vault

package
v1.408.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Nov 27, 2024 License: Apache-2.0 Imports: 15 Imported by: 4

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Client

type Client struct {
	// contains filtered or unexported fields
}

Client handles communication with Vault

func NewClient

func NewClient(cfg *ClientConfig) (*Client, error)

func NewClientWithToken added in v1.398.0

func NewClientWithToken(cfg *ClientConfig, token string) (*Client, error)

func (*Client) GenerateNewAppRoleSecret added in v1.108.0

func (c *Client) GenerateNewAppRoleSecret(secretID, appRoleName string) (string, error)

GenerateNewAppRoleSecret creates a new secret-id

func (*Client) GetAppRoleName added in v1.108.0

func (c *Client) GetAppRoleName() (string, error)

GetAppRoleName returns the AppRole role name which was used to authenticate. Returns "" when AppRole authentication wasn't used

func (*Client) GetAppRoleSecretIDTtl added in v1.108.0

func (c *Client) GetAppRoleSecretIDTtl(secretID, roleName string) (time.Duration, error)

GetAppRoleSecretIDTtl returns the remaining time until the given secret-id expires

func (*Client) GetKvSecret

func (c *Client) GetKvSecret(path string) (map[string]string, error)

GetKvSecret reads secret from the KV engine. It Automatically transforms the logical path to the HTTP API Path for the corresponding KV Engine version

func (*Client) GetOIDCTokenByValidation added in v1.361.0

func (c *Client) GetOIDCTokenByValidation(roleID string) (string, error)

GetOIDCTokenByValidation returns the token if token is expired then get a new token else return old token

func (*Client) GetSecret

func (c *Client) GetSecret(path string) (*api.Secret, error)

GetSecret uses the given path to fetch a secret from vault

func (*Client) MustRevokeToken added in v1.130.0

func (c *Client) MustRevokeToken()

MustRevokeToken same as RevokeToken but the program is terminated with an error if this fails. Should be used in defer statements only.

func (*Client) RevokeToken added in v1.130.0

func (c *Client) RevokeToken() error

RevokeToken revokes the token which is currently used. The client can't be used anymore after this function was called.

func (*Client) WriteKvSecret added in v1.140.0

func (c *Client) WriteKvSecret(path string, newSecret map[string]string) error

WriteKvSecret writes secret to kv engine

type ClientConfig added in v1.398.0

type ClientConfig struct {
	*vaultAPI.Config
	Namespace         string
	AppRoleMountPoint string
	RoleID            string
	SecretID          string
}

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL