feat(objsto2): iam support (#298)

UpCloudLtd · Feb 29, 2024 · 5169fe8 · 5169fe8
1 parent 7be04bb
commit 5169fe8
Show file tree

Hide file tree

Showing 36 changed files with 3,163 additions and 720 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -5,6 +5,26 @@ See updating [Changelog example here](https://keepachangelog.com/en/1.0.0/)
 
 ## [Unreleased]
 
+### Added
+- Managed Object Storage: `ManagedObjectStoragePolicy` struct
+- Managed Object Storage: `ManagedObjectStorageUserPolicy` struct
+- Managed Object Storage: `IAMURL` field to `ManagedObjectStorageEndpoint`
+- Managed Object Storage: `STSURL` field to `ManagedObjectStorageEndpoint`
+- Managed Object Storage: `ARN` field to `ManagedObjectStorageUser`
+- Managed Object Storage: `Policies` field to `ManagedObjectStorageUser`
+- Managed Object Storage: `Status` field to `ManagedObjectStorageUserAccessKey`
+
+### Removed
+- **Breaking**, Managed Object Storage: `Users` field removed from `ManagedObjectStorage`
+- **Breaking**, Managed Object Storage: `ARN` field removed from `ManagedObjectStorageUser`
+- **Breaking**, Managed Object Storage: `OperationalState` field removed from `ManagedObjectStorageUser`
+- **Breaking**, Managed Object Storage: `Enabled` field removed from `ManagedObjectStorageUserAccessKey`
+- **Breaking**, Managed Object Storage: `Name` field removed from `ManagedObjectStorageUserAccessKey`
+- **Breaking**, Managed Object Storage: `UpdatedAt` field removed from `ManagedObjectStorageUserAccessKey`
+
+### Changed
+- **Breaking**, Managed Object Storage: `AccessKeyId` field in `ManagedObjectStorageUserAccessKey` renamed to `AccessKeyID`
+
 ## [7.0.0]
 
 ### Added

diff --git a/upcloud/managed_object_storage.go b/upcloud/managed_object_storage.go
@@ -18,8 +18,6 @@ const (
 	ManagedObjectStorageOperationalStateDeleteNetwork ManagedObjectStorageOperationalState = "delete-network"
 	// ManagedObjectStorageOperationalStateDeleteService indicates that service is being deleted
 	ManagedObjectStorageOperationalStateDeleteService ManagedObjectStorageOperationalState = "delete-service"
-	// ManagedObjectStorageOperationalStateDeleteUser indicates that users are being deleted
-	ManagedObjectStorageOperationalStateDeleteUser ManagedObjectStorageOperationalState = "delete-user"
 	// ManagedObjectStorageOperationalStatePending indicates newly created service or that started reconfiguration
 	ManagedObjectStorageOperationalStatePending ManagedObjectStorageOperationalState = "started"
 	// ManagedObjectStorageOperationalStateRunning indicates that service is up and running
@@ -32,26 +30,24 @@ const (
 	ManagedObjectStorageOperationalStateSetupNetwork ManagedObjectStorageOperationalState = "setup-network"
 	// ManagedObjectStorageOperationalStateSetupService indicates that service is being configured
 	ManagedObjectStorageOperationalStateSetupService ManagedObjectStorageOperationalState = "setup-service"
-	// ManagedObjectStorageOperationalStateSetupUser indicates that users are being configured
-	ManagedObjectStorageOperationalStateSetupUser ManagedObjectStorageOperationalState = "setup-user"
 	// ManagedObjectStorageOperationalStateStopped indicates that service is down
 	ManagedObjectStorageOperationalStateStopped ManagedObjectStorageOperationalState = "stopped"
 )
 
 const (
-	// ManagedObjectStorageUserOperationalStatePending indicates a newly attached user
-	ManagedObjectStorageUserOperationalStatePending ManagedObjectStorageUserOperationalState = "pending"
-	// ManagedObjectStorageUserOperationalStateReady indicates that the user is configured and ready for access keys issuing
-	ManagedObjectStorageUserOperationalStateReady ManagedObjectStorageUserOperationalState = "ready"
+	// ManagedObjectStorageUserAccessKeyStatusActive indicates an active access key
+	ManagedObjectStorageUserAccessKeyStatusActive ManagedObjectStorageUserAccessKeyStatus = "Active"
+	// ManagedObjectStorageUserAccessKeyStatusInactive indicates an inactive access key
+	ManagedObjectStorageUserAccessKeyStatusInactive ManagedObjectStorageUserAccessKeyStatus = "Inactive"
 )
 
