pb

package
v0.9.5 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Feb 26, 2018 License: MPL-2.0 Imports: 13 Imported by: 0

Documentation ¶

Overview ¶

Package pb is a generated protocol buffer package.

It is generated from these files:

logical/plugin/pb/backend.proto

It has these top-level messages:

Empty
Header
ProtoError
Paths
Request
Alias
Auth
LeaseOptions
Secret
Response
ResponseWrapInfo
RequestWrapInfo
HandleRequestArgs
HandleRequestReply
SpecialPathsReply
HandleExistenceCheckArgs
HandleExistenceCheckReply
SetupArgs
SetupReply
TypeReply
InvalidateKeyArgs
StorageEntry
StorageListArgs
StorageListReply
StorageGetArgs
StorageGetReply
StoragePutArgs
StoragePutReply
StorageDeleteArgs
StorageDeleteReply
TTLReply
SudoPrivilegeArgs
SudoPrivilegeReply
TaintedReply
CachingDisabledReply
ReplicationStateReply
ResponseWrapDataArgs
ResponseWrapDataReply
MlockEnabledReply
LocalMountReply
Connection

Index ¶

Constants ¶

View Source
const (
	ErrTypeUnknown uint32 = iota
	ErrTypeUserError
	ErrTypeInternalError
	ErrTypeCodedError
	ErrTypeStatusBadRequest
	ErrTypeUnsupportedOperation
	ErrTypeUnsupportedPath
	ErrTypeInvalidRequest
	ErrTypePermissionDenied
	ErrTypeMultiAuthzPending
)

Variables ¶

This section is empty.

Functions ¶

func ErrToString ¶

func ErrToString(e error) string

func ProtoAliasToLogicalAlias ¶

func ProtoAliasToLogicalAlias(a *Alias) *logical.Alias

func ProtoAuthToLogicalAuth ¶

func ProtoAuthToLogicalAuth(a *Auth) (*logical.Auth, error)

func ProtoConnectionToLogicalConnection ¶ added in v0.9.4

func ProtoConnectionToLogicalConnection(c *Connection) *logical.Connection

func ProtoErrToErr ¶

func ProtoErrToErr(e *ProtoError) error

func ProtoLeaseOptionsToLogicalLeaseOptions ¶

func ProtoLeaseOptionsToLogicalLeaseOptions(l *LeaseOptions) (logical.LeaseOptions, error)

func ProtoRequestToLogicalRequest ¶

func ProtoRequestToLogicalRequest(r *Request) (*logical.Request, error)

func ProtoRequestWrapInfoToLogicalRequestWrapInfo ¶

func ProtoRequestWrapInfoToLogicalRequestWrapInfo(i *RequestWrapInfo) *logical.RequestWrapInfo

func ProtoResponseToLogicalResponse ¶

func ProtoResponseToLogicalResponse(r *Response) (*logical.Response, error)

func ProtoResponseWrapInfoToLogicalResponseWrapInfo ¶

func ProtoResponseWrapInfoToLogicalResponseWrapInfo(i *ResponseWrapInfo) (*wrapping.ResponseWrapInfo, error)

func ProtoSecretToLogicalSecret ¶

func ProtoSecretToLogicalSecret(s *Secret) (*logical.Secret, error)

func ProtoStorageEntryToLogicalStorageEntry ¶

func ProtoStorageEntryToLogicalStorageEntry(e *StorageEntry) *logical.StorageEntry

func RegisterBackendServer ¶

func RegisterBackendServer(s *grpc.Server, srv BackendServer)

func RegisterStorageServer ¶

func RegisterStorageServer(s *grpc.Server, srv StorageServer)

func RegisterSystemViewServer ¶

func RegisterSystemViewServer(s *grpc.Server, srv SystemViewServer)

Types ¶

type Alias ¶

type Alias struct {
	// MountType is the backend mount's type to which this identity belongs
	MountType string `sentinel:"" protobuf:"bytes,1,opt,name=mount_type,json=mountType" json:"mount_type,omitempty"`
	// MountAccessor is the identifier of the mount entry to which this
	// identity belongs
	MountAccessor string `sentinel:"" protobuf:"bytes,2,opt,name=mount_accessor,json=mountAccessor" json:"mount_accessor,omitempty"`
	// Name is the identifier of this identity in its authentication source
	Name string `sentinel:"" protobuf:"bytes,3,opt,name=name" json:"name,omitempty"`
}

func LogicalAliasToProtoAlias ¶

func LogicalAliasToProtoAlias(a *logical.Alias) *Alias

func (*Alias) Descriptor ¶

func (*Alias) Descriptor() ([]byte, []int)

func (*Alias) GetMountAccessor ¶

func (m *Alias) GetMountAccessor() string

func (*Alias) GetMountType ¶

func (m *Alias) GetMountType() string

func (*Alias) GetName ¶

func (m *Alias) GetName() string

func (*Alias) ProtoMessage ¶

func (*Alias) ProtoMessage()

func (*Alias) Reset ¶

func (m *Alias) Reset()

func (*Alias) String ¶

func (m *Alias) String() string

type Auth ¶

type Auth struct {
	LeaseOptions *LeaseOptions `sentinel:"" protobuf:"bytes,1,opt,name=lease_options,json=leaseOptions" json:"lease_options,omitempty"`
	// InternalData is a JSON object that is stored with the auth struct.
	// This will be sent back during a Renew/Revoke for storing internal data
	// used for those operations.
	InternalData string `sentinel:"" protobuf:"bytes,2,opt,name=internal_data,json=internalData" json:"internal_data,omitempty"`
	// DisplayName is a non-security sensitive identifier that is
	// applicable to this Auth. It is used for logging and prefixing
	// of dynamic secrets. For example, DisplayName may be "armon" for
	// the github credential backend. If the client token is used to
	// generate a SQL credential, the user may be "github-armon-uuid".
	// This is to help identify the source without using audit tables.
	DisplayName string `sentinel:"" protobuf:"bytes,3,opt,name=display_name,json=displayName" json:"display_name,omitempty"`
	// Policies is the list of policies that the authenticated user
	// is associated with.
	Policies []string `sentinel:"" protobuf:"bytes,4,rep,name=policies" json:"policies,omitempty"`
	// Metadata is used to attach arbitrary string-type metadata to
	// an authenticated user. This metadata will be outputted into the
	// audit log.
	Metadata map[string]string `` /* 148-byte string literal not displayed */
	// ClientToken is the token that is generated for the authentication.
	// This will be filled in by Vault core when an auth structure is
	// returned. Setting this manually will have no effect.
	ClientToken string `sentinel:"" protobuf:"bytes,6,opt,name=client_token,json=clientToken" json:"client_token,omitempty"`
	// Accessor is the identifier for the ClientToken. This can be used
	// to perform management functionalities (especially revocation) when
	// ClientToken in the audit logs are obfuscated. Accessor can be used
	// to revoke a ClientToken and to lookup the capabilities of the ClientToken,
	// both without actually knowing the ClientToken.
	Accessor string `sentinel:"" protobuf:"bytes,7,opt,name=accessor" json:"accessor,omitempty"`
	// Period indicates that the token generated using this Auth object
	// should never expire. The token should be renewed within the duration
	// specified by this period.
	Period int64 `sentinel:"" protobuf:"varint,8,opt,name=period" json:"period,omitempty"`
	// Number of allowed uses of the issued token
	NumUses int64 `sentinel:"" protobuf:"varint,9,opt,name=num_uses,json=numUses" json:"num_uses,omitempty"`
	// EntityID is the identifier of the entity in identity store to which the
	// identity of the authenticating client belongs to.
	EntityID string `sentinel:"" protobuf:"bytes,10,opt,name=entity_id,json=entityId" json:"entity_id,omitempty"`
	// Alias is the information about the authenticated client returned by
	// the auth backend
	Alias *Alias `sentinel:"" protobuf:"bytes,11,opt,name=alias" json:"alias,omitempty"`
	// GroupAliases are the informational mappings of external groups which an
	// authenticated user belongs to. This is used to check if there are
	// mappings groups for the group aliases in identity store. For all the
	// matching groups, the entity ID of the user will be added.
	GroupAliases []*Alias `sentinel:"" protobuf:"bytes,12,rep,name=group_aliases,json=groupAliases" json:"group_aliases,omitempty"`
}

