certs

package
v1.33.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Nov 15, 2022 License: Apache-2.0 Imports: 18 Imported by: 17

Documentation

Overview

Package certs implements a CertSource which speaks to the public Cloud SQL API endpoint.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type RemoteCertSource

type RemoteCertSource struct {

	// a list of ip address types that users select
	IPAddrTypes []string
	// flag to enable IAM proxy db authentication
	EnableIAMLogin bool
	// token source for the token information used in cert creation
	TokenSource oauth2.TokenSource
	// contains filtered or unexported fields
}

RemoteCertSource implements a CertSource, using Cloud SQL APIs to return Local certificates for identifying oneself as a specific user to the remote instance and Remote certificates for confirming the remote database's identity.

func NewCertSource

func NewCertSource(host string, c *http.Client, checkRegion bool) *RemoteCertSource

NewCertSource returns a CertSource which can be used to authenticate using the provided client, which must not be nil.

This function is deprecated; use NewCertSourceOpts instead.

func NewCertSourceOpts

func NewCertSourceOpts(c *http.Client, opts RemoteOpts) *RemoteCertSource

NewCertSourceOpts returns a CertSource configured with the provided Opts. The provided http.Client must not be nil.

Use this function instead of NewCertSource; it has a more forward-compatible signature.

func (*RemoteCertSource) Local

func (s *RemoteCertSource) Local(instance string) (tls.Certificate, error)

Local returns a certificate that may be used to establish a TLS connection to the specified instance.

func (*RemoteCertSource) Remote

func (s *RemoteCertSource) Remote(instance string) (cert *x509.Certificate, addr, name, version string, err error)

Remote returns the specified instance's CA certificate, address, and name.

type RemoteOpts

type RemoteOpts struct {
	// APIBasePath specifies the base path for the sqladmin API. If left blank,
	// the default from the autogenerated sqladmin library is used (which is
	// sufficient for nearly all users)
	APIBasePath string

	// IgnoreRegion specifies whether a missing or mismatched region in the
	// instance name should be ignored. In a future version this value will be
	// forced to 'false' by the RemoteCertSource.
	IgnoreRegion bool

	// A string for the RemoteCertSource to identify itself when contacting the
	// sqladmin API.
	UserAgent string

	// IP address type options
	IPAddrTypeOpts []string

	// Enable IAM proxy db authentication
	EnableIAMLogin bool

	// Token source for token information used in cert creation
	TokenSource oauth2.TokenSource

	// DelayKeyGenerate, if true, causes the RSA key to be generated lazily
	// on the first connection to a database. The default behavior is to generate
	// the key when the CertSource is created.
	DelayKeyGenerate bool
}

RemoteOpts are a collection of options for NewCertSourceOpts. All fields are optional.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL