Documentation ¶
Index ¶
- type CreateServiceAccountRequest
- type CreateServiceAccountResponse
- type ModifyServiceAccountRequest
- type ServiceAccount
- type ServiceAccountsService
- func (s *ServiceAccountsService) CreateServiceAccount(ctx context.Context, request *CreateServiceAccountRequest) (*CreateServiceAccountResponse, *http.Response, error)
- func (s *ServiceAccountsService) GetServiceAccount(ctx context.Context, id string) (*ServiceAccount, *http.Response, error)
- func (s *ServiceAccountsService) InvalidateJwksURLCache(ctx context.Context, serviceAccountID string) (*http.Response, error)
- func (s *ServiceAccountsService) ListServiceAccounts(ctx context.Context) ([]ServiceAccount, *http.Response, error)
- func (s *ServiceAccountsService) Me(ctx context.Context) (*ServiceAccount, *http.Response, error)
- func (s *ServiceAccountsService) ModifyServiceAccount(ctx context.Context, serviceAccountID string, ...) (*ServiceAccount, *http.Response, error)
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type CreateServiceAccountRequest ¶ added in v0.3.0
type CreateServiceAccountRequest struct { Email string `json:"email"` JwksURL string `json:"jwksUrl"` JwksURLPattern string `json:"jwksUrlPattern"` ExternalId string `json:"externalId"` }
CreateServiceAccountRequest is used to create a new service account
type CreateServiceAccountResponse ¶ added in v0.3.0
type CreateServiceAccountResponse struct { ServiceAccountSummary ServiceAccount `json:"serviceAccountSummary"` MFASecret string `json:"mfaSecret"` }
CreateServiceAccountResponse is the response returned if a service account is successfully created
type ModifyServiceAccountRequest ¶ added in v0.3.0
type ModifyServiceAccountRequest struct { IsAdmin *bool `json:"isAdmin,omitempty"` Enabled *bool `json:"enabled,omitempty"` }
ModifyServiceAccountRequest is used to modify a service account
type ServiceAccount ¶
type ServiceAccount struct { service.Subject OrganizationID string `json:"organizationId"` Email string `json:"email"` ExternalID string `json:"externalId"` JwksURL string `json:"jwksUrl"` JwksURLPattern string `json:"jwksUrlPattern"` IsAdmin bool `json:"isAdmin"` TimeCreated types.Timestamp `json:"timeCreated"` LastLogin *types.Timestamp `json:"lastLogin"` CreatedBy string `json:"createdBy"` Enabled bool `json:"enabled"` }
ServiceAccount is a Google, Azure, or generic service account that integrates with BastionZero by sharing its JSON Web Key Set (JWKS) URL. The headless authentication closely follows the OpenID Connect (OIDC) protocol. The JWKS contains the public key from a public/private key pair that you must generate. You use the private key to sign the service account’s identity and access tokens, and then BastionZero uses the public key within the JWKS URL to validate the service account.
func (*ServiceAccount) GetSubjectType ¶
func (s *ServiceAccount) GetSubjectType() subjecttype.SubjectType
type ServiceAccountsService ¶
ServiceAccountsService handles communication with the service accounts endpoints of the BastionZero API.
BastionZero API docs: https://cloud.bastionzero.com/api/#tag--Service-Accounts
func (*ServiceAccountsService) CreateServiceAccount ¶ added in v0.3.0
func (s *ServiceAccountsService) CreateServiceAccount(ctx context.Context, request *CreateServiceAccountRequest) (*CreateServiceAccountResponse, *http.Response, error)
CreateServiceAccount creates a new service account.
BastionZero API docs: https://cloud.bastionzero.com/api/#post-/api/v2/service-accounts
func (*ServiceAccountsService) GetServiceAccount ¶
func (s *ServiceAccountsService) GetServiceAccount(ctx context.Context, id string) (*ServiceAccount, *http.Response, error)
GetServiceAccount fetches the specified service account by ID.
BastionZero API docs: https://cloud.bastionzero.com/api/#get-/api/v2/service-accounts/-id-
func (*ServiceAccountsService) InvalidateJwksURLCache ¶ added in v0.3.0
func (s *ServiceAccountsService) InvalidateJwksURLCache(ctx context.Context, serviceAccountID string) (*http.Response, error)
InvalidateJwksURLCache invalidates the Jwks URL cache of the specified service account.
BastionZero API docs: https://cloud.bastionzero.com/api/#patch-/api/v2/service-accounts/invalidate-cache/-id-
func (*ServiceAccountsService) ListServiceAccounts ¶
func (s *ServiceAccountsService) ListServiceAccounts(ctx context.Context) ([]ServiceAccount, *http.Response, error)
ListServiceAccounts lists all service accounts for your organization.
BastionZero API docs: https://cloud.bastionzero.com/api/#get-/api/v2/service-accounts
func (*ServiceAccountsService) Me ¶ added in v0.3.0
func (s *ServiceAccountsService) Me(ctx context.Context) (*ServiceAccount, *http.Response, error)
Me fetches your service account information (current subject).
BastionZero API docs: https://cloud.bastionzero.com/api/#get-/api/v2/service-accounts/me
func (*ServiceAccountsService) ModifyServiceAccount ¶ added in v0.3.0
func (s *ServiceAccountsService) ModifyServiceAccount(ctx context.Context, serviceAccountID string, request *ModifyServiceAccountRequest) (*ServiceAccount, *http.Response, error)
ModifyServiceAccount updates a service account.
BastionZero API docs: https://cloud.bastionzero.com/api/#patch-/api/v2/service-accounts/-id-