 KB
/
externalauditstorage.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
// Copyright 2023 Gravitational, Inc.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package externalauditstorage
import (
"context"
"github.com/gravitational/trace"
externalauditstoragev1 "github.com/gravitational/teleport/api/gen/proto/go/teleport/externalauditstorage/v1"
"github.com/gravitational/teleport/api/types/externalauditstorage"
conv "github.com/gravitational/teleport/api/types/externalauditstorage/convert/v1"
)
// Client is an External Audit Storage client.
type Client struct {
grpcClient externalauditstoragev1.ExternalAuditStorageServiceClient
}
// NewClient creates a new ExternalAuditStorage client.
func NewClient(grpcClient externalauditstoragev1.ExternalAuditStorageServiceClient) *Client {
return &Client{
grpcClient: grpcClient,
}
}
// TestDraftExternalAuditStorageBuckets tests the connection to the current draft buckets.
func (c *Client) TestDraftExternalAuditStorageBuckets(ctx context.Context) error {
_, err := c.grpcClient.TestDraftExternalAuditStorageBuckets(ctx, &externalauditstoragev1.TestDraftExternalAuditStorageBucketsRequest{})
return trace.Wrap(err)
}
// TestDraftExternalAuditStorageGlue tests the configuration to the current draft glue table and database.
func (c *Client) TestDraftExternalAuditStorageGlue(ctx context.Context) error {
_, err := c.grpcClient.TestDraftExternalAuditStorageGlue(ctx, &externalauditstoragev1.TestDraftExternalAuditStorageGlueRequest{})
return trace.Wrap(err)
}
// TestDraftExternalAuditStorageAthena tests the configuration to the current draft athena.
func (c *Client) TestDraftExternalAuditStorageAthena(ctx context.Context) error {
_, err := c.grpcClient.TestDraftExternalAuditStorageAthena(ctx, &externalauditstoragev1.TestDraftExternalAuditStorageAthenaRequest{})
return trace.Wrap(err)
}
// GetDraftExternalAuditStorage returns the draft External Audit Storage configuration resource.
func (c *Client) GetDraftExternalAuditStorage(ctx context.Context) (*externalauditstorage.ExternalAuditStorage, error) {
resp, err := c.grpcClient.GetDraftExternalAuditStorage(ctx, &externalauditstoragev1.GetDraftExternalAuditStorageRequest{})
if err != nil {
return nil, trace.Wrap(err)
}
externalAudit, err := conv.FromProtoDraft(resp.GetExternalAuditStorage())
return externalAudit, trace.Wrap(err)
}
// UpsertDraftExternalAuditStorage upserts a draft External Audit Storage resource.
func (c *Client) UpsertDraftExternalAuditStorage(ctx context.Context, in *externalauditstorage.ExternalAuditStorage) (*externalauditstorage.ExternalAuditStorage, error) {
resp, err := c.grpcClient.UpsertDraftExternalAuditStorage(ctx, &externalauditstoragev1.UpsertDraftExternalAuditStorageRequest{
ExternalAuditStorage: conv.ToProto(in),
})
if err != nil {
return nil, trace.Wrap(err)
}
out, err := conv.FromProtoDraft(resp.GetExternalAuditStorage())
return out, trace.Wrap(err)
}
// GenerateDraftExternalAuditStorage create a new draft External Audit Storage
// resource with randomized resource names and upserts it as the current
// draft.
func (c *Client) GenerateDraftExternalAuditStorage(ctx context.Context, integrationName, region string) (*externalauditstorage.ExternalAuditStorage, error) {
resp, err := c.grpcClient.GenerateDraftExternalAuditStorage(ctx, &externalauditstoragev1.GenerateDraftExternalAuditStorageRequest{
IntegrationName: integrationName,
Region: region,
})
if err != nil {
return nil, trace.Wrap(err)
}
out, err := conv.FromProtoDraft(resp.GetExternalAuditStorage())
return out, trace.Wrap(err)
}
// DeleteDraftExternalAuditStorage removes draft External Audit Storage resource.
func (c *Client) DeleteDraftExternalAuditStorage(ctx context.Context) error {
_, err := c.grpcClient.DeleteDraftExternalAuditStorage(ctx, &externalauditstoragev1.DeleteDraftExternalAuditStorageRequest{})
return trace.Wrap(err)
}
// PromoteToClusterExternalAuditStorage promotes the current draft External
// Audit Storage configuration to be used in the cluster.
func (c *Client) PromoteToClusterExternalAuditStorage(ctx context.Context) error {
_, err := c.grpcClient.PromoteToClusterExternalAuditStorage(ctx, &externalauditstoragev1.PromoteToClusterExternalAuditStorageRequest{})
return trace.Wrap(err)
}
// GetClusterExternalAuditStorage gets cluster External Audit Storage.
func (c *Client) GetClusterExternalAuditStorage(ctx context.Context) (*externalauditstorage.ExternalAuditStorage, error) {
resp, err := c.grpcClient.GetClusterExternalAuditStorage(ctx, &externalauditstoragev1.GetClusterExternalAuditStorageRequest{})
if err != nil {
return nil, trace.Wrap(err)
}
externalAudit, err := conv.FromProtoCluster(resp.GetClusterExternalAuditStorage())
return externalAudit, trace.Wrap(err)
}
// DisableClusterExternalAuditStorage disables the External Audit Storage feature,
// which means default cloud audit will be used.
func (c *Client) DisableClusterExternalAuditStorage(ctx context.Context) error {
_, err := c.grpcClient.DisableClusterExternalAuditStorage(ctx, &externalauditstoragev1.DisableClusterExternalAuditStorageRequest{})
return trace.Wrap(err)
}