azsecrets

package module
v1.3.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Nov 6, 2024 License: MIT Imports: 13 Imported by: 41

README

Azure Key Vault Secrets client module for Go

Azure Key Vault helps solve the following problems:

  • Secrets management (this module) - securely store and control access to tokens, passwords, certificates, API keys, and other secrets
  • Managed HSM administration (azadmin) - role-based access control (RBAC), settings, and vault-level backup and restore options
  • Certificate management (azcertificates) - create, manage, and deploy public and private SSL/TLS certificates
  • Cryptographic key management (azkeys) - create, store, and control access to the keys used to encrypt your data

Source code | Package (pkg.go.dev) | Product documentation | Samples

Getting started

Install packages

Install azsecrets and azidentity with go get:

go get github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azsecrets
go get github.com/Azure/azure-sdk-for-go/sdk/azidentity

azidentity is used for Azure Active Directory authentication as demonstrated below.

Prerequisites
  • An Azure subscription
  • A supported Go version (the Azure SDK supports the two most recent Go releases)
  • A key vault. If you need to create one, see the Key Vault documentation for instructions on doing so in the Azure Portal or with the Azure CLI.
Authentication

This document demonstrates using azidentity.NewDefaultAzureCredential to authenticate. This credential type works in both local development and production environments. We recommend using a managed identity in production.

Client accepts any azidentity credential. See the azidentity documentation for more information about other credential types.

Create a client

Constructing the client also requires your vault's URL, which you can get from the Azure CLI or the Azure Portal.

import (
	"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
	"github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azsecrets"
)

func main() {
	cred, err := azidentity.NewDefaultAzureCredential(nil)
	if err != nil {
		// TODO: handle error
	}

	client := azsecrets.NewClient("https://<TODO: your vault name>.vault.azure.net", cred, nil)
}

Key concepts

Secret

A secret consists of a secret value and its associated metadata and management information. This library handles secret values as strings, but Azure Key Vault doesn't store them as such. For more information about secrets and how Key Vault stores and manages them, see the Key Vault documentation.

azseecrets.Client can set secret values in the vault, update secret metadata, and delete secrets, as shown in the examples below.

Examples

Get started with our examples.

Troubleshooting

Error Handling

All methods which send HTTP requests return *azcore.ResponseError when these requests fail. ResponseError has error details and the raw response from Key Vault.

import "github.com/Azure/azure-sdk-for-go/sdk/azcore"

resp, err := client.GetSecret(context.Background(), "secretName", nil)
if err != nil {
    var httpErr *azcore.ResponseError
    if errors.As(err, &httpErr) {
        // TODO: investigate httpErr
    } else {
        // TODO: not an HTTP error
    }
}
Logging

This module uses the logging implementation in azcore. To turn on logging for all Azure SDK modules, set AZURE_SDK_GO_LOGGING to all. By default the logger writes to stderr. Use the azcore/log package to control log output. For example, logging only HTTP request and response events, and printing them to stdout:

import azlog "github.com/Azure/azure-sdk-for-go/sdk/azcore/log"

// Print log events to stdout
azlog.SetListener(func(cls azlog.Event, msg string) {
	fmt.Println(msg)
})

// Includes only requests and responses in logs
azlog.SetEvents(azlog.EventRequest, azlog.EventResponse)
Accessing http.Response

You can access the raw *http.Response returned by Key Vault using the runtime.WithCaptureResponse method and a context passed to any client method.

import "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime"

var response *http.Response
ctx := runtime.WithCaptureResponse(context.TODO(), &response)
_, err = client.GetSecret(ctx, "secretName", nil)
if err != nil {
    // TODO: handle error
}
// TODO: do something with response
Additional Documentation

See the API reference documentation for complete documentation of this module.

Contributing

This project welcomes contributions and suggestions. Most contributions require you to agree to a Contributor License Agreement (CLA) declaring that you have the right to, and actually do, grant us the rights to use your contribution. For details, visit https://cla.microsoft.com.

When you submit a pull request, a CLA-bot will automatically determine whether you need to provide a CLA and decorate the PR appropriately (e.g., label, comment). Simply follow the instructions provided by the bot. You will only need to do this once across all repos using our CLA.

This project has adopted the Microsoft Open Source Code of Conduct. For more information, see the Code of Conduct FAQ or contact opencode@microsoft.com with any additional questions or comments.

Impressions

Documentation

Index

Examples

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type BackupSecretOptions 

type BackupSecretOptions struct {
}

BackupSecretOptions contains the optional parameters for the Client.BackupSecret method.

type BackupSecretResponse 

type BackupSecretResponse struct {
	// The backup secret result, containing the backup blob.
	BackupSecretResult
}

BackupSecretResponse contains the response from method Client.BackupSecret.

type BackupSecretResult 

type BackupSecretResult struct {
	// READ-ONLY; The backup blob containing the backed up secret.
	Value []byte
}

BackupSecretResult - The backup secret result, containing the backup blob.

func (BackupSecretResult) MarshalJSON 

func (b BackupSecretResult) MarshalJSON() ([]byte, error)

MarshalJSON implements the json.Marshaller interface for type BackupSecretResult.

func (*BackupSecretResult) UnmarshalJSON 

func (b *BackupSecretResult) UnmarshalJSON(data []byte) error

UnmarshalJSON implements the json.Unmarshaller interface for type BackupSecretResult.

type Client 

type Client struct {
	// contains filtered or unexported fields
}

Client contains the methods for the Client group. Don't use this type directly, use a constructor function instead.

func NewClient 

func NewClient(vaultURL string, credential azcore.TokenCredential, options *ClientOptions) (*Client, error)

NewClient creates a client that accesses a Key Vault's secrets. You should validate that vaultURL references a valid Key Vault. See https://aka.ms/azsdk/blog/vault-uri for details.

Example 
package main

import (
	"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
	"github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azsecrets"
)

func main() {
	vaultURL := "https://<TODO: your vault name>.vault.azure.net"
	cred, err := azidentity.NewDefaultAzureCredential(nil)
	if err != nil {
		// TODO: handle error
	}

	client, err := azsecrets.NewClient(vaultURL, cred, nil)
	if err != nil {
		// TODO: handle error
	}

	_ = client
}

Output:

func (*Client) BackupSecret 

func (client *Client) BackupSecret(ctx context.Context, name string, options *BackupSecretOptions) (BackupSecretResponse, error)

BackupSecret - Requests that a backup of the specified secret be downloaded to the client. All versions of the secret will be downloaded. This operation requires the secrets/backup permission. If the operation fails it returns an *azcore.ResponseError type.

Generated from API version 7.5

  • name - The name of the secret.
  • options - BackupSecretOptions contains the optional parameters for the Client.BackupSecret method.
Example 
package main

import (
	"context"
	"fmt"

	"github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azsecrets"
)

var client azsecrets.Client

func main() {
	backup, err := client.BackupSecret(context.TODO(), "mySecret", nil)
	if err != nil {
		// TODO: handle error
	}

	restoreResp, err := client.RestoreSecret(context.TODO(), azsecrets.RestoreSecretParameters{SecretBackup: backup.Value}, nil)
	if err != nil {
		// TODO: handle error
	}

	fmt.Printf("Restored ID %s\n", *restoreResp.ID)
}

Output:

func (*Client) DeleteSecret 

func (client *Client) DeleteSecret(ctx context.Context, name string, options *DeleteSecretOptions) (DeleteSecretResponse, error)

DeleteSecret - The DELETE operation applies to any secret stored in Azure Key Vault. DELETE cannot be applied to an individual version of a secret. This operation requires the secrets/delete permission. If the operation fails it returns an *azcore.ResponseError type.

Generated from API version 7.5

  • name - The name of the secret.
  • options - DeleteSecretOptions contains the optional parameters for the Client.DeleteSecret method.
Example 
package main

import (
	"context"
	"fmt"

	"github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azsecrets"
)

var client azsecrets.Client

func main() {
	// DeleteSecret returns when Key Vault has begun deleting the secret. That can take several
	// seconds to complete, so it may be necessary to wait before performing other operations
	// on the deleted secret.
	resp, err := client.DeleteSecret(context.TODO(), "secretToDelete", nil)
	if err != nil {
		// TODO: handle error
	}

	fmt.Println("deleted secret", resp.ID.Name())
}

Output:

func (*Client) GetDeletedSecret 

func (client *Client) GetDeletedSecret(ctx context.Context, name string, options *GetDeletedSecretOptions) (GetDeletedSecretResponse, error)

GetDeletedSecret - The Get Deleted Secret operation returns the specified deleted secret along with its attributes. This operation requires the secrets/get permission. If the operation fails it returns an *azcore.ResponseError type.

Generated from API version 7.5

  • name - The name of the secret.
  • options - GetDeletedSecretOptions contains the optional parameters for the Client.GetDeletedSecret method.

func (*Client) GetSecret 

func (client *Client) GetSecret(ctx context.Context, name string, version string, options *GetSecretOptions) (GetSecretResponse, error)

GetSecret - The GET operation is applicable to any secret stored in Azure Key Vault. This operation requires the secrets/get permission. If the operation fails it returns an *azcore.ResponseError type.

Generated from API version 7.5

  • name - The name of the secret.
  • version - The version of the secret. This URI fragment is optional. If not specified, the latest version of the secret is returned.
  • options - GetSecretOptions contains the optional parameters for the Client.GetSecret method.
Example 
package main

import (
	"context"
	"fmt"

	"github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azsecrets"
)

var client azsecrets.Client

func main() {
	// an empty string gets the latest version of the secret
	version := ""
	resp, err := client.GetSecret(context.TODO(), "mySecretName", version, nil)
	if err != nil {
		// TODO: handle error
	}

	fmt.Printf("Secret Name: %s\tSecret Value: %s", resp.ID.Name(), *resp.Value)
}

Output:

func (*Client) NewListDeletedSecretPropertiesPager added in v0.14.0 

func (client *Client) NewListDeletedSecretPropertiesPager(options *ListDeletedSecretPropertiesOptions) *runtime.Pager[ListDeletedSecretPropertiesResponse]

NewListDeletedSecretPropertiesPager - The Get Deleted Secrets operation returns the secrets that have been deleted for a vault enabled for soft-delete. This operation requires the secrets/list permission.

Generated from API version 7.5

  • options - ListDeletedSecretPropertiesOptions contains the optional parameters for the Client.NewListDeletedSecretPropertiesPager method.

func (*Client) NewListSecretPropertiesPager added in v0.14.0 

func (client *Client) NewListSecretPropertiesPager(options *ListSecretPropertiesOptions) *runtime.Pager[ListSecretPropertiesResponse]

NewListSecretPropertiesPager - The Get Secrets operation is applicable to the entire vault. However, only the base secret identifier and its attributes are provided in the response. Individual secret versions are not listed in the response. This operation requires the secrets/list permission.

Generated from API version 7.5

  • options - ListSecretPropertiesOptions contains the optional parameters for the Client.NewListSecretPropertiesPager method.
Example

List pages don't include secret values. Use Client.GetSecret to retrieve secret values. 

package main

import (
	"context"
	"fmt"

	"github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azsecrets"
)

var client azsecrets.Client

func main() {
	pager := client.NewListSecretPropertiesPager(nil)
	for pager.More() {
		page, err := pager.NextPage(context.TODO())
		if err != nil {
			// TODO: handle error
		}
		for _, secret := range page.Value {
			fmt.Printf("Secret Name: %s\tSecret Tags: %v\n", secret.ID.Name(), secret.Tags)
		}
	}
}

Output:

func (*Client) NewListSecretPropertiesVersionsPager added in v0.14.0 

func (client *Client) NewListSecretPropertiesVersionsPager(name string, options *ListSecretPropertiesVersionsOptions) *runtime.Pager[ListSecretPropertiesVersionsResponse]

NewListSecretPropertiesVersionsPager - The full secret identifier and attributes are provided in the response. No values are returned for the secrets. This operations requires the secrets/list permission.

Generated from API version 7.5

  • name - The name of the secret.
  • options - ListSecretPropertiesVersionsOptions contains the optional parameters for the Client.NewListSecretPropertiesVersionsPager method.

func (*Client) PurgeDeletedSecret 

func (client *Client) PurgeDeletedSecret(ctx context.Context, name string, options *PurgeDeletedSecretOptions) (PurgeDeletedSecretResponse, error)

PurgeDeletedSecret - The purge deleted secret operation removes the secret permanently, without the possibility of recovery. This operation can only be enabled on a soft-delete enabled vault. This operation requires the secrets/purge permission. If the operation fails it returns an *azcore.ResponseError type.

