Documentation
¶
Overview ¶
Package secret provides a client for REST operations involving secrets. This implements calls from this API: https://docs.microsoft.com/en-us/rest/api/keyvault/#secret-operations
Index ¶
- type Attributes
- type Base
- type Bundle
- type Client
- func (c *Client) Backup(ctx context.Context, name string) (string, error)
- func (c *Client) Delete(ctx context.Context, name string) (DeletedBundle, error)
- func (c *Client) Deleted(ctx context.Context, name string) (DeletedBundle, error)
- func (c *Client) Get(ctx context.Context, name string, version string) (Bundle, error)
- func (c *Client) List(ctx context.Context, maxResults int32) ([]Version, error)
- func (c *Client) ListDeleted(ctx context.Context, maxResults int32) ([]Deleted, error)
- func (c *Client) Purge(ctx context.Context, name string) error
- func (c *Client) Recover(ctx context.Context, name string) (Bundle, error)
- func (c *Client) Restore(ctx context.Context, value string) (Bundle, error)
- func (c *Client) Set(ctx context.Context, name string, req UpdateSetRequest) (Bundle, error)
- func (c *Client) UpdateAttr(ctx context.Context, name, version string, req UpdateSetRequest) (Bundle, error)
- func (c *Client) Versions(ctx context.Context, name string, maxResults int32) ([]Version, error)
- type Deleted
- type DeletedBundle
- type DeletionRecoveryLevel
- type UpdateSetRequest
- type Version
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Attributes ¶
type Attributes struct {
// RecoveryLevel is the level of recovery for this password when deleted. See the description of
// DeletionRecoveryLevel above.
RecoveryLevel DeletionRecoveryLevel `json:"recoveryLevel,omitempty"`
// RecoverableDays is the soft delete data retention days. Must be >=7 and <=90, otherwise 0.
RecoverableDays int `json:"recoverableDays,omitempty"`
// Enabled indicates if the secret is currently enabled.
Enabled bool `json:"enabled,omitempty"`
// Created indicates the time the secret was created in UTC. If set to the zero value, it indicates
// this was not set.
Created *values.Time `json:"created,omitempty"`
// NotBefore indicate that the key isn"t valid before this time in UTC. If set to the zero value, it indicates
// this was not set.
NotBefore values.Time `json:"nbf,omitempty"`
// Updated indicates the last time the secret was updated in UTC. If set to the zero value, it indicates
// this was not set.
Updated values.Time `json:"updated,omitempty"`
}
Attributes are attributes associated with this secret.
type Base ¶
type Base struct {
// Attributes are attributes tied to a Bundle.
Attributes Attributes
// ContentType is a string that can optionally be set by a user to indicate the content type.
// This is not a definitive content type given by the system.
ContentType string `json:"contentType"`
// ID is the secret"s ID.
ID string `json:"id"`
// Tags are application specific metadata in the form of key-value pairs.
Tags map[string]string `json:"tags"`
}
Base contains the base attributes used in multiple return objects.
type Bundle ¶
type Bundle struct {
Base
// KID specifies the corresponding key backing the KV certificate. This is only set if this is a secret backing a KV certificate,
KID string `json:"kid"`
// Managed indicates if a secret"s lifetime is managed by keyvault.
// If this is a secret backing a certificate, this will be true.
Managed bool `json:"managed"`
// Value is the value of the secret.
Value string `json:"value"`
}
Bundle is used to describe a secret.
type Client ¶
Client is a client for making calls to Secret operations on Keyvault.
func (*Client) Backup ¶
Backup returns a string representing a blob of all versions of a secret. This is in an undisclosed format.
func (*Client) Get ¶
GetSecret gets a secret with the name "name" from Keyvault. If you wish to get a secret at a certain version, pass the Version() option.
func (*Client) List ¶
List returns a list of all secrets in the vault. We use the Version type, which is based on the SecretListResult type in the REST API.
func (*Client) ListDeleted ¶
ListDeleted returns a list of deleted secrets.
