go-gcsproxy

command module
v0.0.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 19, 2024 License: MIT Imports: 28 Imported by: 0

README

go-gcsproxy

Janiculum

Encrypting Reverse proxy for Google Cloud Storage.

Description

[P0] Requirement 1 (MVP)
  • Small binary written in a compiled language (Golang preferred)
  • Use GCP KMS for keys
  • Use Tink for encryption, following existing guidance
  • Follow BIGFOOT internal guidance for encryption
  • BIGFOOT intranet page, will only load if on BIGFOOT VPN
  • Only use approved algorithms, such as SHA, AES, RSA, ECDSA.
  • Use appropriate bit sizes, such as SHA-256, RSA-2048, ECDSA-256.
  • Must be scalable
  • Must work behind a load balancer
  • Must work as a sidecar deployment
  • Work with arbitrary GCS calls NOT POSSIBLE
  • Desired utilities to test:
    • gcloud
    • gsutil
    • tensorflow
    • python SDK
    • go SDK
    • cURL
    • Support Standard Multi-part Upload
    • Support XML API
    • Support JSON API
  • Work for both HTTP and HTTPS
  • Provide Terraform deployment automation template
  • Proxy should check if the traffic is bound for GCS and just pass along all other traffic
  • Test using OS configuration environment variable NO_PROXY to verify non GCS traffic can be directed to NOT use the proxy. Most SDKs also allow similar configuration.
  • Safe logging
  • No keys or data can be leaked in logging, including to cloud logging
  • Configurable logging: debug, error, warning, info, etc.

Documentation

The Go Gopher

There is no documentation for this package.

Source Files

View all Source files

Directories

Path Synopsis
test
go-net-http-patch

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.