vault

package
v1.391.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Oct 9, 2024 License: Apache-2.0 Imports: 14 Imported by: 4

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Client

type Client struct {
	// contains filtered or unexported fields
}

Client handles communication with Vault

func NewClient

func NewClient(config *Config, token string) (Client, error)

NewClient instantiates a Client and sets the specified token

func NewClientWithAppRole added in v1.85.0

func NewClientWithAppRole(config *Config, roleID, secretID string) (Client, error)

NewClientWithAppRole instantiates a new client and obtains a token via the AppRole auth method

func (*Client) GenerateNewAppRoleSecret added in v1.108.0

func (v *Client) GenerateNewAppRoleSecret(secretID, appRoleName string) (string, error)

GenerateNewAppRoleSecret creates a new secret-id

func (*Client) GetAppRoleName added in v1.108.0

func (v *Client) GetAppRoleName() (string, error)

GetAppRoleName returns the AppRole role name which was used to authenticate. Returns "" when AppRole authentication wasn't used

func (*Client) GetAppRoleSecretIDTtl added in v1.108.0

func (v *Client) GetAppRoleSecretIDTtl(secretID, roleName string) (time.Duration, error)

GetAppRoleSecretIDTtl returns the remaining time until the given secret-id expires

func (Client) GetKvSecret

func (v Client) GetKvSecret(path string) (map[string]string, error)

GetKvSecret reads secret from the KV engine. It Automatically transforms the logical path to the HTTP API Path for the corresponding KV Engine version

func (Client) GetOIDCTokenByValidation added in v1.361.0

func (v Client) GetOIDCTokenByValidation(roleID string) (string, error)

GetOIDCTokenByValidation returns the token if token is expired then get a new token else return old token

func (Client) GetSecret

func (v Client) GetSecret(path string) (*api.Secret, error)

GetSecret uses the given path to fetch a secret from vault

func (Client) MustRevokeToken added in v1.130.0

func (v Client) MustRevokeToken()

MustRevokeToken same as RevokeToken but the programm is terminated with an error if this fails. Should be used in defer statements only.

func (Client) RevokeToken added in v1.130.0

func (v Client) RevokeToken() error

RevokeToken revokes the token which is currently used. The client can't be used anymore after this function was called.

func (*Client) SetAppRoleMountPoint added in v1.108.0

func (v *Client) SetAppRoleMountPoint(appRoleMountpoint string)

SetAppRoleMountPoint sets the path under which the approle auth backend is mounted

func (Client) WriteKvSecret added in v1.140.0

func (v Client) WriteKvSecret(path string, newSecret map[string]string) error

WriteKvSecret writes secret to kv engine

type Config added in v1.108.0

type Config struct {
	*api.Config
	AppRoleMountPoint string
	Namespace         string
}

Config contains the vault client configuration

type JwtPayload added in v1.361.0

type JwtPayload struct {
	Expire int64 `json:"exp"`
}

type VaultCredentials added in v1.361.0

type VaultCredentials struct {
	AppRoleID       string
	AppRoleSecretID string
	VaultToken      string
}

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL