README
¶
awssecretsmanager
A package which implements a remote certificate+key store and a locking mechanism to serialise ACME transactions using AWS Secrets Manager.
It is recommended to use an instance role to access the secret. The following IAM policies are the minimum required to read and update the secret. This is an example policy document statement for Terraform:
statement {
actions = [
"secretsmanager:GetSecretValue",
"secretsmanager:PutSecretValue",
"secretsmanager:UpdateSecretVersionStage",
]
resources = [
"aws_secretsmanager_secret.keymaster_x509.arn",
]
}
aws_secretsmanager_secret.keymaster_x509.arn should expand to the ARN for the
secret.
Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type LockingStorer ¶
type LockingStorer struct {
// contains filtered or unexported fields
}
func New ¶
func New(secretId string, logger log.DebugLogger) (*LockingStorer, error)
func (*LockingStorer) GetLostChannel ¶
func (ls *LockingStorer) GetLostChannel() <-chan error
func (*LockingStorer) Lock ¶
func (ls *LockingStorer) Lock() error
func (*LockingStorer) Read ¶
func (ls *LockingStorer) Read() (*certmanager.Certificate, error)
func (*LockingStorer) Unlock ¶
func (ls *LockingStorer) Unlock() error
func (*LockingStorer) Write ¶
func (ls *LockingStorer) Write(cert *certmanager.Certificate) error
Source Files
Click to show internal directories.
Click to hide internal directories.