func LogicalAuthToProtoAuth ¶

func LogicalAuthToProtoAuth(a *logical.Auth) (*Auth, error)

func (*Auth) Descriptor ¶

func (*Auth) Descriptor() ([]byte, []int)

func (*Auth) GetAccessor ¶

func (m *Auth) GetAccessor() string

func (*Auth) GetAlias ¶

func (m *Auth) GetAlias() *Alias

func (*Auth) GetClientToken ¶

func (m *Auth) GetClientToken() string

func (*Auth) GetDisplayName ¶

func (m *Auth) GetDisplayName() string

func (*Auth) GetEntityID ¶

func (m *Auth) GetEntityID() string

func (*Auth) GetGroupAliases ¶

func (m *Auth) GetGroupAliases() []*Alias

func (*Auth) GetInternalData ¶

func (m *Auth) GetInternalData() string

func (*Auth) GetLeaseOptions ¶

func (m *Auth) GetLeaseOptions() *LeaseOptions

func (*Auth) GetMetadata ¶

func (m *Auth) GetMetadata() map[string]string

func (*Auth) GetNumUses ¶

func (m *Auth) GetNumUses() int64

func (*Auth) GetPeriod ¶

func (m *Auth) GetPeriod() int64

func (*Auth) GetPolicies ¶

func (m *Auth) GetPolicies() []string

func (*Auth) ProtoMessage ¶

func (*Auth) ProtoMessage()

func (*Auth) Reset ¶

func (m *Auth) Reset()

func (*Auth) String ¶

func (m *Auth) String() string

type BackendClient ¶

type BackendClient interface {
	// HandleRequest is used to handle a request and generate a response.
	// The plugins must check the operation type and handle appropriately.
	HandleRequest(ctx context.Context, in *HandleRequestArgs, opts ...grpc.CallOption) (*HandleRequestReply, error)
	// SpecialPaths is a list of paths that are special in some way.
	// See PathType for the types of special paths. The key is the type
	// of the special path, and the value is a list of paths for this type.
	// This is not a regular expression but is an exact match. If the path
	// ends in '*' then it is a prefix-based match. The '*' can only appear
	// at the end.
	SpecialPaths(ctx context.Context, in *Empty, opts ...grpc.CallOption) (*SpecialPathsReply, error)
	// HandleExistenceCheck is used to handle a request and generate a response
	// indicating whether the given path exists or not; this is used to
	// understand whether the request must have a Create or Update capability
	// ACL applied. The first bool indicates whether an existence check
	// function was found for the backend; the second indicates whether, if an
	// existence check function was found, the item exists or not.
	HandleExistenceCheck(ctx context.Context, in *HandleExistenceCheckArgs, opts ...grpc.CallOption) (*HandleExistenceCheckReply, error)
	// Cleanup is invoked during an unmount of a backend to allow it to
	// handle any cleanup like connection closing or releasing of file handles.
	// Cleanup is called right before Vault closes the plugin process.
	Cleanup(ctx context.Context, in *Empty, opts ...grpc.CallOption) (*Empty, error)
	// InvalidateKey may be invoked when an object is modified that belongs
	// to the backend. The backend can use this to clear any caches or reset
	// internal state as needed.
	InvalidateKey(ctx context.Context, in *InvalidateKeyArgs, opts ...grpc.CallOption) (*Empty, error)
	// Setup is used to set up the backend based on the provided backend
	// configuration. The plugin's setup implementation should use the provided
	// broker_id to create a connection back to Vault for use with the Storage
	// and SystemView clients.
	Setup(ctx context.Context, in *SetupArgs, opts ...grpc.CallOption) (*SetupReply, error)
	// Type returns the BackendType for the particular backend
	Type(ctx context.Context, in *Empty, opts ...grpc.CallOption) (*TypeReply, error)
}

func NewBackendClient ¶

func NewBackendClient(cc *grpc.ClientConn) BackendClient

type BackendServer ¶

type BackendServer interface {
	// HandleRequest is used to handle a request and generate a response.
	// The plugins must check the operation type and handle appropriately.
	HandleRequest(context.Context, *HandleRequestArgs) (*HandleRequestReply, error)
	// SpecialPaths is a list of paths that are special in some way.
	// See PathType for the types of special paths. The key is the type
	// of the special path, and the value is a list of paths for this type.
	// This is not a regular expression but is an exact match. If the path
	// ends in '*' then it is a prefix-based match. The '*' can only appear
	// at the end.
	SpecialPaths(context.Context, *Empty) (*SpecialPathsReply, error)
	// HandleExistenceCheck is used to handle a request and generate a response
	// indicating whether the given path exists or not; this is used to
	// understand whether the request must have a Create or Update capability
	// ACL applied. The first bool indicates whether an existence check
	// function was found for the backend; the second indicates whether, if an
	// existence check function was found, the item exists or not.
	HandleExistenceCheck(context.Context, *HandleExistenceCheckArgs) (*HandleExistenceCheckReply, error)
	// Cleanup is invoked during an unmount of a backend to allow it to
	// handle any cleanup like connection closing or releasing of file handles.
	// Cleanup is called right before Vault closes the plugin process.
	Cleanup(context.Context, *Empty) (*Empty, error)
	// InvalidateKey may be invoked when an object is modified that belongs
	// to the backend. The backend can use this to clear any caches or reset
	// internal state as needed.
	InvalidateKey(context.Context, *InvalidateKeyArgs) (*Empty, error)
	// Setup is used to set up the backend based on the provided backend
	// configuration. The plugin's setup implementation should use the provided
	// broker_id to create a connection back to Vault for use with the Storage
	// and SystemView clients.
	Setup(context.Context, *SetupArgs) (*SetupReply, error)
	// Type returns the BackendType for the particular backend
	Type(context.Context, *Empty) (*TypeReply, error)
}

type CachingDisabledReply ¶

type CachingDisabledReply struct {
	Disabled bool `sentinel:"" protobuf:"varint,1,opt,name=disabled" json:"disabled,omitempty"`
}

func (*CachingDisabledReply) Descriptor ¶

func (*CachingDisabledReply) Descriptor() ([]byte, []int)

func (*CachingDisabledReply) GetDisabled ¶

func (m *CachingDisabledReply) GetDisabled() bool

func (*CachingDisabledReply) ProtoMessage ¶

func (*CachingDisabledReply) ProtoMessage()

func (*CachingDisabledReply) Reset ¶

func (m *CachingDisabledReply) Reset()

func (*CachingDisabledReply) String ¶

func (m *CachingDisabledReply) String() string

type Connection ¶ added in v0.9.4

type Connection struct {
	// RemoteAddr is the network address that sent the request.
	RemoteAddr string `sentinel:"" protobuf:"bytes,1,opt,name=remote_addr,json=remoteAddr" json:"remote_addr,omitempty"`
}

func LogicalConnectionToProtoConnection ¶ added in v0.9.4

func LogicalConnectionToProtoConnection(c *logical.Connection) *Connection

func (*Connection) Descriptor ¶ added in v0.9.4

func (*Connection) Descriptor() ([]byte, []int)

func (*Connection) GetRemoteAddr ¶ added in v0.9.4

func (m *Connection) GetRemoteAddr() string

func (*Connection) ProtoMessage ¶ added in v0.9.4

func (*Connection) ProtoMessage()

func (*Connection) Reset ¶ added in v0.9.4

func (m *Connection) Reset()

func (*Connection) String ¶ added in v0.9.4

func (m *Connection) String() string

type Empty ¶

type Empty struct {
}

func (*Empty) Descriptor ¶

func (*Empty) Descriptor() ([]byte, []int)

func (*Empty) ProtoMessage ¶

func (*Empty) ProtoMessage()

func (*Empty) Reset ¶

func (m *Empty) Reset()

func (*Empty) String ¶

func (m *Empty) String() string

type HandleExistenceCheckArgs ¶

type HandleExistenceCheckArgs struct {
	StorageID uint32   `sentinel:"" protobuf:"varint,1,opt,name=storage_id,json=storageId" json:"storage_id,omitempty"`
	Request   *Request `sentinel:"" protobuf:"bytes,2,opt,name=request" json:"request,omitempty"`
}

HandleExistenceCheckArgs is the args for HandleExistenceCheck method.

