encrypted

package
v0.0.0-...-36387be Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 28, 2024 License: Apache-2.0 Imports: 10 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func ConstructMaterialName 

func ConstructMaterialName(item map[string]types.AttributeValue, pkInfo *PrimaryKeyInfo) (string, error)

ConstructMaterialName constructs a material name based on an item's primary key.

Types

type ClientConfig 

type ClientConfig struct {
	Encryption EncryptionConfig
}

ClientConfig holds the configuration for client operations, focusing on encryption.

func NewClientConfig 

func NewClientConfig(options ...Option) *ClientConfig

NewClientConfig initializes a new ClientConfig, applying any provided functional options.

type DynamoDBClientInterface 

type DynamoDBClientInterface interface {
	CreateTable(ctx context.Context, input *dynamodb.CreateTableInput, opts ...func(*dynamodb.Options)) (*dynamodb.CreateTableOutput, error)
	PutItem(ctx context.Context, input *dynamodb.PutItemInput, opts ...func(*dynamodb.Options)) (*dynamodb.PutItemOutput, error)
	GetItem(ctx context.Context, input *dynamodb.GetItemInput, opts ...func(*dynamodb.Options)) (*dynamodb.GetItemOutput, error)
	Query(ctx context.Context, input *dynamodb.QueryInput, opts ...func(*dynamodb.Options)) (*dynamodb.QueryOutput, error)
	Scan(ctx context.Context, input *dynamodb.ScanInput, opts ...func(*dynamodb.Options)) (*dynamodb.ScanOutput, error)
	BatchGetItem(ctx context.Context, input *dynamodb.BatchGetItemInput, opts ...func(*dynamodb.Options)) (*dynamodb.BatchGetItemOutput, error)
	BatchWriteItem(ctx context.Context, input *dynamodb.BatchWriteItemInput, opts ...func(*dynamodb.Options)) (*dynamodb.BatchWriteItemOutput, error)
	DeleteItem(ctx context.Context, input *dynamodb.DeleteItemInput, opts ...func(*dynamodb.Options)) (*dynamodb.DeleteItemOutput, error)
	DescribeTable(ctx context.Context, input *dynamodb.DescribeTableInput, opts ...func(*dynamodb.Options)) (*dynamodb.DescribeTableOutput, error)
}

type EncryptedClient 

type EncryptedClient struct {
	Client            DynamoDBClientInterface
	MaterialsProvider provider.CryptographicMaterialsProvider
	PrimaryKeyCache   map[string]*PrimaryKeyInfo
	ClientConfig      *ClientConfig
	// contains filtered or unexported fields
}

EncryptedClient facilitates encrypted operations on DynamoDB items.

func NewEncryptedClient 

func NewEncryptedClient(client DynamoDBClientInterface, materialsProvider provider.CryptographicMaterialsProvider, opts ...EncryptedClientOption) *EncryptedClient

NewEncryptedClient creates a new instance of EncryptedClient.

func (*EncryptedClient) BatchGetItem 

func (ec *EncryptedClient) BatchGetItem(ctx context.Context, input *dynamodb.BatchGetItemInput) (*dynamodb.BatchGetItemOutput, error)

BatchGetItem retrieves a batch of items from DynamoDB and decrypts them.

func (*EncryptedClient) BatchWriteItem 

func (ec *EncryptedClient) BatchWriteItem(ctx context.Context, input *dynamodb.BatchWriteItemInput) (*dynamodb.BatchWriteItemOutput, error)

BatchWriteItem performs batch write operations, encrypting any items to be put.

func (*EncryptedClient) CreateTable 

func (ec *EncryptedClient) CreateTable(ctx context.Context, input *dynamodb.CreateTableInput) (*dynamodb.CreateTableOutput, error)

CreateTable creates a new DynamoDB table with the specified name, attribute definitions, and key schema.

func (*EncryptedClient) DeleteItem 

func (ec *EncryptedClient) DeleteItem(ctx context.Context, input *dynamodb.DeleteItemInput) (*dynamodb.DeleteItemOutput, error)

DeleteItem deletes an item and its associated metadata from a DynamoDB table.

func (*EncryptedClient) GetItem 

func (ec *EncryptedClient) GetItem(ctx context.Context, input *dynamodb.GetItemInput) (*dynamodb.GetItemOutput, error)

GetItem retrieves an item from a DynamoDB table and decrypts it.

func (*EncryptedClient) PutItem 

func (ec *EncryptedClient) PutItem(ctx context.Context, input *dynamodb.PutItemInput) (*dynamodb.PutItemOutput, error)

PutItem encrypts an item and puts it into a DynamoDB table.