Generated from API version 7.5

  • name - The name of the secret.
  • options - PurgeDeletedSecretOptions contains the optional parameters for the Client.PurgeDeletedSecret method.
Example 
package main

import (
	"context"

	"github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azsecrets"
)

var client azsecrets.Client

func main() {
	// this loop purges all the deleted secrets in the vault
	pager := client.NewListDeletedSecretPropertiesPager(nil)
	for pager.More() {
		page, err := pager.NextPage(context.TODO())
		if err != nil {
			// TODO: handle error
		}
		for _, secret := range page.Value {
			_, err := client.PurgeDeletedSecret(context.TODO(), secret.ID.Name(), nil)
			if err != nil {
				// TODO: handle error
			}
		}
	}
}

Output:

func (*Client) RecoverDeletedSecret 

func (client *Client) RecoverDeletedSecret(ctx context.Context, name string, options *RecoverDeletedSecretOptions) (RecoverDeletedSecretResponse, error)

RecoverDeletedSecret - Recovers the deleted secret in the specified vault. This operation can only be performed on a soft-delete enabled vault. This operation requires the secrets/recover permission. If the operation fails it returns an *azcore.ResponseError type.

Generated from API version 7.5

  • name - The name of the deleted secret.
  • options - RecoverDeletedSecretOptions contains the optional parameters for the Client.RecoverDeletedSecret method.
Example 
package main

import (
	"context"
	"fmt"

	"github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azsecrets"
)

var client azsecrets.Client

func main() {
	resp, err := client.RecoverDeletedSecret(context.TODO(), "myDeletedSecret", nil)
	if err != nil {
		// TODO: handle error
	}
	fmt.Println("recovered deleted secret", resp.ID.Name())
}

Output:

func (*Client) RestoreSecret 

func (client *Client) RestoreSecret(ctx context.Context, parameters RestoreSecretParameters, options *RestoreSecretOptions) (RestoreSecretResponse, error)

RestoreSecret - Restores a backed up secret, and all its versions, to a vault. This operation requires the secrets/restore permission. If the operation fails it returns an *azcore.ResponseError type.

Generated from API version 7.5

  • parameters - The parameters to restore the secret.
  • options - RestoreSecretOptions contains the optional parameters for the Client.RestoreSecret method.
Example 
package main

import (
	"context"
	"fmt"

	"github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azsecrets"
)

var client azsecrets.Client

func main() {
	backup, err := client.BackupSecret(context.TODO(), "mySecret", nil)
	if err != nil {
		// TODO: handle error
	}

	restoreResp, err := client.RestoreSecret(context.TODO(), azsecrets.RestoreSecretParameters{SecretBackup: backup.Value}, nil)
	if err != nil {
		// TODO: handle error
	}

	fmt.Printf("Restored ID %s\n", *restoreResp.ID)
}

Output:

func (*Client) SetSecret 

func (client *Client) SetSecret(ctx context.Context, name string, parameters SetSecretParameters, options *SetSecretOptions) (SetSecretResponse, error)

SetSecret - The SET operation adds a secret to the Azure Key Vault. If the named secret already exists, Azure Key Vault creates a new version of that secret. This operation requires the secrets/set permission. If the operation fails it returns an *azcore.ResponseError type.

Generated from API version 7.5

  • name - The name of the secret. The value you provide may be copied globally for the purpose of running the service. The value provided should not include personally identifiable or sensitive information.
  • parameters - The parameters for setting the secret.
  • options - SetSecretOptions contains the optional parameters for the Client.SetSecret method.
Example 
package main

import (
	"context"
	"fmt"

	"github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azsecrets"
)

var client azsecrets.Client

func main() {
	name := "mySecret"
	value := "mySecretValue"
	// If no secret with the given name exists, Key Vault creates a new secret with that name and the given value.
	// If the given name is in use, Key Vault creates a new version of that secret, with the given value.
	resp, err := client.SetSecret(context.TODO(), name, azsecrets.SetSecretParameters{Value: &value}, nil)
	if err != nil {
		// TODO: handle error
	}

	fmt.Printf("Set secret %s", resp.ID.Name())
}

Output:

func (*Client) UpdateSecretProperties added in v0.14.0 

func (client *Client) UpdateSecretProperties(ctx context.Context, name string, version string, parameters UpdateSecretPropertiesParameters, options *UpdateSecretPropertiesOptions) (UpdateSecretPropertiesResponse, error)

UpdateSecretProperties - The UPDATE operation changes specified attributes of an existing stored secret. Attributes that are not specified in the request are left unchanged. The value of a secret itself cannot be changed. This operation requires the secrets/set permission. If the operation fails it returns an *azcore.ResponseError type.