func (*HandleExistenceCheckArgs) Descriptor ¶

func (*HandleExistenceCheckArgs) Descriptor() ([]byte, []int)

func (*HandleExistenceCheckArgs) GetRequest ¶

func (m *HandleExistenceCheckArgs) GetRequest() *Request

func (*HandleExistenceCheckArgs) GetStorageID ¶

func (m *HandleExistenceCheckArgs) GetStorageID() uint32

func (*HandleExistenceCheckArgs) ProtoMessage ¶

func (*HandleExistenceCheckArgs) ProtoMessage()

func (*HandleExistenceCheckArgs) Reset ¶

func (m *HandleExistenceCheckArgs) Reset()

func (*HandleExistenceCheckArgs) String ¶

func (m *HandleExistenceCheckArgs) String() string

type HandleExistenceCheckReply ¶

type HandleExistenceCheckReply struct {
	CheckFound bool        `sentinel:"" protobuf:"varint,1,opt,name=check_found,json=checkFound" json:"check_found,omitempty"`
	Exists     bool        `sentinel:"" protobuf:"varint,2,opt,name=exists" json:"exists,omitempty"`
	Err        *ProtoError `sentinel:"" protobuf:"bytes,3,opt,name=err" json:"err,omitempty"`
}

HandleExistenceCheckReply is the reply for HandleExistenceCheck method.

func (*HandleExistenceCheckReply) Descriptor ¶

func (*HandleExistenceCheckReply) Descriptor() ([]byte, []int)

func (*HandleExistenceCheckReply) GetCheckFound ¶

func (m *HandleExistenceCheckReply) GetCheckFound() bool

func (*HandleExistenceCheckReply) GetErr ¶

func (*HandleExistenceCheckReply) GetExists ¶

func (m *HandleExistenceCheckReply) GetExists() bool

func (*HandleExistenceCheckReply) ProtoMessage ¶

func (*HandleExistenceCheckReply) ProtoMessage()

func (*HandleExistenceCheckReply) Reset ¶

func (m *HandleExistenceCheckReply) Reset()

func (*HandleExistenceCheckReply) String ¶

func (m *HandleExistenceCheckReply) String() string

type HandleRequestArgs ¶

type HandleRequestArgs struct {
	StorageID uint32   `sentinel:"" protobuf:"varint,1,opt,name=storage_id,json=storageId" json:"storage_id,omitempty"`
	Request   *Request `sentinel:"" protobuf:"bytes,2,opt,name=request" json:"request,omitempty"`
}

HandleRequestArgs is the args for HandleRequest method.

func (*HandleRequestArgs) Descriptor ¶

func (*HandleRequestArgs) Descriptor() ([]byte, []int)

func (*HandleRequestArgs) GetRequest ¶

func (m *HandleRequestArgs) GetRequest() *Request

func (*HandleRequestArgs) GetStorageID ¶

func (m *HandleRequestArgs) GetStorageID() uint32

func (*HandleRequestArgs) ProtoMessage ¶

func (*HandleRequestArgs) ProtoMessage()

func (*HandleRequestArgs) Reset ¶

func (m *HandleRequestArgs) Reset()

func (*HandleRequestArgs) String ¶

func (m *HandleRequestArgs) String() string

type HandleRequestReply ¶

type HandleRequestReply struct {
	Response *Response   `sentinel:"" protobuf:"bytes,1,opt,name=response" json:"response,omitempty"`
	Err      *ProtoError `sentinel:"" protobuf:"bytes,2,opt,name=err" json:"err,omitempty"`
}

HandleRequestReply is the reply for HandleRequest method.

func (*HandleRequestReply) Descriptor ¶

func (*HandleRequestReply) Descriptor() ([]byte, []int)

func (*HandleRequestReply) GetErr ¶

func (m *HandleRequestReply) GetErr() *ProtoError

func (*HandleRequestReply) GetResponse ¶

func (m *HandleRequestReply) GetResponse() *Response

func (*HandleRequestReply) ProtoMessage ¶

func (*HandleRequestReply) ProtoMessage()

func (*HandleRequestReply) Reset ¶

func (m *HandleRequestReply) Reset()

func (*HandleRequestReply) String ¶

func (m *HandleRequestReply) String() string
type Header struct {
	Header []string `sentinel:"" protobuf:"bytes,1,rep,name=header" json:"header,omitempty"`
}

func (*Header) Descriptor ¶

func (*Header) Descriptor() ([]byte, []int)

func (*Header) GetHeader ¶

func (m *Header) GetHeader() []string

func (*Header) ProtoMessage ¶

func (*Header) ProtoMessage()

func (*Header) Reset ¶

func (m *Header) Reset()

func (*Header) String ¶

func (m *Header) String() string

type InvalidateKeyArgs ¶

type InvalidateKeyArgs struct {
	Key string `sentinel:"" protobuf:"bytes,1,opt,name=key" json:"key,omitempty"`
}

func (*InvalidateKeyArgs) Descriptor ¶

func (*InvalidateKeyArgs) Descriptor() ([]byte, []int)

func (*InvalidateKeyArgs) GetKey ¶

func (m *InvalidateKeyArgs) GetKey() string

func (*InvalidateKeyArgs) ProtoMessage ¶

func (*InvalidateKeyArgs) ProtoMessage()

func (*InvalidateKeyArgs) Reset ¶

func (m *InvalidateKeyArgs) Reset()

func (*InvalidateKeyArgs) String ¶

func (m *InvalidateKeyArgs) String() string

type LeaseOptions ¶

type LeaseOptions struct {
	TTL       int64                      `sentinel:"" protobuf:"varint,1,opt,name=TTL" json:"TTL,omitempty"`
	Renewable bool                       `sentinel:"" protobuf:"varint,2,opt,name=renewable" json:"renewable,omitempty"`
	Increment int64                      `sentinel:"" protobuf:"varint,3,opt,name=increment" json:"increment,omitempty"`
	IssueTime *google_protobuf.Timestamp `sentinel:"" protobuf:"bytes,4,opt,name=issue_time,json=issueTime" json:"issue_time,omitempty"`
}

func LogicalLeaseOptionsToProtoLeaseOptions ¶

func LogicalLeaseOptionsToProtoLeaseOptions(l logical.LeaseOptions) (*LeaseOptions, error)

func (*LeaseOptions) Descriptor ¶

func (*LeaseOptions) Descriptor() ([]byte, []int)

func (*LeaseOptions) GetIncrement ¶

func (m *LeaseOptions) GetIncrement() int64

func (*LeaseOptions) GetIssueTime ¶

func (m *LeaseOptions) GetIssueTime() *google_protobuf.Timestamp

func (*LeaseOptions) GetRenewable ¶

func (m *LeaseOptions) GetRenewable() bool

func (*LeaseOptions) GetTTL ¶

func (m *LeaseOptions) GetTTL() int64

func (*LeaseOptions) ProtoMessage ¶

func (*LeaseOptions) ProtoMessage()

func (*LeaseOptions) Reset ¶

func (m *LeaseOptions) Reset()

func (*LeaseOptions) String ¶

func (m *LeaseOptions) String() string

type LocalMountReply ¶ added in v0.9.4

type LocalMountReply struct {
	Local bool `sentinel:"" protobuf:"varint,1,opt,name=local" json:"local,omitempty"`
}

func (*LocalMountReply) Descriptor ¶ added in v0.9.4

func (*LocalMountReply) Descriptor() ([]byte, []int)

func (*LocalMountReply) GetLocal ¶ added in v0.9.4

func (m *LocalMountReply) GetLocal() bool

func (*LocalMountReply) ProtoMessage ¶ added in v0.9.4

func (*LocalMountReply) ProtoMessage()

func (*LocalMountReply) Reset ¶ added in v0.9.4

func (m *LocalMountReply) Reset()

func (*LocalMountReply) String ¶ added in v0.9.4

func (m *LocalMountReply) String() string

type MlockEnabledReply ¶

type MlockEnabledReply struct {
	Enabled bool `sentinel:"" protobuf:"varint,1,opt,name=enabled" json:"enabled,omitempty"`
}

func (*MlockEnabledReply) Descriptor ¶

func (*MlockEnabledReply) Descriptor() ([]byte, []int)

func (*MlockEnabledReply) GetEnabled ¶

func (m *MlockEnabledReply) GetEnabled() bool

func (*MlockEnabledReply) ProtoMessage ¶

func (*MlockEnabledReply) ProtoMessage()

func (*MlockEnabledReply) Reset ¶

func (m *MlockEnabledReply) Reset()

func (*MlockEnabledReply) String ¶

func (m *MlockEnabledReply) String() string

type Paths ¶

type Paths struct {
	// Root are the paths that require a root token to access
	Root []string `sentinel:"" protobuf:"bytes,1,rep,name=root" json:"root,omitempty"`
	// Unauthenticated are the paths that can be accessed without any auth.
	Unauthenticated []string `sentinel:"" protobuf:"bytes,2,rep,name=unauthenticated" json:"unauthenticated,omitempty"`
	// LocalStorage are paths (prefixes) that are local to this instance; this
	// indicates that these paths should not be replicated
	LocalStorage []string `sentinel:"" protobuf:"bytes,3,rep,name=local_storage,json=localStorage" json:"local_storage,omitempty"`
	// SealWrapStorage are storage paths that, when using a capable seal,
	// should be seal wrapped with extra encryption. It is exact matching
	// unless it ends with '/' in which case it will be treated as a prefix.
	SealWrapStorage []string `sentinel:"" protobuf:"bytes,4,rep,name=seal_wrap_storage,json=sealWrapStorage" json:"seal_wrap_storage,omitempty"`
}

