keyvault

Documentation

Index

• Constants
• func NewAzureKeyvaultSecretStore(logger logger.Logger) secretstores.SecretStore
• type CertConfig
  • func NewCertConfig(certificatePath string, certificateBytes []byte, certificatePassword string, ...) CertConfig
  • func (c CertConfig) Authorizer() (autorest.Authorizer, error)
  • func (c CertConfig) ServicePrincipalTokenByCertBytes() (*adal.ServicePrincipalToken, error)
• type EnvironmentSettings
  • func (s EnvironmentSettings) GetAuthorizer() (autorest.Authorizer, error)
  • func (s EnvironmentSettings) GetClientCert() (CertConfig, error)
  • func (s EnvironmentSettings) GetMSI() MSIConfig
• type MSIConfig
  • func NewMSIConfig() MSIConfig
  • func (mc MSIConfig) Authorizer() (autorest.Authorizer, error)

Constants

const (
	VersionID = "version_id"
)

Keyvault secret store component metadata properties

Functions

func NewAzureKeyvaultSecretStore

func NewAzureKeyvaultSecretStore(logger logger.Logger) secretstores.SecretStore

NewAzureKeyvaultSecretStore returns a new Kubernetes secret store

Types

type CertConfig

type CertConfig struct {
	*auth.ClientCertificateConfig
	CertificateData []byte
}

CertConfig provides the options to get a bearer authorizer from a client certificate.

func NewCertConfig

func NewCertConfig(certificatePath string, certificateBytes []byte, certificatePassword string, clientID string, tenantID string) CertConfig

NewCertConfig creates an ClientAuthorizer object configured to obtain an Authorizer through Client Credentials.

func (CertConfig) Authorizer

func (c CertConfig) Authorizer() (autorest.Authorizer, error)

Authorizer gets an authorizer object from client certificate.

func (CertConfig) ServicePrincipalTokenByCertBytes

func (c CertConfig) ServicePrincipalTokenByCertBytes() (*adal.ServicePrincipalToken, error)

ServicePrincipalTokenByCertBytes gets the service principal token by CertificateBytes.

type EnvironmentSettings

type EnvironmentSettings struct {
	Values map[string]string
}

EnvironmentSettings hold settings to authenticate with the Key Vault.

func (EnvironmentSettings) GetAuthorizer

func (s EnvironmentSettings) GetAuthorizer() (autorest.Authorizer, error)

GetAuthorizer creates an Authorizer configured from environment variables in the order: 1. Client certificate 2. MSI

func (EnvironmentSettings) GetClientCert

func (s EnvironmentSettings) GetClientCert() (CertConfig, error)

GetClientCert creates a config object from the available certificate credentials. An error is returned if no certificate credentials are available.

func (EnvironmentSettings) GetMSI

func (s EnvironmentSettings) GetMSI() MSIConfig

GetMSI creates a MSI config object from the available client ID.

type MSIConfig

type MSIConfig struct {
	Resource string
	ClientID string
}

MSIConfig provides the options to get a bearer authorizer through MSI.

func NewMSIConfig

func NewMSIConfig() MSIConfig

NewMSIConfig creates an MSIConfig object configured to obtain an Authorizer through MSI.

func (MSIConfig) Authorizer

func (mc MSIConfig) Authorizer() (autorest.Authorizer, error)

Authorizer gets the authorizer from MSI.