Documentation
¶
Index ¶
Constants ¶
View Source
const ( // DefaultConfigFile is the default file where blessclient will look for its config DefaultConfigFile = "~/.blessclient/config.yml" // DefaultSSHPrivateKey is a path to where users usually keep an ssh key DefaultSSHPrivateKey = "~/.ssh/id_ed25519" )
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Bastion ¶
type Bastion struct {
Host `yaml:",inline"`
Hosts []Host `yaml:"hosts"`
IdentityFile string `yaml:"identity_file"`
User string `yaml:"user"`
}
Bastion is an internet accessibly server used to "jump" to other servers
type ClientConfig ¶
type ClientConfig struct {
// ConfigFile is the path to blessclient config file
ConfigFile string
// AWSUserProfile is an aws profile that references a user (not a role)
// leaving this empty typically means use `default` profile
AWSUserProfile string ` yaml:"aws_user_profile"`
// AWSUserName is your AWS username
AWSUserName *string ` yaml:"aws_username,omitempty"`
// Path to your ssh private key
SSHPrivateKey string `yaml:"ssh_private_key"`
UpdateSSHAgent bool `yaml:"update_ssh_agent"`
// cert related
CertLifetime Duration `yaml:"cert_lifetime,inline"`
// ask bless to sign for these remote users
RemoteUsers []string `yaml:"remote_users"`
// bless calls these bastion ips - your source ip. 0.0.0.0/0 is all
BastionIPS []string `yaml:"bastion_ips"`
}
ClientConfig is the client config
type Config ¶
type Config struct {
// Version versions this config
Version int `yaml:"version"`
// ClientConfig is config for blessclient
ClientConfig ClientConfig `yaml:"client_config"`
// LambdaConfig holds configuration around the bless lambda
LambdaConfig LambdaConfig `yaml:"lambda_config"`
// For convenience, you can bundle an ~/.ssh/config template here
SSHConfig *SSHConfig `yaml:"ssh_config,omitempty"`
// Telemetry does telemetry
Telemetry Telemetry `yaml:"telemetry,omitempty"`
}
Config is a blessclient config
func DefaultConfig ¶
DefaultConfig generates a config with some defaults
func (*Config) GetAWSUsername ¶ added in v0.2.5
GetAWSUsername gets the caller's aws username for kmsauth
func (*Config) GetKMSAuthCachePath ¶ added in v0.0.6
GetKMSAuthCachePath gets a path to kmsauth cache file kmsauth is regional
type Duration ¶
Duration is a wrapper around Duration to marshal/unmarshal
func (Duration) AsDuration ¶
AsDuration returns as duration
type Honeycomb ¶ added in v0.2.0
type Honeycomb struct {
WriteKey string `yaml:"write_key,omitempty"`
Dataset string `yaml:"dataset,omitempty"`
// SecretManagerARN is a secret that holds the honeycomb write key
SecretManagerARN string `yaml:"secret_manager_arn,omitempty"`
}
Honeycomb telemetry configuration
type Host ¶
type Host struct {
Pattern string `yaml:"pattern"`
}
Host represents a Host block in an ssh config
type LambdaConfig ¶
type LambdaConfig struct {
// RoleARN used to assume and invoke bless lambda
RoleARN *string `yaml:"role_arn,omitempty"`
// Bless lambda function name
FunctionName string `yaml:"function_name"`
// Bless lambda function version (lambda alias or version qualifier)
FunctionVersion *string `yaml:"function_version,omitempty"`
// bless lambda regions
Regions []Region `yaml:"regions,omitempty"`
}
LambdaConfig is the lambda config
type Region ¶
type Region struct {
// name of the aws region (us-west-2)
AWSRegion string `yaml:"aws_region"`
// region specific kms key id (not arn) of the key used for kmsauth
KMSAuthKeyID string `yaml:"kms_auth_key_id"`
}
Region is an aws region that contains an aws lambda
Source Files
Click to show internal directories.
Click to hide internal directories.