Generated from API version 7.5

  • name - The name of the secret.
  • version - The version of the secret.
  • parameters - The parameters for update secret operation.
  • options - UpdateSecretPropertiesOptions contains the optional parameters for the Client.UpdateSecretProperties method.
Example

UpdateSecret updates a secret's metadata. It can't change the secret's value; use Client.SetSecret to set a secret's value. 

package main

import (
	"context"
	"fmt"
	"time"

	"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
	"github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azsecrets"
)

var client azsecrets.Client

func main() {
	updateParams := azsecrets.UpdateSecretPropertiesParameters{
		SecretAttributes: &azsecrets.SecretAttributes{
			Expires: to.Ptr(time.Now().Add(48 * time.Hour)),
		},
		// Key Vault doesn't interpret tags. The keys and values are up to your application.
		Tags: map[string]*string{"expiration-extended": to.Ptr("true")},
	}
	// an empty version updates the latest version of the secret
	version := ""
	resp, err := client.UpdateSecretProperties(context.Background(), "mySecretName", version, updateParams, nil)
	if err != nil {
		// TODO: handle error
	}
	fmt.Println("Updated secret", resp.ID.Name())
}

Output:

type ClientOptions 

type ClientOptions struct {
	azcore.ClientOptions

	// DisableChallengeResourceVerification controls whether the policy requires the
	// authentication challenge resource to match the Key Vault or Managed HSM domain.
	// See https://aka.ms/azsdk/blog/vault-uri for more information.
	DisableChallengeResourceVerification bool
}

ClientOptions contains optional settings for Client.

type DeleteSecretOptions 

type DeleteSecretOptions struct {
}

DeleteSecretOptions contains the optional parameters for the Client.DeleteSecret method.

type DeleteSecretResponse 

type DeleteSecretResponse struct {
	// A Deleted Secret consisting of its previous id, attributes and its tags, as well as information on when it will be purged.
	DeletedSecret
}

DeleteSecretResponse contains the response from method Client.DeleteSecret.

type DeletedSecret added in v0.14.0 

type DeletedSecret struct {
	// The secret management attributes.
	Attributes *SecretAttributes

	// The content type of the secret.
	ContentType *string

	// The secret id.
	ID *ID

	// The url of the recovery object, used to identify and recover the deleted secret.
	RecoveryID *string

	// Application specific metadata in the form of key-value pairs.
	Tags map[string]*string

	// The secret value.
	Value *string

	// READ-ONLY; The time when the secret was deleted, in UTC
	DeletedDate *time.Time

	// READ-ONLY; If this is a secret backing a KV certificate, then this field specifies the corresponding key backing the KV
	// certificate.
	KID *ID

	// READ-ONLY; True if the secret's lifetime is managed by key vault. If this is a secret backing a certificate, then managed
	// will be true.
	Managed *bool

	// READ-ONLY; The time when the secret is scheduled to be purged, in UTC
	ScheduledPurgeDate *time.Time
}

DeletedSecret - A Deleted Secret consisting of its previous id, attributes and its tags, as well as information on when it will be purged.

func (DeletedSecret) MarshalJSON added in v0.14.0 

func (d DeletedSecret) MarshalJSON() ([]byte, error)

MarshalJSON implements the json.Marshaller interface for type DeletedSecret.

func (*DeletedSecret) UnmarshalJSON added in v0.14.0 

func (d *DeletedSecret) UnmarshalJSON(data []byte) error

UnmarshalJSON implements the json.Unmarshaller interface for type DeletedSecret.

type DeletedSecretProperties added in v0.14.0 

type DeletedSecretProperties struct {
	// The secret management attributes.
	Attributes *SecretAttributes

	// Type of the secret value such as a password.
	ContentType *string

	// Secret identifier.
	ID *ID

	// The url of the recovery object, used to identify and recover the deleted secret.
	RecoveryID *string

	// Application specific metadata in the form of key-value pairs.
	Tags map[string]*string

	// READ-ONLY; The time when the secret was deleted, in UTC
	DeletedDate *time.Time

	// READ-ONLY; True if the secret's lifetime is managed by key vault. If this is a key backing a certificate, then managed
	// will be true.
	Managed *bool

