private async Task CreateNameSpace(
NamespaceName namespaceName,
ContextAccountCreatedDomainEvent domainEvent
)
{
var labels = new List <Label>
{
Label.CreateSafely("capability-id", domainEvent.Payload.CapabilityId.ToString()),
Label.CreateSafely("capability-name", domainEvent.Payload.CapabilityName),
Label.CreateSafely("context-id", domainEvent.Payload.ContextId.ToString()),
Label.CreateSafely("context-name", domainEvent.Payload.ContextName)
};
try
{
await _namespaceRepository.CreateNamespaceAsync(namespaceName, labels);
}
catch (NamespaceAlreadyExistException)
{
// TODO Should we assert labels exist?
_logger.LogInformation($"Not creating namespace {namespaceName} as it already exist in kubernetes");
}
await _namespaceRepository.AddAnnotations(namespaceName, new Dictionary <string, string>
{
{
"iam.amazonaws.com/permitted",
IAM.ConstructRoleArn(domainEvent.Payload.AccountId, ".*")
},
{
"dfds-aws-account-id",
domainEvent.Payload.AccountId
}
});
}
public async Task ConnectAwsArnToNameSpace(NamespaceName namespaceName, string roleArn)
{
var roleName = namespaceName;
await _configMapService.AddRole(
roleName : roleName,
roleArn : roleArn
);
var annotations = new Dictionary <string, string> {
{ "iam.amazonaws.com/permitted", roleName }
};
await _namespaceRepository.AddAnnotations(namespaceName, annotations);
}
