Documentation ¶
Index ¶
Constants ¶
const ( DisableIdleConnsEnv = "VAULT_AGENT_DISABLE_IDLE_CONNECTIONS" DisableKeepAlivesEnv = "VAULT_AGENT_DISABLE_KEEP_ALIVES" )
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type APIProxy ¶ added in v1.13.0
type APIProxy struct { UseAutoAuthTokenRaw interface{} `hcl:"use_auto_auth_token"` UseAutoAuthToken bool `hcl:"-"` ForceAutoAuthToken bool `hcl:"-"` EnforceConsistency string `hcl:"enforce_consistency"` WhenInconsistent string `hcl:"when_inconsistent"` }
APIProxy contains any configuration needed for proxy mode
type AutoAuth ¶
type AutoAuth struct { Method *Method `hcl:"-"` Sinks []*Sink `hcl:"sinks"` // NOTE: This is unsupported outside of testing and may disappear at any // time. EnableReauthOnNewCredentials bool `hcl:"enable_reauth_on_new_credentials"` }
AutoAuth is the configured authentication method and sinks
type Cache ¶ added in v1.1.0
type Cache struct { UseAutoAuthTokenRaw interface{} `hcl:"use_auto_auth_token"` UseAutoAuthToken bool `hcl:"-"` ForceAutoAuthToken bool `hcl:"-"` EnforceConsistency string `hcl:"enforce_consistency"` WhenInconsistent string `hcl:"when_inconsistent"` Persist *Persist `hcl:"persist"` InProcDialer transportDialer `hcl:"-"` }
Cache contains any configuration needed for Cache mode
type Config ¶
type Config struct { AutoAuth *AutoAuth `hcl:"auto_auth"` ExitAfterAuth bool `hcl:"exit_after_auth"` Cache *Cache `hcl:"cache"` APIProxy *APIProxy `hcl:"api_proxy""` Vault *Vault `hcl:"vault"` TemplateConfig *TemplateConfig `hcl:"template_config"` Templates []*ctconfig.TemplateConfig `hcl:"templates"` DisableIdleConns []string `hcl:"disable_idle_connections"` DisableIdleConnsAPIProxy bool `hcl:"-"` DisableIdleConnsTemplating bool `hcl:"-"` DisableIdleConnsAutoAuth bool `hcl:"-"` DisableKeepAlives []string `hcl:"disable_keep_alives"` DisableKeepAlivesAPIProxy bool `hcl:"-"` DisableKeepAlivesTemplating bool `hcl:"-"` DisableKeepAlivesAutoAuth bool `hcl:"-"` }
Config is the configuration for Vault Agent.
func LoadConfig ¶
LoadConfig loads the configuration at the given path, regardless if it's a file or directory.
func LoadConfigDir ¶ added in v1.13.0
LoadConfigDir loads the configuration at the given path if it's a directory
func LoadConfigFile ¶ added in v1.13.0
LoadConfigFile loads the configuration at the given path if it's a file
func (*Config) ValidateConfig ¶ added in v1.13.0
ValidateConfig validates an Agent configuration after it has been fully merged together, to ensure that required combinations of configs are there
type Method ¶
type Method struct { Type string MountPath string `hcl:"mount_path"` WrapTTLRaw interface{} `hcl:"wrap_ttl"` WrapTTL time.Duration `hcl:"-"` MinBackoffRaw interface{} `hcl:"min_backoff"` MinBackoff time.Duration `hcl:"-"` MaxBackoffRaw interface{} `hcl:"max_backoff"` MaxBackoff time.Duration `hcl:"-"` Namespace string `hcl:"namespace"` ExitOnError bool `hcl:"exit_on_err"` Config map[string]interface{} }
Method represents the configuration for the authentication backend
type Persist ¶ added in v1.7.0
type Persist struct { Type string Path string `hcl:"path"` KeepAfterImport bool `hcl:"keep_after_import"` ExitOnErr bool `hcl:"exit_on_err"` ServiceAccountTokenFile string `hcl:"service_account_token_file"` }
Persist contains configuration needed for persistent caching
type Sink ¶
type Sink struct { Type string WrapTTLRaw interface{} `hcl:"wrap_ttl"` WrapTTL time.Duration `hcl:"-"` DHType string `hcl:"dh_type"` DeriveKey bool `hcl:"derive_key"` DHPath string `hcl:"dh_path"` AAD string `hcl:"aad"` AADEnvVar string `hcl:"aad_env_var"` Config map[string]interface{} }
Sink defines a location to write the authenticated token
type TemplateConfig ¶ added in v1.8.0
type TemplateConfig struct { ExitOnRetryFailure bool `hcl:"exit_on_retry_failure"` StaticSecretRenderIntRaw interface{} `hcl:"static_secret_render_interval"` StaticSecretRenderInt time.Duration `hcl:"-"` }
TemplateConfig defines global behaviors around template
type Vault ¶ added in v1.1.0
type Vault struct { Address string `hcl:"address"` CACert string `hcl:"ca_cert"` CAPath string `hcl:"ca_path"` TLSSkipVerify bool `hcl:"-"` TLSSkipVerifyRaw interface{} `hcl:"tls_skip_verify"` ClientCert string `hcl:"client_cert"` ClientKey string `hcl:"client_key"` TLSServerName string `hcl:"tls_server_name"` Retry *Retry `hcl:"retry"` }
Vault contains configuration for connecting to Vault servers