	// READ-ONLY; The time when the secret is scheduled to be purged, in UTC
	ScheduledPurgeDate *time.Time
}

DeletedSecretProperties - The deleted secret item containing metadata about the deleted secret.

func (DeletedSecretProperties) MarshalJSON added in v0.14.0 

func (d DeletedSecretProperties) MarshalJSON() ([]byte, error)

MarshalJSON implements the json.Marshaller interface for type DeletedSecretProperties.

func (*DeletedSecretProperties) UnmarshalJSON added in v0.14.0 

func (d *DeletedSecretProperties) UnmarshalJSON(data []byte) error

UnmarshalJSON implements the json.Unmarshaller interface for type DeletedSecretProperties.

type DeletedSecretPropertiesListResult added in v0.14.0 

type DeletedSecretPropertiesListResult struct {
	// READ-ONLY; The URL to get the next set of deleted secrets.
	NextLink *string

	// READ-ONLY; A response message containing a list of the deleted secrets in the vault along with a link to the next page
	// of deleted secrets
	Value []*DeletedSecretProperties
}

DeletedSecretPropertiesListResult - The deleted secret list result

func (DeletedSecretPropertiesListResult) MarshalJSON added in v0.14.0 

func (d DeletedSecretPropertiesListResult) MarshalJSON() ([]byte, error)

MarshalJSON implements the json.Marshaller interface for type DeletedSecretPropertiesListResult.

func (*DeletedSecretPropertiesListResult) UnmarshalJSON added in v0.14.0 

func (d *DeletedSecretPropertiesListResult) UnmarshalJSON(data []byte) error

UnmarshalJSON implements the json.Unmarshaller interface for type DeletedSecretPropertiesListResult.

type GetDeletedSecretOptions 

type GetDeletedSecretOptions struct {
}

GetDeletedSecretOptions contains the optional parameters for the Client.GetDeletedSecret method.

type GetDeletedSecretResponse 

type GetDeletedSecretResponse struct {
	// A Deleted Secret consisting of its previous id, attributes and its tags, as well as information on when it will be purged.
	DeletedSecret
}

GetDeletedSecretResponse contains the response from method Client.GetDeletedSecret.

type GetSecretOptions 

type GetSecretOptions struct {
}

GetSecretOptions contains the optional parameters for the Client.GetSecret method.

type GetSecretResponse 

type GetSecretResponse struct {
	// A secret consisting of a value, id and its attributes.
	Secret
}

GetSecretResponse contains the response from method Client.GetSecret.

type ID 

type ID string

ID is a secret's unique ID, containing its name and version.

func (*ID) Name 

func (i *ID) Name() string

Name of the secret.

func (*ID) Version 

func (i *ID) Version() string

Version of the secret. This returns an empty string when the ID contains no version.

type ListDeletedSecretPropertiesOptions added in v0.14.0 

type ListDeletedSecretPropertiesOptions struct {
}

ListDeletedSecretPropertiesOptions contains the optional parameters for the Client.NewListDeletedSecretPropertiesPager method.

type ListDeletedSecretPropertiesResponse added in v0.14.0 

type ListDeletedSecretPropertiesResponse struct {
	// The deleted secret list result
	DeletedSecretPropertiesListResult
}

ListDeletedSecretPropertiesResponse contains the response from method Client.NewListDeletedSecretPropertiesPager.

type ListSecretPropertiesOptions added in v0.14.0 

type ListSecretPropertiesOptions struct {
}

ListSecretPropertiesOptions contains the optional parameters for the Client.NewListSecretPropertiesPager method.

type ListSecretPropertiesResponse added in v0.14.0 

type ListSecretPropertiesResponse struct {
	// The secret list result.
	SecretPropertiesListResult
}

ListSecretPropertiesResponse contains the response from method Client.NewListSecretPropertiesPager.

type ListSecretPropertiesVersionsOptions added in v0.14.0 

type ListSecretPropertiesVersionsOptions struct {
}

ListSecretPropertiesVersionsOptions contains the optional parameters for the Client.NewListSecretPropertiesVersionsPager method.

type ListSecretPropertiesVersionsResponse added in v0.14.0 

type ListSecretPropertiesVersionsResponse struct {
	// The secret list result.
	SecretPropertiesListResult
}

