Documentation ¶
Index ¶
- func New() (interface{}, error)
- func Run(apiTLSConfig *api.TLSConfig) error
- type MongoDB
- func (c MongoDB) Close() error
- func (c MongoDB) Connection(ctx context.Context) (interface{}, error)
- func (m *MongoDB) CreateUser(ctx context.Context, statements dbplugin.Statements, ...) (username string, password string, err error)
- func (c MongoDB) Init(ctx context.Context, conf map[string]interface{}, verifyConnection bool) (map[string]interface{}, error)
- func (c MongoDB) Initialize(ctx context.Context, conf map[string]interface{}, verifyConnection bool) error
- func (m *MongoDB) RenewUser(ctx context.Context, statements dbplugin.Statements, username string, ...) error
- func (m *MongoDB) RevokeUser(ctx context.Context, statements dbplugin.Statements, username string) error
- func (m *MongoDB) RotateRootCredentials(ctx context.Context, statements []string) (map[string]interface{}, error)
- func (m *MongoDB) SetCredentials(ctx context.Context, statements dbplugin.Statements, ...) (username, password string, err error)
- func (m *MongoDB) Type() (string, error)
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
Types ¶
type MongoDB ¶
type MongoDB struct { credsutil.CredentialsProducer // contains filtered or unexported fields }
MongoDB is an implementation of Database interface
func (MongoDB) Close ¶ added in v0.10.0
func (c MongoDB) Close() error
Close terminates the database connection.
func (MongoDB) Connection ¶ added in v0.10.0
Connection creates or returns an existing a database connection. If the session fails on a ping check, the session will be closed and then re-created. This method does not lock the mutex and it is intended that this is the callers responsibility.
func (*MongoDB) CreateUser ¶
func (m *MongoDB) CreateUser(ctx context.Context, statements dbplugin.Statements, usernameConfig dbplugin.UsernameConfig, expiration time.Time) (username string, password string, err error)
CreateUser generates the username/password on the underlying secret backend as instructed by the CreationStatement provided. The creation statement is a JSON blob that has a db value, and an array of roles that accepts a role, and an optional db value pair. This array will be normalized the format specified in the mongoDB docs: https://docs.mongodb.com/manual/reference/command/createUser/#dbcmd.createUser
JSON Example:
{ "db": "admin", "roles": [{ "role": "readWrite" }, {"role": "read", "db": "foo"}] }
func (MongoDB) Init ¶ added in v0.10.0
func (c MongoDB) Init(ctx context.Context, conf map[string]interface{}, verifyConnection bool) (map[string]interface{}, error)
Initialize parses connection configuration.
func (MongoDB) Initialize ¶ added in v0.10.0
func (*MongoDB) RenewUser ¶
func (m *MongoDB) RenewUser(ctx context.Context, statements dbplugin.Statements, username string, expiration time.Time) error
RenewUser is not supported on MongoDB, so this is a no-op.
func (*MongoDB) RevokeUser ¶
func (m *MongoDB) RevokeUser(ctx context.Context, statements dbplugin.Statements, username string) error
RevokeUser drops the specified user from the authentication database. If none is provided in the revocation statement, the default "admin" authentication database will be assumed.
func (*MongoDB) RotateRootCredentials ¶ added in v0.10.0
func (m *MongoDB) RotateRootCredentials(ctx context.Context, statements []string) (map[string]interface{}, error)
RotateRootCredentials in MongoDB
func (*MongoDB) SetCredentials ¶ added in v1.2.0
func (m *MongoDB) SetCredentials(ctx context.Context, statements dbplugin.Statements, staticUser dbplugin.StaticUserConfig) (username, password string, err error)
SetCredentials uses provided information to set/create a user in the database. Unlike CreateUser, this method requires a username be provided and uses the name given, instead of generating a name. This is used for creating and setting the password of static accounts, as well as rolling back passwords in the database in the event an updated database fails to save in Vault's storage.