func (*Client) Purge ¶
Purge permanently deletes a secret, without the possibility of recovery. Name is the name of a deleted secret.
func (*Client) Recover ¶
Recover recovers a deleted secret that has not been purged to the latest version.
func (*Client) Restore ¶
Restore restores a key from the value passed. That value comes from a call to Backup().
func (*Client) UpdateAttr ¶
func (c *Client) UpdateAttr(ctx context.Context, name, version string, req UpdateSetRequest) (Bundle, error)
UpdateAttr updates a secret's attributes.
type Deleted ¶
type Deleted struct {
Base
// Managed indicates if a secret"s lifetime is managed by keyvault.
// If this is a secret backing a certificate, this will be true.
Managed bool `json:"managed"`
// DeleteDate is the time when the secret was deleted.
DeleteDate values.Time `json:"deletedDate"`
// RecoveryID is the url of the recovery object, used to identify and recover the deleted secret.
RecoveryID *values.URL `json:"recoveryId"`
// ScheduledPurgeDate is the time when the secret is scheduled to be purged.
ScheduledPurgeDate values.Time `json:"scheduledPurgeDate"`
}
Deleted is a deleted secret.
type DeletedBundle ¶
type DeletedBundle struct {
Bundle
// DeleteDate is the time when the secret was deleted.
DeleteDate values.Time `json:"deletedDate"`
// RecoveryID is the url of the recovery object, used to identify and recover the deleted secret.
RecoveryID *values.URL `json:"recoveryId"`
// ScheduledPurgeDate is the time when the secret is scheduled to be purged.
ScheduledPurgeDate values.Time `json:"scheduledPurgeDate"`
}
DeletedBundle is returned when we delete a bundle.
type DeletionRecoveryLevel ¶
type DeletionRecoveryLevel string
DeletionRecoveryLevel indicates what level of recovery is associated with a particular secret. Details at: https://docs.microsoft.com/en-us/rest/api/keyvault/getsecretversions/getsecretversions#deletionrecoverylevel
const ( // Purgeable indicates soft-delete is not enabled for this vault. A DELETE operation results in immediate and // irreversible data loss. Purgeable DeletionRecoveryLevel = "Purgeable" // Recoverable indicates soft-delete is enabled for this vault and purge has been disabled. A deleted entity // will remain in this state until recovered, or the end of the retention interval. Recoverable DeletionRecoveryLevel = "Recoverable" // RecoverableProtectedSubscription indicates soft-delete is enabled for this vault, and the subscription is // protected against immediate deletion. RecoverableProtectedSubscription DeletionRecoveryLevel = "Recoverable+ProtectedSubscription" // RecoverablePurgeable indicates soft-delete is enabled for this vault; A privileged user may trigger an // immediate, irreversible deletion(purge) of a deleted entity. RecoverablePurgeable DeletionRecoveryLevel = "Recoverable+Purgeable" )
func (DeletionRecoveryLevel) MarshalJSON ¶
func (d DeletionRecoveryLevel) MarshalJSON() ([]byte, error)
func (*DeletionRecoveryLevel) UnmarshalJSON ¶
func (d *DeletionRecoveryLevel) UnmarshalJSON(s []byte) error
type UpdateSetRequest ¶
type UpdateSetRequest struct {
// Attributes are attributes tied to a Bundle.
Attributes *Attributes `json:",omitempty"`
// ContentType is a string that can optionally be set by a user to indicate the content type.
// This is not a definitive content type given by the system.
ContentType string `json:"contentType,omitempty"`
// Tags are application specific metadata in the form of key-value pairs.
Tags map[string]string `json:"tags,omitempty"`
// Value is the value of the secret. Only valid in a Set.
Value string `json:"value,omitempty"`
// Base64Encode indicates to base64 encode the value.
Base64Encode bool `json:"-"`
}
UpdateSetRequest is used to set a secret or update its attributes.
Source Files
Click to show internal directories.
Click to hide internal directories.