yunion.io/x/cloudmux@v0.3.10-0-alpha.1/pkg/multicloud/apsara/ram_role.go (about) 1 // Copyright 2019 Yunion 2 // 3 // Licensed under the Apache License, Version 2.0 (the "License"); 4 // you may not use this file except in compliance with the License. 5 // You may obtain a copy of the License at 6 // 7 // http://www.apache.org/licenses/LICENSE-2.0 8 // 9 // Unless required by applicable law or agreed to in writing, software 10 // distributed under the License is distributed on an "AS IS" BASIS, 11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 // See the License for the specific language governing permissions and 13 // limitations under the License. 14 15 package apsara 16 17 import ( 18 "fmt" 19 "time" 20 21 "github.com/pkg/errors" 22 ) 23 24 type sRoles struct { 25 Role []SRole 26 } 27 28 type SRoles struct { 29 Roles sRoles 30 Marker string 31 IsTruncated bool 32 } 33 34 type SRole struct { 35 client *SApsaraClient 36 37 Arn string 38 CreateDate time.Time 39 Description string 40 RoleId string 41 RoleName string 42 43 AssumeRolePolicyDocument string 44 } 45 46 func (self *SApsaraClient) ListRoles(offset string, limit int) (*SRoles, error) { 47 if limit < 0 || limit > 1000 { 48 limit = 1000 49 } 50 51 params := map[string]string{} 52 if len(offset) > 0 { 53 params["Marker"] = offset 54 } 55 if limit > 0 { 56 params["MaxItems"] = fmt.Sprintf("%d", limit) 57 } 58 59 body, err := self.ramRequest("ListRoles", params) 60 if err != nil { 61 return nil, errors.Wrapf(err, "ListRoles") 62 } 63 64 roles := &SRoles{} 65 err = body.Unmarshal(roles) 66 if err != nil { 67 return nil, errors.Wrap(err, "body.Unmarshal(&") 68 } 69 70 return roles, nil 71 } 72 73 func (self *SApsaraClient) CreateRole(roleName string, document string, desc string) (*SRole, error) { 74 params := make(map[string]string) 75 params["RoleName"] = roleName 76 params["AssumeRolePolicyDocument"] = document 77 if len(desc) > 0 { 78 params["Description"] = desc 79 } 80 81 body, err := self.ramRequest("CreateRole", params) 82 if err != nil { 83 return nil, errors.Wrap(err, "CreateRole") 84 } 85 86 role := SRole{client: self} 87 err = body.Unmarshal(&role, "Role") 88 if err != nil { 89 return nil, errors.Wrap(err, "body.Unmarshal") 90 } 91 92 return &role, nil 93 } 94 95 func (self *SApsaraClient) GetRole(roleName string) (*SRole, error) { 96 params := make(map[string]string) 97 params["RoleName"] = roleName 98 99 body, err := self.ramRequest("GetRole", params) 100 if err != nil { 101 return nil, errors.Wrap(err, "GetRole") 102 } 103 104 role := SRole{client: self} 105 err = body.Unmarshal(&role, "Role") 106 if err != nil { 107 return nil, errors.Wrap(err, "body.Unmarshal") 108 } 109 110 return &role, nil 111 } 112 113 func (self *SApsaraClient) ListPoliciesForRole(name string) ([]SPolicy, error) { 114 params := map[string]string{ 115 "RoleName": name, 116 } 117 resp, err := self.ramRequest("ListPoliciesForRole", params) 118 if err != nil { 119 return nil, errors.Wrapf(err, "ListPoliciesForRole") 120 } 121 policies := []SPolicy{} 122 err = resp.Unmarshal(&policies, "Policies", "Policy") 123 if err != nil { 124 return nil, errors.Wrapf(err, "resp.Unmarshal") 125 } 126 return policies, nil 127 } 128 129 func (self *SApsaraClient) DetachPolicyFromRole(policyType, policyName, roleName string) error { 130 params := map[string]string{ 131 "PolicyName": policyName, 132 "PolicyType": policyType, 133 "RoleName": roleName, 134 } 135 _, err := self.ramRequest("DetachPolicyFromRole", params) 136 return err 137 }