metastore

Documentation

Overview

Example (WithCustomConfig)

package main

import (
	"context"
	"fmt"

	"github.com/aws/aws-sdk-go-v2/config"
	"github.com/aws/aws-sdk-go-v2/service/dynamodb"

	"github.com/godaddy/asherah/go/appencryption/plugins/aws-v2/dynamodb/metastore"
)

func main() {
	// Load the AWS SDK's default configuration from the environment and override the region
	cfg, err := config.LoadDefaultConfig(context.Background(), config.WithRegion("us-west-2"))
	if err != nil {
		panic(fmt.Sprintf("unable to load SDK config, %v", err))
	}

	// Create an AWS DynamoDB client with the custom configuration
	client := dynamodb.NewFromConfig(cfg)

	// Create a new DynamoDB Metastore with the custom client and enable region suffix
	store, err := metastore.NewDynamoDB(metastore.WithDynamoDBClient(client), metastore.WithRegionSuffix(true))
	if err != nil {
		panic(fmt.Sprintf("unable to create Metastore, %v", err))
	}

	// At this point, the Metastore is ready to be used
	// Example:
	//   factory := appencryption.NewSessionFactory(config, store, kms, crypto)
	//   session, err := factory.GetSession("partitionId")
	//   ...
	//
	// But for this example, just print the Metastore's region suffix
	fmt.Println(store.GetRegionSuffix())

}

Output:

us-west-2

Index

• Variables
• type DynamoDBClient
• type Metastore
  • func NewDynamoDB(opts ...Option) (*Metastore, error)
  • func (d *Metastore) GetClient() DynamoDBClient
  • func (d *Metastore) GetRegionSuffix() string
  • func (d *Metastore) GetTableName() string
  • func (d *Metastore) Load(ctx context.Context, keyID string, created int64) (*appencryption.EnvelopeKeyRecord, error)
  • func (d *Metastore) LoadLatest(ctx context.Context, keyID string) (*appencryption.EnvelopeKeyRecord, error)
  • func (d *Metastore) Store(ctx context.Context, keyID string, created int64, ...) (bool, error)
• type Option
  • func WithDynamoDBClient(client DynamoDBClient) Option
  • func WithRegionSuffix(enabled bool) Option
  • func WithTableName(name string) Option

Examples

• Package (WithCustomConfig)

Variables

var ItemDecodeError = errors.New("item decode error")

ItemDecodeError is returned when an item cannot be decoded.

Types

type DynamoDBClient

type DynamoDBClient interface {
	GetItem(ctx context.Context, params *dynamodb.GetItemInput, optFns ...func(*dynamodb.Options)) (*dynamodb.GetItemOutput, error)
	PutItem(ctx context.Context, params *dynamodb.PutItemInput, optFns ...func(*dynamodb.Options)) (*dynamodb.PutItemOutput, error)
	Query(ctx context.Context, params *dynamodb.QueryInput, optFns ...func(*dynamodb.Options)) (*dynamodb.QueryOutput, error)
	Options() dynamodb.Options
}

DynamoDBClient is an interface that defines the set of Amazon DynamoDB client operations required by this package.

type Metastore

type Metastore struct {
	// contains filtered or unexported fields
}

Metastore implements the Metastore interface.

func NewDynamoDB

func NewDynamoDB(opts ...Option) (*Metastore, error)

NewDynamoDB returns a new DynamoDB-backed Metastore with the provided options.

func (*Metastore) GetClient

func (d *Metastore) GetClient() DynamoDBClient

GetClient returns the underlying DynamoDBClient.

func (*Metastore) GetRegionSuffix

func (d *Metastore) GetRegionSuffix() string

GetRegionSuffix returns the region suffix if enabled.

func (*Metastore) GetTableName

func (d *Metastore) GetTableName() string

GetTableName returns the configured table name.

func (*Metastore) Load

func (d *Metastore) Load(ctx context.Context, keyID string, created int64) (*appencryption.EnvelopeKeyRecord, error)

Load returns the key matching the keyID and created times provided. The envelope key record is returned if found, otherwise both the key and error are nil.

func (*Metastore) LoadLatest

func (d *Metastore) LoadLatest(ctx context.Context, keyID string) (*appencryption.EnvelopeKeyRecord, error)

LoadLatest returns the newest record matching the keyID. The return value will be nil if not already present.

func (*Metastore) Store

func (d *Metastore) Store(ctx context.Context, keyID string, created int64, ekr *appencryption.EnvelopeKeyRecord) (bool, error)

Store attempts to insert the key into the metastore if one is not already present. Returns true if the key was stored, false if it already exists. An non-nil error is returned if the operation failed.

type Option

type Option func(*Metastore)

Option is a functional option for configuring the Metastore.

func WithDynamoDBClient

func WithDynamoDBClient(client DynamoDBClient) Option

WithDynamoDBClient sets the DynamoDB client for the Metastore. Use this option to provide a custom client (and configuration) for the Metastore.

Example:

client := dynamodb.NewFromConfig(cfg)
metastore, err := metastore.NewDynamoDB(metastore.WithDynamoDBClient(client))

func WithRegionSuffix

func WithRegionSuffix(enabled bool) Option

WithRegionSuffix configures the Metastore for use with regional suffixes. This feature should be enabled when using DynamoDB global tables to avoid write conflicts arising from the "last writer wins" method of conflict resolution.

When enabled, the region suffix can be retrieved using GetRegionSuffix.

func WithTableName

func WithTableName(name string) Option

WithTableName sets the DynamoDB table name for the Metastore. The default table name is "EncryptionKey".