Documentation
¶
Index ¶
- Constants
- func AppendUri(uriList []*url.URL, uriValue string) []*url.URL
- func Copy(sourceFile, destFile string, perm os.FileMode) error
- func CopyCertKeyFile(srcKey, destKey, srcCert, destCert string, keyPerm int) error
- func EnsureBackUpDir(backUpDir string) error
- func EnvOrDefault(name string, defaultValue string) string
- func ExecIdCommand(arg string) int
- func ExtractServiceName(arn, comp string) (string, string, error)
- func FileExists(path string) bool
- func GenerateKeyPair(bits int) (*rsa.PrivateKey, error)
- func GenerateRoleCertCSR(key *rsa.PrivateKey, ...) (string, error)
- func GenerateSSHHostCSR(sshPubKeyFile string, domain, service, ip string, ztsAwsDomains []string) (string, error)
- func GenerateSvcCertCSR(key *rsa.PrivateKey, ...) (string, error)
- func GenerateX509CSR(key *rsa.PrivateKey, csrDetails CertReqDetails) (string, error)
- func GetAthenzJwkConfModTime(siaDir string) rdl.Timestamp
- func GetPEMBlock(privateKey *rsa.PrivateKey) []byte
- func GetRoleCertFileName(certDir, fileName, certName string) string
- func GetSvcCertFileName(certDir, fileName, domain, service string) string
- func GetUtilPath(command string) string
- func NewSysLogger() (io.Writer, error)
- func Nonce() (string, error)
- func ParseAssumedRoleArn(roleArn, serviceSuffix, accessProfileSeparator string) (string, string, string, string, error)
- func ParseCASpiffeUri(uri string) (string, string)
- func ParseEnvBooleanFlag(varName string) bool
- func ParseEnvIntFlag(varName string, defaultValue int) int
- func ParseRoleArn(roleArn, rolePrefix, roleSuffix, profileSeparator string) (string, string, string, string, error)
- func ParseRoleSpiffeUri(uri string) (string, string)
- func ParseServiceSpiffeUri(uri string) (string, string)
- func ParseTaskArn(taskArn string) (string, string, string, error)
- func PrivateKey(keyFile string, rotateKey bool) (*rsa.PrivateKey, error)
- func PrivateKeyFromFile(filename string) (*rsa.PrivateKey, error)
- func PrivatePem(privateKey *rsa.PrivateKey) string
- func ReadAthenzJwkConf(jwkConfFile string, jwkConfObj *zts.AthenzJWKConfig) error
- func SaveCertKey(key, cert []byte, file, keyPrefix, certPrefix string, uid, gid, fileMode int, ...) error
- func SetupSIADirs(siaMainDir, siaLinkDir string, ownerUid, ownerGid int) error
- func SplitDomain(domain string) (string, string)
- func SplitRoleName(roleName string) (string, string, error)
- func SvcAttrs(username, groupname string) (int, int, int)
- func SyscallSetGid(gid int) error
- func SyscallSetUid(uid int) error
- func TestGidForGroupCommand(t *testing.T)
- func TestGidForInvalidGroupCommand(t *testing.T)
- func TestUidGidForUserGroupCommand(t *testing.T)
- func UidGidForUserGroup(username, groupname string) (int, int)
- func UpdateFile(fileName string, contents []byte, uid, gid int, perm os.FileMode) error
- func UpdateKey(keyFile string, uid, gid int)
- func WriteAthenzJWKFile(athenzJwk *zts.AthenzJWKConfig, siaDir string, uid int, gid int) error
- func ZtsClient(ztsUrl, ztsServerName string, keyFile, certFile, caCertFile string) (*zts.ZTSClient, error)
- func ZtsHostName(identity, ztsAwsDomain string) string
- type CertReqDetails
- type SSHKeyReq
Constants ¶
View Source
const JwkConfFile = "athenz.conf"
View Source
const SshSupport = true
Variables ¶
This section is empty.
Functions ¶
func CopyCertKeyFile ¶
func EnsureBackUpDir ¶
func EnvOrDefault ¶ added in v1.11.3
func ExecIdCommand ¶ added in v1.10.48
func FileExists ¶
func GenerateKeyPair ¶
func GenerateKeyPair(bits int) (*rsa.PrivateKey, error)
func GenerateRoleCertCSR ¶ added in v1.10.40
func GenerateRoleCertCSR(key *rsa.PrivateKey, countryName, orgName, domain, service, roleName, instanceId, provider, emailDomain string) (string, error)
func GenerateSSHHostCSR ¶ added in v1.10.40
func GenerateSvcCertCSR ¶ added in v1.10.40
func GenerateX509CSR ¶
func GenerateX509CSR(key *rsa.PrivateKey, csrDetails CertReqDetails) (string, error)
func GetAthenzJwkConfModTime ¶ added in v1.11.2
func GetPEMBlock ¶
func GetPEMBlock(privateKey *rsa.PrivateKey) []byte
func GetRoleCertFileName ¶
func GetSvcCertFileName ¶ added in v1.10.40
func GetUtilPath ¶ added in v1.11.9
func NewSysLogger ¶
func ParseAssumedRoleArn ¶ added in v1.10.40
func ParseCASpiffeUri ¶ added in v1.10.41
func ParseEnvBooleanFlag ¶ added in v1.10.40
func ParseEnvIntFlag ¶ added in v1.10.41
func ParseRoleArn ¶ added in v1.10.40
func ParseRoleSpiffeUri ¶ added in v1.10.41
func ParseServiceSpiffeUri ¶ added in v1.10.41
func ParseTaskArn ¶ added in v1.10.40
func PrivateKey ¶
func PrivateKey(keyFile string, rotateKey bool) (*rsa.PrivateKey, error)
func PrivateKeyFromFile ¶
func PrivateKeyFromFile(filename string) (*rsa.PrivateKey, error)
func PrivatePem ¶
func PrivatePem(privateKey *rsa.PrivateKey) string
func ReadAthenzJwkConf ¶ added in v1.11.2
func ReadAthenzJwkConf(jwkConfFile string, jwkConfObj *zts.AthenzJWKConfig) error
func SaveCertKey ¶ added in v1.10.40
func SetupSIADirs ¶
func SplitDomain ¶
func SyscallSetGid ¶ added in v1.10.53
func SyscallSetUid ¶ added in v1.10.53
func TestGidForGroupCommand ¶ added in v1.10.40
func TestGidForInvalidGroupCommand ¶ added in v1.10.40
func TestUidGidForUserGroupCommand ¶ added in v1.10.40
func UidGidForUserGroup ¶
func UpdateFile ¶
func WriteAthenzJWKFile ¶ added in v1.11.2
func ZtsHostName ¶
Types ¶
type CertReqDetails ¶
type SSHKeyReq ¶ added in v1.10.40
type SSHKeyReq struct {
Principals []string `json:"principals"`
Ips []string `json:"ips,omitempty" rdl:"optional"`
Pubkey string `json:"pubkey"`
Reqip string `json:"reqip"`
Requser string `json:"requser"`
Certtype string `json:"certtype"`
Transid string `json:"transid"`
Command string `json:"command,omitempty" rdl:"optional"`
}
SSHKeyReq - congruent with certsign-rdl/certsign.rdl
Source Files
Click to show internal directories.
Click to hide internal directories.