Documentation ¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func GetTokenFromHelper ¶
GetTokenFromHelper uses the standard vault client binary to retrieve the "current" default token, avoiding reimplementation of token_helper, etc.
func GetVaultClient ¶ added in v0.3.0
GetVaultClient returns a full configured Vault API Client
Types ¶
type Client ¶
type Client struct { API *api.Client RoleConfig map[string]interface{} Options Options PublicKey []byte SignedKey string }
func (*Client) GetAllowedUser ¶ added in v0.3.0
func (*Client) GetRoleData ¶ added in v0.3.0
func (*Client) GetSignedKey ¶
GetSignedKey signs the configured public key, sets the SignedKey property to the filename of the signed key and returns the filename
func (*Client) RequiredExtensions ¶
RequiredExtensions calculates the required set of extensions to request based on the options set on Client
func (*Client) SetPublicKey ¶ added in v0.3.0
type Extensions ¶
type Extensions struct { Default bool `` /* 152-byte string literal not displayed */ AgentForwarding bool `long:"agent-forwarding" env:"VAULT_SSH_AGENT_FORWARDING" description:"Force permit-agent-forwarding extension"` PortForwarding bool `long:"port-forwarding" env:"VAULT_SSH_PORT_FORWARDING" description:"Force permit-port-forwarding extension"` NoPTY bool `long:"no-pty" env:"VAULT_SSH_NO_PTY" description:"Force disable permit-pty extension"` UserRC bool `long:"user-rc" env:"VAULT_SSH_USER_RC" description:"Enable permit-user-rc extension"` X11Forwarding bool `long:"x11-forwarding" env:"VAULT_SSH_X11_FORWARDING" description:"Force permit-X11-forwarding extension"` }
Extensions control what certificate extensions are required for the signed key
type Options ¶
type Options struct { Path string `long:"path" default:"ssh" env:"VAULT_SSH_PATH" description:"Vault SSH Path"` Role string `long:"role" default:"default" env:"VAULT_SSH_ROLE" description:"Vault SSH Role"` TTL uint `long:"ttl" default:"300" env:"VAULT_SSH_TTL" description:"Vault SSH Certificate TTL"` PublicKey string `` /* 127-byte string literal not displayed */ Extensions Extensions `group:"Certificate Extensions"` }
Options define signer-specific flags
Click to show internal directories.
Click to hide internal directories.