ListSecretPropertiesVersionsResponse contains the response from method Client.NewListSecretPropertiesVersionsPager.

type PurgeDeletedSecretOptions 

type PurgeDeletedSecretOptions struct {
}

PurgeDeletedSecretOptions contains the optional parameters for the Client.PurgeDeletedSecret method.

type PurgeDeletedSecretResponse 

type PurgeDeletedSecretResponse struct {
}

PurgeDeletedSecretResponse contains the response from method Client.PurgeDeletedSecret.

type RecoverDeletedSecretOptions 

type RecoverDeletedSecretOptions struct {
}

RecoverDeletedSecretOptions contains the optional parameters for the Client.RecoverDeletedSecret method.

type RecoverDeletedSecretResponse 

type RecoverDeletedSecretResponse struct {
	// A secret consisting of a value, id and its attributes.
	Secret
}

RecoverDeletedSecretResponse contains the response from method Client.RecoverDeletedSecret.

type RestoreSecretOptions 

type RestoreSecretOptions struct {
}

RestoreSecretOptions contains the optional parameters for the Client.RestoreSecret method.

type RestoreSecretParameters 

type RestoreSecretParameters struct {
	// REQUIRED; The backup blob associated with a secret bundle.
	SecretBackup []byte
}

RestoreSecretParameters - The secret restore parameters.

func (RestoreSecretParameters) MarshalJSON 

func (r RestoreSecretParameters) MarshalJSON() ([]byte, error)

MarshalJSON implements the json.Marshaller interface for type RestoreSecretParameters.

func (*RestoreSecretParameters) UnmarshalJSON 

func (r *RestoreSecretParameters) UnmarshalJSON(data []byte) error

UnmarshalJSON implements the json.Unmarshaller interface for type RestoreSecretParameters.

type RestoreSecretResponse 

type RestoreSecretResponse struct {
	// A secret consisting of a value, id and its attributes.
	Secret
}

RestoreSecretResponse contains the response from method Client.RestoreSecret.

type Secret added in v0.14.0 

type Secret struct {
	// The secret management attributes.
	Attributes *SecretAttributes

	// The content type of the secret.
	ContentType *string

	// The secret id.
	ID *ID

	// Application specific metadata in the form of key-value pairs.
	Tags map[string]*string

	// The secret value.
	Value *string

	// READ-ONLY; If this is a secret backing a KV certificate, then this field specifies the corresponding key backing the KV
	// certificate.
	KID *ID

	// READ-ONLY; True if the secret's lifetime is managed by key vault. If this is a secret backing a certificate, then managed
	// will be true.
	Managed *bool
}

Secret - A secret consisting of a value, id and its attributes.

func (Secret) MarshalJSON added in v0.14.0 

func (s Secret) MarshalJSON() ([]byte, error)

MarshalJSON implements the json.Marshaller interface for type Secret.

func (*Secret) UnmarshalJSON added in v0.14.0 

func (s *Secret) UnmarshalJSON(data []byte) error

UnmarshalJSON implements the json.Unmarshaller interface for type Secret.

type SecretAttributes 

type SecretAttributes struct {
	// Determines whether the object is enabled.
	Enabled *bool

	// Expiry date in UTC.
	Expires *time.Time

	// Not before date in UTC.
	NotBefore *time.Time

	// READ-ONLY; Creation time in UTC.
	Created *time.Time

	// READ-ONLY; softDelete data retention days. Value should be >=7 and <=90 when softDelete enabled, otherwise 0.
	RecoverableDays *int32

	// READ-ONLY; Reflects the deletion recovery level currently in effect for secrets in the current vault. If it contains 'Purgeable',
	// the secret can be permanently deleted by a privileged user; otherwise, only the
	// system can purge the secret, at the end of the retention interval.
	RecoveryLevel *string

	// READ-ONLY; Last updated time in UTC.
	Updated *time.Time
}

SecretAttributes - The secret management attributes.

func (SecretAttributes) MarshalJSON 

func (s SecretAttributes) MarshalJSON() ([]byte, error)

MarshalJSON implements the json.Marshaller interface for type SecretAttributes.

func (*SecretAttributes) UnmarshalJSON 

func (s *SecretAttributes) UnmarshalJSON(data []byte) error

UnmarshalJSON implements the json.Unmarshaller interface for type SecretAttributes.

type SecretProperties added in v0.14.0 

type SecretProperties struct {
	// The secret management attributes.
	Attributes *SecretAttributes

