Skip to content

Commit

Permalink
Add checks for required fields for default labels
Browse files Browse the repository at this point in the history
  • Loading branch information
kimlisa committed Aug 20, 2024
1 parent bfe017a commit 678f00b
Showing 1 changed file with 22 additions and 4 deletions.
26 changes: 22 additions & 4 deletions lib/web/integrations_awsoidc.go
Original file line number Diff line number Diff line change
Expand Up @@ -113,10 +113,28 @@ func (h *Handler) awsOIDCDeployService(w http.ResponseWriter, r *http.Request, p
for _, label := range req.DatabaseAgentMatcherLabels {
databaseAgentMatcherLabels[label.Name] = utils.Strings{label.Value}
}
// Add additional default labels.
databaseAgentMatcherLabels[types.DiscoveryLabelVPCID] = []string{req.VPCID}
databaseAgentMatcherLabels[types.DiscoveryLabelRegion] = []string{req.Region}
databaseAgentMatcherLabels[types.DiscoveryLabelAccountID] = []string{req.AccountID}

// DELETE in 19.0: delete only the outer if block (checking labels == 0).
// The outer block is required since older UI's will not
// send these values to the backend, but instead send custom labels (the UI
// will require at least one label before proceeding).
// Newer UI's will not send any labels, but instead send the required
// fields for default labels.
if len(req.DatabaseAgentMatcherLabels) == 0 {
if len(req.VPCID) == 0 {
return nil, trace.BadParameter("vpc ID is required")
}
if len(req.Region) == 0 {
return nil, trace.BadParameter("AWS region is required")
}
if len(req.AccountID) == 0 {
return nil, trace.BadParameter("AWS account ID is required")
}
// Add default labels.
databaseAgentMatcherLabels[types.DiscoveryLabelVPCID] = []string{req.VPCID}
databaseAgentMatcherLabels[types.DiscoveryLabelRegion] = []string{req.Region}
databaseAgentMatcherLabels[types.DiscoveryLabelAccountID] = []string{req.AccountID}
}

iamTokenName := deployserviceconfig.DefaultTeleportIAMTokenName
teleportConfigString, err := deployserviceconfig.GenerateTeleportConfigString(
Expand Down

0 comments on commit 678f00b

Please sign in to comment.