func (*EncryptedClient) Query 

func (ec *EncryptedClient) Query(ctx context.Context, input *dynamodb.QueryInput, optFns ...func(*dynamodb.Options)) (*dynamodb.QueryOutput, error)

Query executes a Query operation on DynamoDB and decrypts the returned items.

func (*EncryptedClient) Scan 

func (ec *EncryptedClient) Scan(ctx context.Context, input *dynamodb.ScanInput) (*dynamodb.ScanOutput, error)

Scan executes a Scan operation on DynamoDB and decrypts the returned items.

type EncryptedClientOption 

type EncryptedClientOption func(*EncryptedClient)

EncryptedClientOption defines a function signature for options that modify an EncryptedClient.

func WithClientConfig 

func WithClientConfig(config *ClientConfig) EncryptedClientOption

WithClientConfig sets the EncryptedClient's configuration.

type EncryptedResource 

type EncryptedResource struct {
	Client            *EncryptedClient
	MaterialsProvider provider.CryptographicMaterialsProvider
	ClientConfig      *ClientConfig
}

EncryptedResource provides a high-level interface to work with encrypted DynamoDB resources.

func NewEncryptedResource 

func NewEncryptedResource(client *EncryptedClient, materialsProvider provider.CryptographicMaterialsProvider, clientConfig *ClientConfig) *EncryptedResource

NewEncryptedResource creates a new instance of EncryptedResource.

func (*EncryptedResource) Table 

func (r *EncryptedResource) Table(name string) *EncryptedTable

Table returns an EncryptedTable instance for the specified table name.

type EncryptedTable 

type EncryptedTable struct {
	// contains filtered or unexported fields
}

EncryptedTable provides a high-level interface to encrypted DynamoDB operations.

func NewEncryptedTable 

func NewEncryptedTable(client *EncryptedClient) *EncryptedTable

NewEncryptedTable creates a new EncryptedTable with the given EncryptedClient.

func (*EncryptedTable) CreateTable 

func (et *EncryptedTable) CreateTable(ctx context.Context, tableName string, attributes []types.AttributeDefinition, keySchema []types.KeySchemaElement) error

CreateTable creates a new DynamoDB table with the specified name, attribute definitions, and key schema.

func (*EncryptedTable) GetItem 

func (et *EncryptedTable) GetItem(ctx context.Context, tableName string, key map[string]types.AttributeValue) (map[string]types.AttributeValue, error)

GetItem retrieves and decrypts an item from the DynamoDB table.

func (*EncryptedTable) PutItem 

func (et *EncryptedTable) PutItem(ctx context.Context, tableName string, item map[string]types.AttributeValue) error

PutItem encrypts and stores an item in the DynamoDB table.

func (*EncryptedTable) Query 

func (et *EncryptedTable) Query(ctx context.Context, tableName string, input *dynamodb.QueryInput) (*dynamodb.QueryOutput, error)

Query executes a Query operation on the DynamoDB table and decrypts the returned items.

func (*EncryptedTable) Scan 

func (et *EncryptedTable) Scan(ctx context.Context, tableName string, input *dynamodb.ScanInput) (*dynamodb.ScanOutput, error)

Scan executes a Scan operation on the DynamoDB table and decrypts the returned items.

type EncryptionAction 

type EncryptionAction int

EncryptionAction represents the encryption-related action to be taken on a specific attribute. 

const (
	EncryptNone          EncryptionAction = iota // No encryption should be applied.
	EncryptStandard                              // The attribute should be encrypted using a standard algorithm.
	EncryptDeterministic                         // The attribute should be encrypted deterministically for consistent outcomes.
)

type EncryptionConfig 

type EncryptionConfig struct {
	DefaultAction   EncryptionAction            // The default encryption action if no specific action is provided.
	SpecificActions map[string]EncryptionAction // Map of attribute names to their specific encryption actions.
}

EncryptionConfig holds encryption-specific settings, including a default action and specific actions for named attributes.

type Option 

type Option func(*ClientConfig)

Option defines a function signature for options that modify ClientConfig.

func WithDefaultEncryption 

func WithDefaultEncryption(action EncryptionAction) Option

WithDefaultEncryptionAction sets the default encryption action for the client.

func WithEncryption 

func WithEncryption(attributeName string, action EncryptionAction) Option

WithEncryption sets a specific encryption action for a named attribute.

type PrimaryKeyInfo 

type PrimaryKeyInfo struct {
	Table        string
	PartitionKey string
	SortKey      string
}

PrimaryKeyInfo holds information about the primary key of a DynamoDB table.

func TableInfo 

func TableInfo(ctx context.Context, client DynamoDBClientInterface, tableName string) (*PrimaryKeyInfo, error)

TableInfo fetches the primary key names of a DynamoDB table.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.