	// Type of the secret value such as a password.
	ContentType *string

	// Secret identifier.
	ID *ID

	// Application specific metadata in the form of key-value pairs.
	Tags map[string]*string

	// READ-ONLY; True if the secret's lifetime is managed by key vault. If this is a key backing a certificate, then managed
	// will be true.
	Managed *bool
}

SecretProperties - The secret item containing secret metadata.

func (SecretProperties) MarshalJSON added in v0.14.0 

func (s SecretProperties) MarshalJSON() ([]byte, error)

MarshalJSON implements the json.Marshaller interface for type SecretProperties.

func (*SecretProperties) UnmarshalJSON added in v0.14.0 

func (s *SecretProperties) UnmarshalJSON(data []byte) error

UnmarshalJSON implements the json.Unmarshaller interface for type SecretProperties.

type SecretPropertiesListResult added in v0.14.0 

type SecretPropertiesListResult struct {
	// READ-ONLY; The URL to get the next set of secrets.
	NextLink *string

	// READ-ONLY; A response message containing a list of secrets in the key vault along with a link to the next page of secrets.
	Value []*SecretProperties
}

SecretPropertiesListResult - The secret list result.

func (SecretPropertiesListResult) MarshalJSON added in v0.14.0 

func (s SecretPropertiesListResult) MarshalJSON() ([]byte, error)

MarshalJSON implements the json.Marshaller interface for type SecretPropertiesListResult.

func (*SecretPropertiesListResult) UnmarshalJSON added in v0.14.0 

func (s *SecretPropertiesListResult) UnmarshalJSON(data []byte) error

UnmarshalJSON implements the json.Unmarshaller interface for type SecretPropertiesListResult.

type SetSecretOptions 

type SetSecretOptions struct {
}

SetSecretOptions contains the optional parameters for the Client.SetSecret method.

type SetSecretParameters 

type SetSecretParameters struct {
	// REQUIRED; The value of the secret.
	Value *string

	// Type of the secret value such as a password.
	ContentType *string

	// The secret management attributes.
	SecretAttributes *SecretAttributes

	// Application specific metadata in the form of key-value pairs.
	Tags map[string]*string
}

SetSecretParameters - The secret set parameters.

func (SetSecretParameters) MarshalJSON 

func (s SetSecretParameters) MarshalJSON() ([]byte, error)

MarshalJSON implements the json.Marshaller interface for type SetSecretParameters.

func (*SetSecretParameters) UnmarshalJSON 

func (s *SetSecretParameters) UnmarshalJSON(data []byte) error

UnmarshalJSON implements the json.Unmarshaller interface for type SetSecretParameters.

type SetSecretResponse 

type SetSecretResponse struct {
	// A secret consisting of a value, id and its attributes.
	Secret
}

SetSecretResponse contains the response from method Client.SetSecret.

type UpdateSecretPropertiesOptions added in v0.14.0 

type UpdateSecretPropertiesOptions struct {
}

UpdateSecretPropertiesOptions contains the optional parameters for the Client.UpdateSecretProperties method.

type UpdateSecretPropertiesParameters added in v0.14.0 

type UpdateSecretPropertiesParameters struct {
	// Type of the secret value such as a password.
	ContentType *string

	// The secret management attributes.
	SecretAttributes *SecretAttributes

	// Application specific metadata in the form of key-value pairs.
	Tags map[string]*string
}

UpdateSecretPropertiesParameters - The secret update parameters.

func (UpdateSecretPropertiesParameters) MarshalJSON added in v0.14.0 

func (u UpdateSecretPropertiesParameters) MarshalJSON() ([]byte, error)

MarshalJSON implements the json.Marshaller interface for type UpdateSecretPropertiesParameters.

func (*UpdateSecretPropertiesParameters) UnmarshalJSON added in v0.14.0 

func (u *UpdateSecretPropertiesParameters) UnmarshalJSON(data []byte) error

UnmarshalJSON implements the json.Unmarshaller interface for type UpdateSecretPropertiesParameters.

type UpdateSecretPropertiesResponse added in v0.14.0 

type UpdateSecretPropertiesResponse struct {
	// A secret consisting of a value, id and its attributes.
	Secret
}

UpdateSecretPropertiesResponse contains the response from method Client.UpdateSecretProperties.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.