Paths is the structure of special paths that is used for SpecialPaths.

func (*Paths) Descriptor ¶

func (*Paths) Descriptor() ([]byte, []int)

func (*Paths) GetLocalStorage ¶

func (m *Paths) GetLocalStorage() []string

func (*Paths) GetRoot ¶

func (m *Paths) GetRoot() []string

func (*Paths) GetSealWrapStorage ¶

func (m *Paths) GetSealWrapStorage() []string

func (*Paths) GetUnauthenticated ¶

func (m *Paths) GetUnauthenticated() []string

func (*Paths) ProtoMessage ¶

func (*Paths) ProtoMessage()

func (*Paths) Reset ¶

func (m *Paths) Reset()

func (*Paths) String ¶

func (m *Paths) String() string

type ProtoError ¶

type ProtoError struct {
	// Error type can be one of:
	// ErrTypeUnknown uint32 = iota
	// ErrTypeUserError
	// ErrTypeInternalError
	// ErrTypeCodedError
	// ErrTypeStatusBadRequest
	// ErrTypeUnsupportedOperation
	// ErrTypeUnsupportedPath
	// ErrTypeInvalidRequest
	// ErrTypePermissionDenied
	// ErrTypeMultiAuthzPending
	ErrType uint32 `sentinel:"" protobuf:"varint,1,opt,name=err_type,json=errType" json:"err_type,omitempty"`
	ErrMsg  string `sentinel:"" protobuf:"bytes,2,opt,name=err_msg,json=errMsg" json:"err_msg,omitempty"`
	ErrCode int64  `sentinel:"" protobuf:"varint,3,opt,name=err_code,json=errCode" json:"err_code,omitempty"`
}

func ErrToProtoErr ¶

func ErrToProtoErr(e error) *ProtoError

func (*ProtoError) Descriptor ¶

func (*ProtoError) Descriptor() ([]byte, []int)

func (*ProtoError) GetErrCode ¶

func (m *ProtoError) GetErrCode() int64

func (*ProtoError) GetErrMsg ¶

func (m *ProtoError) GetErrMsg() string

func (*ProtoError) GetErrType ¶

func (m *ProtoError) GetErrType() uint32

func (*ProtoError) ProtoMessage ¶

func (*ProtoError) ProtoMessage()

func (*ProtoError) Reset ¶

func (m *ProtoError) Reset()

func (*ProtoError) String ¶

func (m *ProtoError) String() string

type ReplicationStateReply ¶

type ReplicationStateReply struct {
	State int32 `sentinel:"" protobuf:"varint,1,opt,name=state" json:"state,omitempty"`
}

func (*ReplicationStateReply) Descriptor ¶

func (*ReplicationStateReply) Descriptor() ([]byte, []int)

func (*ReplicationStateReply) GetState ¶

func (m *ReplicationStateReply) GetState() int32

func (*ReplicationStateReply) ProtoMessage ¶

func (*ReplicationStateReply) ProtoMessage()

func (*ReplicationStateReply) Reset ¶

func (m *ReplicationStateReply) Reset()

func (*ReplicationStateReply) String ¶

func (m *ReplicationStateReply) String() string

type Request ¶

type Request struct {
	// ID is the uuid associated with each request
	ID string `sentinel:"" protobuf:"bytes,1,opt,name=id" json:"id,omitempty"`
	// If set, the name given to the replication secondary where this request
	// originated
	ReplicationCluster string `sentinel:"" protobuf:"bytes,2,opt,name=ReplicationCluster" json:"ReplicationCluster,omitempty"`
	// Operation is the requested operation type
	Operation string `sentinel:"" protobuf:"bytes,3,opt,name=operation" json:"operation,omitempty"`
	// Path is the part of the request path not consumed by the
	// routing. As an example, if the original request path is "prod/aws/foo"
	// and the AWS logical backend is mounted at "prod/aws/", then the
	// final path is "foo" since the mount prefix is trimmed.
	Path string `sentinel:"" protobuf:"bytes,4,opt,name=path" json:"path,omitempty"`
	// Request data is a JSON object that must have keys with string type.
	Data string `sentinel:"" protobuf:"bytes,5,opt,name=data" json:"data,omitempty"`
	// Secret will be non-nil only for Revoke and Renew operations
	// to represent the secret that was returned prior.
	Secret *Secret `sentinel:"" protobuf:"bytes,6,opt,name=secret" json:"secret,omitempty"`
	// Auth will be non-nil only for Renew operations
	// to represent the auth that was returned prior.
	Auth *Auth `sentinel:"" protobuf:"bytes,7,opt,name=auth" json:"auth,omitempty"`
	// Headers will contain the http headers from the request. This value will
	// be used in the audit broker to ensure we are auditing only the allowed
	// headers.
	Headers map[string]*Header `` /* 146-byte string literal not displayed */
	// ClientToken is provided to the core so that the identity
	// can be verified and ACLs applied. This value is passed
	// through to the logical backends but after being salted and
	// hashed.
	ClientToken string `sentinel:"" protobuf:"bytes,9,opt,name=client_token,json=clientToken" json:"client_token,omitempty"`
	// ClientTokenAccessor is provided to the core so that the it can get
	// logged as part of request audit logging.
	ClientTokenAccessor string `` /* 126-byte string literal not displayed */
	// DisplayName is provided to the logical backend to help associate
	// dynamic secrets with the source entity. This is not a sensitive
	// name, but is useful for operators.
	DisplayName string `sentinel:"" protobuf:"bytes,11,opt,name=display_name,json=displayName" json:"display_name,omitempty"`
	// MountPoint is provided so that a logical backend can generate
	// paths relative to itself. The `Path` is effectively the client
	// request path with the MountPoint trimmed off.
	MountPoint string `sentinel:"" protobuf:"bytes,12,opt,name=mount_point,json=mountPoint" json:"mount_point,omitempty"`
	// MountType is provided so that a logical backend can make decisions
	// based on the specific mount type (e.g., if a mount type has different
	// aliases, generating different defaults depending on the alias)
	MountType string `sentinel:"" protobuf:"bytes,13,opt,name=mount_type,json=mountType" json:"mount_type,omitempty"`
	// MountAccessor is provided so that identities returned by the authentication
	// backends can be tied to the mount it belongs to.
	MountAccessor string `sentinel:"" protobuf:"bytes,14,opt,name=mount_accessor,json=mountAccessor" json:"mount_accessor,omitempty"`
	// WrapInfo contains requested response wrapping parameters
	WrapInfo *RequestWrapInfo `sentinel:"" protobuf:"bytes,15,opt,name=wrap_info,json=wrapInfo" json:"wrap_info,omitempty"`
	// ClientTokenRemainingUses represents the allowed number of uses left on the
	// token supplied
	ClientTokenRemainingUses int64 `` /* 144-byte string literal not displayed */
	// EntityID is the identity of the caller extracted out of the token used
	// to make this request
	EntityID string `sentinel:"" protobuf:"bytes,17,opt,name=entity_id,json=entityId" json:"entity_id,omitempty"`
	// PolicyOverride indicates that the requestor wishes to override
	// soft-mandatory Sentinel policies
	PolicyOverride bool `sentinel:"" protobuf:"varint,18,opt,name=policy_override,json=policyOverride" json:"policy_override,omitempty"`
	// Whether the request is unauthenticated, as in, had no client token
	// attached. Useful in some situations where the client token is not made
	// accessible.
	Unauthenticated bool `sentinel:"" protobuf:"varint,19,opt,name=unauthenticated" json:"unauthenticated,omitempty"`
	// Connection will be non-nil only for credential providers to
	// inspect the connection information and potentially use it for
	// authentication/protection.
	Connection *Connection `sentinel:"" protobuf:"bytes,20,opt,name=connection" json:"connection,omitempty"`
}

func LogicalRequestToProtoRequest ¶

func LogicalRequestToProtoRequest(r *logical.Request) (*Request, error)

func (*Request) Descriptor ¶

func (*Request) Descriptor() ([]byte, []int)

func (*Request) GetAuth ¶

func (m *Request) GetAuth() *Auth

func (*Request) GetClientToken ¶

func (m *Request) GetClientToken() string

func (*Request) GetClientTokenAccessor ¶

func (m *Request) GetClientTokenAccessor() string

func (*Request) GetClientTokenRemainingUses ¶

func (m *Request) GetClientTokenRemainingUses() int64

func (*Request) GetConnection ¶ added in v0.9.4

func (m *Request) GetConnection() *Connection

func (*Request) GetData ¶

func (m *Request) GetData() string

func (*Request) GetDisplayName ¶

func (m *Request) GetDisplayName() string

func (*Request) GetEntityID ¶

func (m *Request) GetEntityID() string

func (*Request) GetHeaders ¶

func (m *Request) GetHeaders() map[string]*Header

func (*Request) GetID ¶

func (m *Request) GetID() string

func (*Request) GetMountAccessor ¶

func (m *Request) GetMountAccessor() string

func (*Request) GetMountPoint ¶

func (m *Request) GetMountPoint() string

func (*Request) GetMountType ¶

func (m *Request) GetMountType() string

func (*Request) GetOperation ¶

func (m *Request) GetOperation() string

func (*Request) GetPath ¶

func (m *Request) GetPath() string

func (*Request) GetPolicyOverride ¶

func (m *Request) GetPolicyOverride() bool

func (*Request) GetReplicationCluster ¶

func (m *Request) GetReplicationCluster() string

func (*Request) GetSecret ¶

func (m *Request) GetSecret() *Secret

func (*Request) GetUnauthenticated ¶

func (m *Request) GetUnauthenticated() bool

func (*Request) GetWrapInfo ¶

func (m *Request) GetWrapInfo() *RequestWrapInfo

func (*Request) ProtoMessage ¶

func (*Request) ProtoMessage()

func (*Request) Reset ¶

func (m *Request) Reset()

func (*Request) String ¶

func (m *Request) String() string

type RequestWrapInfo ¶

type RequestWrapInfo struct {
	// Setting to non-zero specifies that the response should be wrapped.
	// Specifies the desired TTL of the wrapping token.
	TTL int64 `sentinel:"" protobuf:"varint,1,opt,name=TTL" json:"TTL,omitempty"`
	// The format to use for the wrapped response; if not specified it's a bare
	// token
	Format string `sentinel:"" protobuf:"bytes,2,opt,name=format" json:"format,omitempty"`
	// A flag to conforming backends that data for a given request should be
	// seal wrapped
	SealWrap bool `sentinel:"" protobuf:"varint,3,opt,name=seal_wrap,json=sealWrap" json:"seal_wrap,omitempty"`
}

func LogicalRequestWrapInfoToProtoRequestWrapInfo ¶

func LogicalRequestWrapInfoToProtoRequestWrapInfo(i *logical.RequestWrapInfo) *RequestWrapInfo

func (*RequestWrapInfo) Descriptor ¶

func (*RequestWrapInfo) Descriptor() ([]byte, []int)

func (*RequestWrapInfo) GetFormat ¶

func (m *RequestWrapInfo) GetFormat() string

func (*RequestWrapInfo) GetSealWrap ¶

func (m *RequestWrapInfo) GetSealWrap() bool

func (*RequestWrapInfo) GetTTL ¶

func (m *RequestWrapInfo) GetTTL() int64

func (*RequestWrapInfo) ProtoMessage ¶

func (*RequestWrapInfo) ProtoMessage()

func (*RequestWrapInfo) Reset ¶

func (m *RequestWrapInfo) Reset()

func (*RequestWrapInfo) String ¶

func (m *RequestWrapInfo) String() string

type Response ¶

type Response struct {
	// Secret, if not nil, denotes that this response represents a secret.
	Secret *Secret `sentinel:"" protobuf:"bytes,1,opt,name=secret" json:"secret,omitempty"`
	// Auth, if not nil, contains the authentication information for
	// this response. This is only checked and means something for
	// credential backends.
	Auth *Auth `sentinel:"" protobuf:"bytes,2,opt,name=auth" json:"auth,omitempty"`
	// Response data is a JSON object that must have string keys. For
	// secrets, this data is sent down to the user as-is. To store internal
	// data that you don't want the user to see, store it in
	// Secret.InternalData.
	Data string `sentinel:"" protobuf:"bytes,3,opt,name=data" json:"data,omitempty"`
	// Redirect is an HTTP URL to redirect to for further authentication.
	// This is only valid for credential backends. This will be blanked
	// for any logical backend and ignored.
	Redirect string `sentinel:"" protobuf:"bytes,4,opt,name=redirect" json:"redirect,omitempty"`
	// Warnings allow operations or backends to return warnings in response
	// to user actions without failing the action outright.
	Warnings []string `sentinel:"" protobuf:"bytes,5,rep,name=warnings" json:"warnings,omitempty"`
	// Information for wrapping the response in a cubbyhole
	WrapInfo *ResponseWrapInfo `sentinel:"" protobuf:"bytes,6,opt,name=wrap_info,json=wrapInfo" json:"wrap_info,omitempty"`
}

func LogicalResponseToProtoResponse ¶

func LogicalResponseToProtoResponse(r *logical.Response) (*Response, error)

func (*Response) Descriptor ¶

func (*Response) Descriptor() ([]byte, []int)

func (*Response) GetAuth ¶

func (m *Response) GetAuth() *Auth

func (*Response) GetData ¶

func (m *Response) GetData() string

func (*Response) GetRedirect ¶

func (m *Response) GetRedirect() string

func (*Response) GetSecret ¶

func (m *Response) GetSecret() *Secret

func (*Response) GetWarnings ¶

func (m *Response) GetWarnings() []string

func (*Response) GetWrapInfo ¶

func (m *Response) GetWrapInfo() *ResponseWrapInfo

func (*Response) ProtoMessage ¶

func (*Response) ProtoMessage()

func (*Response) Reset ¶

func (m *Response) Reset()

func (*Response) String ¶

func (m *Response) String() string

type ResponseWrapDataArgs ¶

type ResponseWrapDataArgs struct {
	Data string `sentinel:"" protobuf:"bytes,1,opt,name=data" json:"data,omitempty"`
	TTL  int64  `sentinel:"" protobuf:"varint,2,opt,name=TTL" json:"TTL,omitempty"`
	JWT  bool   `sentinel:"" protobuf:"varint,3,opt,name=JWT" json:"JWT,omitempty"`
}

func (*ResponseWrapDataArgs) Descriptor ¶

func (*ResponseWrapDataArgs) Descriptor() ([]byte, []int)

func (*ResponseWrapDataArgs) GetData ¶

func (m *ResponseWrapDataArgs) GetData() string

func (*ResponseWrapDataArgs) GetJWT ¶

func (m *ResponseWrapDataArgs) GetJWT() bool

func (*ResponseWrapDataArgs) GetTTL ¶

func (m *ResponseWrapDataArgs) GetTTL() int64

func (*ResponseWrapDataArgs) ProtoMessage ¶

func (*ResponseWrapDataArgs) ProtoMessage()

func (*ResponseWrapDataArgs) Reset ¶

func (m *ResponseWrapDataArgs) Reset()

func (*ResponseWrapDataArgs) String ¶

func (m *ResponseWrapDataArgs) String() string

type ResponseWrapDataReply ¶

type ResponseWrapDataReply struct {
	WrapInfo *ResponseWrapInfo `sentinel:"" protobuf:"bytes,1,opt,name=wrap_info,json=wrapInfo" json:"wrap_info,omitempty"`
	Err      string            `sentinel:"" protobuf:"bytes,2,opt,name=err" json:"err,omitempty"`
}

func (*ResponseWrapDataReply) Descriptor ¶

func (*ResponseWrapDataReply) Descriptor() ([]byte, []int)

func (*ResponseWrapDataReply) GetErr ¶

func (m *ResponseWrapDataReply) GetErr() string

func (*ResponseWrapDataReply) GetWrapInfo ¶

func (m *ResponseWrapDataReply) GetWrapInfo() *ResponseWrapInfo

func (*ResponseWrapDataReply) ProtoMessage ¶

func (*ResponseWrapDataReply) ProtoMessage()

func (*ResponseWrapDataReply) Reset ¶

func (m *ResponseWrapDataReply) Reset()

func (*ResponseWrapDataReply) String ¶

func (m *ResponseWrapDataReply) String() string

type ResponseWrapInfo ¶

type ResponseWrapInfo struct {
	// Setting to non-zero specifies that the response should be wrapped.
	// Specifies the desired TTL of the wrapping token.
	TTL int64 `sentinel:"" protobuf:"varint,1,opt,name=TTL" json:"TTL,omitempty"`
	// The token containing the wrapped response
	Token string `sentinel:"" protobuf:"bytes,2,opt,name=token" json:"token,omitempty"`
	// The token accessor for the wrapped response token
	Accessor string `sentinel:"" protobuf:"bytes,3,opt,name=accessor" json:"accessor,omitempty"`
	// The creation time. This can be used with the TTL to figure out an
	// expected expiration.
	CreationTime *google_protobuf.Timestamp `sentinel:"" protobuf:"bytes,4,opt,name=creation_time,json=creationTime" json:"creation_time,omitempty"`
	// If the contained response is the output of a token creation call, the
	// created token's accessor will be accessible here
	WrappedAccessor string `sentinel:"" protobuf:"bytes,5,opt,name=wrapped_accessor,json=wrappedAccessor" json:"wrapped_accessor,omitempty"`
	// WrappedEntityID is the entity identifier of the caller who initiated the
	// wrapping request
	WrappedEntityID string `sentinel:"" protobuf:"bytes,6,opt,name=wrapped_entity_id,json=wrappedEntityID" json:"wrapped_entity_id,omitempty"`
	// The format to use. This doesn't get returned, it's only internal.
	Format string `sentinel:"" protobuf:"bytes,7,opt,name=format" json:"format,omitempty"`
	// CreationPath is the original request path that was used to create
	// the wrapped response.
	CreationPath string `sentinel:"" protobuf:"bytes,8,opt,name=creation_path,json=creationPath" json:"creation_path,omitempty"`
	// Controls seal wrapping behavior downstream for specific use cases
	SealWrap bool `sentinel:"" protobuf:"varint,9,opt,name=seal_wrap,json=sealWrap" json:"seal_wrap,omitempty"`
}

func LogicalResponseWrapInfoToProtoResponseWrapInfo ¶

func LogicalResponseWrapInfoToProtoResponseWrapInfo(i *wrapping.ResponseWrapInfo) (*ResponseWrapInfo, error)

func (*ResponseWrapInfo) Descriptor ¶

func (*ResponseWrapInfo) Descriptor() ([]byte, []int)

func (*ResponseWrapInfo) GetAccessor ¶

func (m *ResponseWrapInfo) GetAccessor() string

func (*ResponseWrapInfo) GetCreationPath ¶

func (m *ResponseWrapInfo) GetCreationPath() string

func (*ResponseWrapInfo) GetCreationTime ¶

func (m *ResponseWrapInfo) GetCreationTime() *google_protobuf.Timestamp

func (*ResponseWrapInfo) GetFormat ¶

func (m *ResponseWrapInfo) GetFormat() string

func (*ResponseWrapInfo) GetSealWrap ¶

func (m *ResponseWrapInfo) GetSealWrap() bool

func (*ResponseWrapInfo) GetTTL ¶

func (m *ResponseWrapInfo) GetTTL() int64

func (*ResponseWrapInfo) GetToken ¶

func (m *ResponseWrapInfo) GetToken() string

func (*ResponseWrapInfo) GetWrappedAccessor ¶

func (m *ResponseWrapInfo) GetWrappedAccessor() string

func (*ResponseWrapInfo) GetWrappedEntityID ¶

func (m *ResponseWrapInfo) GetWrappedEntityID() string

func (*ResponseWrapInfo) ProtoMessage ¶

func (*ResponseWrapInfo) ProtoMessage()

func (*ResponseWrapInfo) Reset ¶

func (m *ResponseWrapInfo) Reset()

func (*ResponseWrapInfo) String ¶

func (m *ResponseWrapInfo) String() string

type Secret ¶

type Secret struct {
	LeaseOptions *LeaseOptions `sentinel:"" protobuf:"bytes,1,opt,name=lease_options,json=leaseOptions" json:"lease_options,omitempty"`
	// InternalData is a JSON object that is stored with the secret.
	// This will be sent back during a Renew/Revoke for storing internal data
	// used for those operations.
	InternalData string `sentinel:"" protobuf:"bytes,2,opt,name=internal_data,json=internalData" json:"internal_data,omitempty"`
	// LeaseID is the ID returned to the user to manage this secret.
	// This is generated by Vault core. Any set value will be ignored.
	// For requests, this will always be blank.
	LeaseID string `sentinel:"" protobuf:"bytes,3,opt,name=lease_id,json=leaseId" json:"lease_id,omitempty"`
}

func LogicalSecretToProtoSecret ¶

func LogicalSecretToProtoSecret(s *logical.Secret) (*Secret, error)

func (*Secret) Descriptor ¶

func (*Secret) Descriptor() ([]byte, []int)

func (*Secret) GetInternalData ¶

func (m *Secret) GetInternalData() string

func (*Secret) GetLeaseID ¶

func (m *Secret) GetLeaseID() string

func (*Secret) GetLeaseOptions ¶

func (m *Secret) GetLeaseOptions() *LeaseOptions

func (*Secret) ProtoMessage ¶

func (*Secret) ProtoMessage()

func (*Secret) Reset ¶

func (m *Secret) Reset()

func (*Secret) String ¶

func (m *Secret) String() string

type SetupArgs ¶

type SetupArgs struct {
	BrokerID uint32            `sentinel:"" protobuf:"varint,1,opt,name=broker_id,json=brokerId" json:"broker_id,omitempty"`
	Config   map[string]string `` /* 144-byte string literal not displayed */
}

SetupArgs is the args for Setup method.

func (*SetupArgs) Descriptor ¶

func (*SetupArgs) Descriptor() ([]byte, []int)

func (*SetupArgs) GetBrokerID ¶

func (m *SetupArgs) GetBrokerID() uint32

func (*SetupArgs) GetConfig ¶

func (m *SetupArgs) GetConfig() map[string]string

func (*SetupArgs) ProtoMessage ¶

func (*SetupArgs) ProtoMessage()

func (*SetupArgs) Reset ¶

func (m *SetupArgs) Reset()

func (*SetupArgs) String ¶

func (m *SetupArgs) String() string

type SetupReply ¶

type SetupReply struct {
	Err string `sentinel:"" protobuf:"bytes,1,opt,name=err" json:"err,omitempty"`
}

SetupReply is the reply for Setup method.

func (*SetupReply) Descriptor ¶

func (*SetupReply) Descriptor() ([]byte, []int)

func (*SetupReply) GetErr ¶

func (m *SetupReply) GetErr() string

func (*SetupReply) ProtoMessage ¶

func (*SetupReply) ProtoMessage()

func (*SetupReply) Reset ¶

func (m *SetupReply) Reset()

func (*SetupReply) String ¶

func (m *SetupReply) String() string

type SpecialPathsReply ¶

type SpecialPathsReply struct {
	Paths *Paths `sentinel:"" protobuf:"bytes,1,opt,name=paths" json:"paths,omitempty"`
}

SpecialPathsReply is the reply for SpecialPaths method.

