Documentation ¶
Index ¶
- Variables
- func BucketName(vaultName string) string
- func CreateBucket(vaultName, clusterName, projectId, zone string) (string, error)
- func CreateGCPServiceAccount(kubeClient kubernetes.Interface, ...) (string, error)
- func GcpServiceAccountSecretName(vaultName string) string
- func KeyName(vaultName string) string
- func KeyringName(vaultName string) string
- func ServiceAccountName(vaultName string) string
- type KmsConfig
Constants ¶
This section is empty.
Variables ¶
View Source
var (
ServiceAccountRoles = []string{"roles/storage.objectAdmin",
"roles/cloudkms.admin",
"roles/cloudkms.cryptoKeyEncrypterDecrypter",
}
)
Functions ¶
func BucketName ¶
BucketName creates a Bucket name for a given vault name and cluster name
func CreateBucket ¶
CreateBucket Creates a bucket in GKE to store the backend (encrypted) data for vault
func CreateGCPServiceAccount ¶
func CreateGCPServiceAccount(kubeClient kubernetes.Interface, vaultName, namespace, clusterName, projectId string) (string, error)
CreateGCPServiceAccount creates a service account in GCP for the vault service
func GcpServiceAccountSecretName ¶
GcpServiceAccountSecretName builds the secret name where the GCP service account is stored
func KeyringName ¶
KeyringName creates a keyring name for a given vault and cluster name
func ServiceAccountName ¶
ServiceAccountName creates a service account name for a given vault and cluster name
Types ¶
Click to show internal directories.
Click to hide internal directories.