 type (
 	// ManagedObjectStorageConfiguredStatus indicates the service's current intended status. Managed by the customer
 	ManagedObjectStorageConfiguredStatus string
 	// ManagedObjectStorageOperationalState indicates the service's current operational, effective state. Managed by the system
 	ManagedObjectStorageOperationalState string
-	// ManagedObjectStorageUserOperationalState indicates the user's current operational, effective state. Managed by the system
-	ManagedObjectStorageUserOperationalState string
+	// ManagedObjectStorageUserAccessKeyStatus indicates the access key's current status. Managed by the customer
+	ManagedObjectStorageUserAccessKeyStatus string
 )
 
 // ManagedObjectStorage represents a Managed Object Storage service
@@ -65,14 +61,15 @@ type ManagedObjectStorage struct {
 	OperationalState ManagedObjectStorageOperationalState `json:"operational_state"`
 	Region           string                               `json:"region"`
 	UpdatedAt        time.Time                            `json:"updated_at"`
-	Users            []ManagedObjectStorageUser           `json:"users"`
 	UUID             string                               `json:"uuid"`
 }
 
 // ManagedObjectStorageEndpoint represents an endpoint for accessing the Managed Object Storage service
 type ManagedObjectStorageEndpoint struct {
 	DomainName string `json:"domain_name"`
 	Type       string `json:"type"`
+	IAMURL     string `json:"iam_url"`
+	STSURL     string `json:"sts_url"`
 }
 
 // ManagedObjectStorageNetwork represents a network from where object storage can be used. Private networks must reside in object storage region
@@ -85,11 +82,30 @@ type ManagedObjectStorageNetwork struct {
 
 // ManagedObjectStorageUser represents a user for the Managed Object Storage service
 type ManagedObjectStorageUser struct {
-	AccessKeys       []ManagedObjectStorageUserAccessKey      `json:"access_keys"`
-	CreatedAt        time.Time                                `json:"created_at"`
-	OperationalState ManagedObjectStorageUserOperationalState `json:"operational_state"`
-	UpdatedAt        time.Time                                `json:"updated_at"`
-	Username         string                                   `json:"username"`
+	AccessKeys []ManagedObjectStorageUserAccessKey `json:"access_keys"`
+	ARN        string                              `json:"arn"`
+	CreatedAt  time.Time                           `json:"created_at"`
+	Policies   []ManagedObjectStoragePolicy        `json:"policies"`
+	Username   string                              `json:"username"`
+}
+
+// ManagedObjectStoragePolicy represents a policy for the Managed Object Storage service
+type ManagedObjectStoragePolicy struct {
+	ARN              string    `json:"arn"`
+	AttachmentCount  int       `json:"attachment_count"`
+	CreatedAt        time.Time `json:"created_at"`
+	DefaultVersionID string    `json:"default_version_id"`
+	Description      string    `json:"description"`
+	Document         string    `json:"document"`
+	Name             string    `json:"name"`
+	System           bool      `json:"system"`
+	UpdatedAt        time.Time `json:"updated_at"`
+}
+
+// ManagedObjectStorageUserPolicy represents a policy attached to a Managed Object Storage user
+type ManagedObjectStorageUserPolicy struct {
+	ARN  string `json:"arn"`
+	Name string `json:"name"`
 }
 
 // ManagedObjectStorageRegion represents a region where Managed Object Storage service can be hosted
@@ -106,13 +122,11 @@ type ManagedObjectStorageRegionZone struct {
 
 // ManagedObjectStorageUserAccessKey represents Access Key details for a Managed Object Storage service user
 type ManagedObjectStorageUserAccessKey struct {
-	AccessKeyId     string    `json:"access_key_id"`
-	CreatedAt       time.Time `json:"created_at"`
-	Enabled         bool      `json:"enabled"`
-	LastUsedAt      time.Time `json:"last_used_at"`
-	Name            string    `json:"name"`
-	SecretAccessKey *string   `json:"secret_access_key,omitempty"`
-	UpdatedAt       time.Time `json:"updated_at"`
+	AccessKeyID     string                                  `json:"access_key_id"`
+	CreatedAt       time.Time                               `json:"created_at"`
+	LastUsedAt      time.Time                               `json:"last_used_at"`
+	SecretAccessKey *string                                 `json:"secret_access_key,omitempty"`
+	Status          ManagedObjectStorageUserAccessKeyStatus `json:"status"`
 }
 