func (*SpecialPathsReply) Descriptor ¶

func (*SpecialPathsReply) Descriptor() ([]byte, []int)

func (*SpecialPathsReply) GetPaths ¶

func (m *SpecialPathsReply) GetPaths() *Paths

func (*SpecialPathsReply) ProtoMessage ¶

func (*SpecialPathsReply) ProtoMessage()

func (*SpecialPathsReply) Reset ¶

func (m *SpecialPathsReply) Reset()

func (*SpecialPathsReply) String ¶

func (m *SpecialPathsReply) String() string

type StorageClient ¶

type StorageClient interface {
	List(ctx context.Context, in *StorageListArgs, opts ...grpc.CallOption) (*StorageListReply, error)
	Get(ctx context.Context, in *StorageGetArgs, opts ...grpc.CallOption) (*StorageGetReply, error)
	Put(ctx context.Context, in *StoragePutArgs, opts ...grpc.CallOption) (*StoragePutReply, error)
	Delete(ctx context.Context, in *StorageDeleteArgs, opts ...grpc.CallOption) (*StorageDeleteReply, error)
}

func NewStorageClient ¶

func NewStorageClient(cc *grpc.ClientConn) StorageClient

type StorageDeleteArgs ¶

type StorageDeleteArgs struct {
	Key string `sentinel:"" protobuf:"bytes,1,opt,name=key" json:"key,omitempty"`
}

func (*StorageDeleteArgs) Descriptor ¶

func (*StorageDeleteArgs) Descriptor() ([]byte, []int)

func (*StorageDeleteArgs) GetKey ¶

func (m *StorageDeleteArgs) GetKey() string

func (*StorageDeleteArgs) ProtoMessage ¶

func (*StorageDeleteArgs) ProtoMessage()

func (*StorageDeleteArgs) Reset ¶

func (m *StorageDeleteArgs) Reset()

func (*StorageDeleteArgs) String ¶

func (m *StorageDeleteArgs) String() string

type StorageDeleteReply ¶

type StorageDeleteReply struct {
	Err string `sentinel:"" protobuf:"bytes,1,opt,name=err" json:"err,omitempty"`
}

func (*StorageDeleteReply) Descriptor ¶

func (*StorageDeleteReply) Descriptor() ([]byte, []int)

func (*StorageDeleteReply) GetErr ¶

func (m *StorageDeleteReply) GetErr() string

func (*StorageDeleteReply) ProtoMessage ¶

func (*StorageDeleteReply) ProtoMessage()

func (*StorageDeleteReply) Reset ¶

func (m *StorageDeleteReply) Reset()

func (*StorageDeleteReply) String ¶

func (m *StorageDeleteReply) String() string

type StorageEntry ¶

type StorageEntry struct {
	Key      string `sentinel:"" protobuf:"bytes,1,opt,name=key" json:"key,omitempty"`
	Value    []byte `sentinel:"" protobuf:"bytes,2,opt,name=value,proto3" json:"value,omitempty"`
	SealWrap bool   `sentinel:"" protobuf:"varint,3,opt,name=seal_wrap,json=sealWrap" json:"seal_wrap,omitempty"`
}

func LogicalStorageEntryToProtoStorageEntry ¶

func LogicalStorageEntryToProtoStorageEntry(e *logical.StorageEntry) *StorageEntry

func (*StorageEntry) Descriptor ¶

func (*StorageEntry) Descriptor() ([]byte, []int)

func (*StorageEntry) GetKey ¶

func (m *StorageEntry) GetKey() string

func (*StorageEntry) GetSealWrap ¶

func (m *StorageEntry) GetSealWrap() bool

func (*StorageEntry) GetValue ¶

func (m *StorageEntry) GetValue() []byte

func (*StorageEntry) ProtoMessage ¶

func (*StorageEntry) ProtoMessage()

func (*StorageEntry) Reset ¶

func (m *StorageEntry) Reset()

func (*StorageEntry) String ¶

func (m *StorageEntry) String() string

type StorageGetArgs ¶

type StorageGetArgs struct {
	Key string `sentinel:"" protobuf:"bytes,1,opt,name=key" json:"key,omitempty"`
}

func (*StorageGetArgs) Descriptor ¶

func (*StorageGetArgs) Descriptor() ([]byte, []int)

func (*StorageGetArgs) GetKey ¶

func (m *StorageGetArgs) GetKey() string

func (*StorageGetArgs) ProtoMessage ¶

func (*StorageGetArgs) ProtoMessage()

func (*StorageGetArgs) Reset ¶

func (m *StorageGetArgs) Reset()

func (*StorageGetArgs) String ¶

func (m *StorageGetArgs) String() string

type StorageGetReply ¶

type StorageGetReply struct {
	Entry *StorageEntry `sentinel:"" protobuf:"bytes,1,opt,name=entry" json:"entry,omitempty"`
	Err   string        `sentinel:"" protobuf:"bytes,2,opt,name=err" json:"err,omitempty"`
}

func (*StorageGetReply) Descriptor ¶

func (*StorageGetReply) Descriptor() ([]byte, []int)

func (*StorageGetReply) GetEntry ¶

func (m *StorageGetReply) GetEntry() *StorageEntry

func (*StorageGetReply) GetErr ¶

func (m *StorageGetReply) GetErr() string

func (*StorageGetReply) ProtoMessage ¶

func (*StorageGetReply) ProtoMessage()

func (*StorageGetReply) Reset ¶

func (m *StorageGetReply) Reset()

func (*StorageGetReply) String ¶

func (m *StorageGetReply) String() string

type StorageListArgs ¶

type StorageListArgs struct {
	Prefix string `sentinel:"" protobuf:"bytes,1,opt,name=prefix" json:"prefix,omitempty"`
}

func (*StorageListArgs) Descriptor ¶

func (*StorageListArgs) Descriptor() ([]byte, []int)

func (*StorageListArgs) GetPrefix ¶

func (m *StorageListArgs) GetPrefix() string

func (*StorageListArgs) ProtoMessage ¶

func (*StorageListArgs) ProtoMessage()

func (*StorageListArgs) Reset ¶

func (m *StorageListArgs) Reset()

func (*StorageListArgs) String ¶

func (m *StorageListArgs) String() string

type StorageListReply ¶

type StorageListReply struct {
	Keys []string `sentinel:"" protobuf:"bytes,1,rep,name=keys" json:"keys,omitempty"`
	Err  string   `sentinel:"" protobuf:"bytes,2,opt,name=err" json:"err,omitempty"`
}

func (*StorageListReply) Descriptor ¶

func (*StorageListReply) Descriptor() ([]byte, []int)

func (*StorageListReply) GetErr ¶

func (m *StorageListReply) GetErr() string

func (*StorageListReply) GetKeys ¶

func (m *StorageListReply) GetKeys() []string

func (*StorageListReply) ProtoMessage ¶

func (*StorageListReply) ProtoMessage()

func (*StorageListReply) Reset ¶

func (m *StorageListReply) Reset()

func (*StorageListReply) String ¶

func (m *StorageListReply) String() string

type StoragePutArgs ¶

type StoragePutArgs struct {
	Entry *StorageEntry `sentinel:"" protobuf:"bytes,1,opt,name=entry" json:"entry,omitempty"`
}

func (*StoragePutArgs) Descriptor ¶

func (*StoragePutArgs) Descriptor() ([]byte, []int)

func (*StoragePutArgs) GetEntry ¶

func (m *StoragePutArgs) GetEntry() *StorageEntry

func (*StoragePutArgs) ProtoMessage ¶

func (*StoragePutArgs) ProtoMessage()

func (*StoragePutArgs) Reset ¶

func (m *StoragePutArgs) Reset()

func (*StoragePutArgs) String ¶

func (m *StoragePutArgs) String() string

type StoragePutReply ¶

type StoragePutReply struct {
	Err string `sentinel:"" protobuf:"bytes,1,opt,name=err" json:"err,omitempty"`
}

func (*StoragePutReply) Descriptor ¶

func (*StoragePutReply) Descriptor() ([]byte, []int)

func (*StoragePutReply) GetErr ¶

func (m *StoragePutReply) GetErr() string

func (*StoragePutReply) ProtoMessage ¶

func (*StoragePutReply) ProtoMessage()

func (*StoragePutReply) Reset ¶

func (m *StoragePutReply) Reset()