 // ManagedObjectStorageBucketMetrics represents metrics for a Managed Object Storage service bucket

diff --git a/upcloud/managed_object_storage_test.go b/upcloud/managed_object_storage_test.go
@@ -15,10 +15,14 @@ func TestManagedObjectStorage(t *testing.T) {
 				{
 					DomainName: "7mf5k.upbucket.com",
 					Type:       "public",
+					IAMURL:     "https://7mf5k.upbucket.com:4443/iam",
+					STSURL:     "https://7mf5k.upbucket.com:4443/sts",
 				},
 				{
 					DomainName: "7mf5k-private.upbucket.com",
 					Type:       "private",
+					IAMURL:     "https://7mf5k-private.upbucket.com:4443/iam",
+					STSURL:     "https://7mf5k-private.upbucket.com:4443/sts",
 				},
 			},
 			Labels: []Label{{
@@ -42,26 +46,7 @@ func TestManagedObjectStorage(t *testing.T) {
 			OperationalState: ManagedObjectStorageOperationalStateRunning,
 			Region:           "europe-1",
 			UpdatedAt:        timeParse("2023-05-07T21:38:15.757405Z"),
-			Users: []ManagedObjectStorageUser{
-				{
-					AccessKeys: []ManagedObjectStorageUserAccessKey{
-						{
-							AccessKeyId:     "AKIA63F41D01345BB477",
-							CreatedAt:       timeParse("2023-05-07T20:52:19.705405Z"),
-							Enabled:         true,
-							LastUsedAt:      timeParse("2023-05-07T20:52:17Z"),
-							Name:            "example-access-key",
-							SecretAccessKey: nil,
-							UpdatedAt:       timeParse("2023-05-07T21:06:18.81511Z"),
-						},
-					},
-					CreatedAt:        timeParse("2023-05-07T15:55:24.655776Z"),
-					OperationalState: ManagedObjectStorageUserOperationalStateReady,
-					UpdatedAt:        timeParse("2023-05-07T16:48:14.744079Z"),
-					Username:         "example-user",
-				},
-			},
-			UUID: "1200ecde-db95-4d1c-9133-6508f3232567",
+			UUID:             "1200ecde-db95-4d1c-9133-6508f3232567",
 		},
 		`
 		{
@@ -70,10 +55,14 @@ func TestManagedObjectStorage(t *testing.T) {
 			"endpoints": [
 				{
 					"domain_name": "7mf5k.upbucket.com",
+	                "iam_url": "https://7mf5k.upbucket.com:4443/iam",
+    	            "sts_url": "https://7mf5k.upbucket.com:4443/sts",
 					"type": "public"
 				},
 				{
 					"domain_name": "7mf5k-private.upbucket.com",
+					"iam_url": "https://7mf5k-private.upbucket.com:4443/iam",
+					"sts_url": "https://7mf5k-private.upbucket.com:4443/sts",
 					"type": "private"
 				}
 			],
@@ -100,24 +89,6 @@ func TestManagedObjectStorage(t *testing.T) {
 			"operational_state": "running",
 			"region": "europe-1",
 			"updated_at": "2023-05-07T21:38:15.757405Z",
-			"users": [
-				{
-					"access_keys": [
-						{
-							"access_key_id": "AKIA63F41D01345BB477",
-							"created_at": "2023-05-07T20:52:19.705405Z",
-							"enabled": true,
-							"last_used_at": "2023-05-07T20:52:17Z",
-							"name": "example-access-key",
-							"updated_at": "2023-05-07T21:06:18.81511Z"
-						}
-					],
-					"created_at": "2023-05-07T15:55:24.655776Z",
-					"operational_state": "ready",
-					"updated_at": "2023-05-07T16:48:14.744079Z",
-					"username": "example-user"
-				}
-			],
 			"uuid": "1200ecde-db95-4d1c-9133-6508f3232567"
 		}
 		`,