func (*StoragePutReply) String ¶

func (m *StoragePutReply) String() string

type SudoPrivilegeArgs ¶

type SudoPrivilegeArgs struct {
	Path  string `sentinel:"" protobuf:"bytes,1,opt,name=path" json:"path,omitempty"`
	Token string `sentinel:"" protobuf:"bytes,2,opt,name=token" json:"token,omitempty"`
}

func (*SudoPrivilegeArgs) Descriptor ¶

func (*SudoPrivilegeArgs) Descriptor() ([]byte, []int)

func (*SudoPrivilegeArgs) GetPath ¶

func (m *SudoPrivilegeArgs) GetPath() string

func (*SudoPrivilegeArgs) GetToken ¶

func (m *SudoPrivilegeArgs) GetToken() string

func (*SudoPrivilegeArgs) ProtoMessage ¶

func (*SudoPrivilegeArgs) ProtoMessage()

func (*SudoPrivilegeArgs) Reset ¶

func (m *SudoPrivilegeArgs) Reset()

func (*SudoPrivilegeArgs) String ¶

func (m *SudoPrivilegeArgs) String() string

type SudoPrivilegeReply ¶

type SudoPrivilegeReply struct {
	Sudo bool `sentinel:"" protobuf:"varint,1,opt,name=sudo" json:"sudo,omitempty"`
}

func (*SudoPrivilegeReply) Descriptor ¶

func (*SudoPrivilegeReply) Descriptor() ([]byte, []int)

func (*SudoPrivilegeReply) GetSudo ¶

func (m *SudoPrivilegeReply) GetSudo() bool

func (*SudoPrivilegeReply) ProtoMessage ¶

func (*SudoPrivilegeReply) ProtoMessage()

func (*SudoPrivilegeReply) Reset ¶

func (m *SudoPrivilegeReply) Reset()

func (*SudoPrivilegeReply) String ¶

func (m *SudoPrivilegeReply) String() string

type SystemViewClient ¶

type SystemViewClient interface {
	// DefaultLeaseTTL returns the default lease TTL set in Vault configuration
	DefaultLeaseTTL(ctx context.Context, in *Empty, opts ...grpc.CallOption) (*TTLReply, error)
	// MaxLeaseTTL returns the max lease TTL set in Vault configuration; backend
	// authors should take care not to issue credentials that last longer than
	// this value, as Vault will revoke them
	MaxLeaseTTL(ctx context.Context, in *Empty, opts ...grpc.CallOption) (*TTLReply, error)
	// SudoPrivilege returns true if given path has sudo privileges
	// for the given client token
	SudoPrivilege(ctx context.Context, in *SudoPrivilegeArgs, opts ...grpc.CallOption) (*SudoPrivilegeReply, error)
	// Tainted, returns true if the mount is tainted. A mount is tainted if it is in the
	// process of being unmounted. This should only be used in special
	// circumstances; a primary use-case is as a guard in revocation functions.
	// If revocation of a backend's leases fails it can keep the unmounting
	// process from being successful. If the reason for this failure is not
	// relevant when the mount is tainted (for instance, saving a CRL to disk
	// when the stored CRL will be removed during the unmounting process
	// anyways), we can ignore the errors to allow unmounting to complete.
	Tainted(ctx context.Context, in *Empty, opts ...grpc.CallOption) (*TaintedReply, error)
	// CachingDisabled returns true if caching is disabled. If true, no caches
	// should be used, despite known slowdowns.
	CachingDisabled(ctx context.Context, in *Empty, opts ...grpc.CallOption) (*CachingDisabledReply, error)
	// ReplicationState indicates the state of cluster replication
	ReplicationState(ctx context.Context, in *Empty, opts ...grpc.CallOption) (*ReplicationStateReply, error)
	// ResponseWrapData wraps the given data in a cubbyhole and returns the
	// token used to unwrap.
	ResponseWrapData(ctx context.Context, in *ResponseWrapDataArgs, opts ...grpc.CallOption) (*ResponseWrapDataReply, error)
	// MlockEnabled returns the configuration setting for enabling mlock on
	// plugins.
	MlockEnabled(ctx context.Context, in *Empty, opts ...grpc.CallOption) (*MlockEnabledReply, error)
	// LocalMount, when run from a system view attached to a request, indicates
	// whether the request is affecting a local mount or not
	LocalMount(ctx context.Context, in *Empty, opts ...grpc.CallOption) (*LocalMountReply, error)
}

func NewSystemViewClient ¶

func NewSystemViewClient(cc *grpc.ClientConn) SystemViewClient

type SystemViewServer ¶

type SystemViewServer interface {
	// DefaultLeaseTTL returns the default lease TTL set in Vault configuration
	DefaultLeaseTTL(context.Context, *Empty) (*TTLReply, error)
	// MaxLeaseTTL returns the max lease TTL set in Vault configuration; backend
	// authors should take care not to issue credentials that last longer than
	// this value, as Vault will revoke them
	MaxLeaseTTL(context.Context, *Empty) (*TTLReply, error)
	// SudoPrivilege returns true if given path has sudo privileges
	// for the given client token
	SudoPrivilege(context.Context, *SudoPrivilegeArgs) (*SudoPrivilegeReply, error)
	// Tainted, returns true if the mount is tainted. A mount is tainted if it is in the
	// process of being unmounted. This should only be used in special
	// circumstances; a primary use-case is as a guard in revocation functions.
	// If revocation of a backend's leases fails it can keep the unmounting
	// process from being successful. If the reason for this failure is not
	// relevant when the mount is tainted (for instance, saving a CRL to disk
	// when the stored CRL will be removed during the unmounting process
	// anyways), we can ignore the errors to allow unmounting to complete.
	Tainted(context.Context, *Empty) (*TaintedReply, error)
	// CachingDisabled returns true if caching is disabled. If true, no caches
	// should be used, despite known slowdowns.
	CachingDisabled(context.Context, *Empty) (*CachingDisabledReply, error)
	// ReplicationState indicates the state of cluster replication
	ReplicationState(context.Context, *Empty) (*ReplicationStateReply, error)
	// ResponseWrapData wraps the given data in a cubbyhole and returns the
	// token used to unwrap.
	ResponseWrapData(context.Context, *ResponseWrapDataArgs) (*ResponseWrapDataReply, error)
	// MlockEnabled returns the configuration setting for enabling mlock on
	// plugins.
	MlockEnabled(context.Context, *Empty) (*MlockEnabledReply, error)
	// LocalMount, when run from a system view attached to a request, indicates
	// whether the request is affecting a local mount or not
	LocalMount(context.Context, *Empty) (*LocalMountReply, error)
}

type TTLReply ¶

type TTLReply struct {
	TTL int64 `sentinel:"" protobuf:"varint,1,opt,name=TTL" json:"TTL,omitempty"`
}

func (*TTLReply) Descriptor ¶

func (*TTLReply) Descriptor() ([]byte, []int)

func (*TTLReply) GetTTL ¶

func (m *TTLReply) GetTTL() int64

func (*TTLReply) ProtoMessage ¶

func (*TTLReply) ProtoMessage()

func (*TTLReply) Reset ¶

func (m *TTLReply) Reset()

func (*TTLReply) String ¶

func (m *TTLReply) String() string

type TaintedReply ¶

type TaintedReply struct {
	Tainted bool `sentinel:"" protobuf:"varint,1,opt,name=tainted" json:"tainted,omitempty"`
}

func (*TaintedReply) Descriptor ¶

func (*TaintedReply) Descriptor() ([]byte, []int)

func (*TaintedReply) GetTainted ¶

func (m *TaintedReply) GetTainted() bool

func (*TaintedReply) ProtoMessage ¶

func (*TaintedReply) ProtoMessage()

func (*TaintedReply) Reset ¶

func (m *TaintedReply) Reset()

func (*TaintedReply) String ¶

func (m *TaintedReply) String() string

type TypeReply ¶

type TypeReply struct {
	Type uint32 `sentinel:"" protobuf:"varint,1,opt,name=type" json:"type,omitempty"`
}

TypeReply is the reply for the Type method.

func (*TypeReply) Descriptor ¶

func (*TypeReply) Descriptor() ([]byte, []int)

func (*TypeReply) GetType ¶

func (m *TypeReply) GetType() uint32

func (*TypeReply) ProtoMessage ¶

func (*TypeReply) ProtoMessage()

func (*TypeReply) Reset ¶

func (m *TypeReply) Reset()

func (*TypeReply) String ¶

func (m *TypeReply) String() string

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL