Documentation ¶
Index ¶
- type Credentials
- type SecretsManager
- func (s *SecretsManager) Authenticate() error
- func (s *SecretsManager) Create(ctx context.Context, name string, key key.Key) error
- func (s *SecretsManager) Delete(ctx context.Context, name string) error
- func (s *SecretsManager) Get(ctx context.Context, name string) (key.Key, error)
- func (s *SecretsManager) List(ctx context.Context) (key.Iterator, error)
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Credentials ¶
type Credentials struct { AccessKey string // The AWS access key SecretKey string // The AWS secret key SessionToken string // The AWS session token }
Credentials represents static AWS credentials: access key, secret key and a session token
type SecretsManager ¶
type SecretsManager struct { // Addr is the HTTP address of the AWS Secret // Manager. In general, the address has the // following form: // secretsmanager.<region>.amazonaws.com Addr string // Region is the AWS region. Even though the Addr // endpoint contains that information already, this // field is mandatory. Region string // The KMSKeyID is the AWS-KMS key ID specifying the // AWS-KMS key that is used to encrypt (and decrypt) the // values stored at AWS Secrets Manager. KMSKeyID string // Login contains the AWS credentials (access/secret key). Login Credentials // ErrorLog specifies an optional logger for errors // when files cannot be opened, deleted or contain // invalid content. // If nil, logging is done via the log package's // standard logger. ErrorLog *log.Logger // contains filtered or unexported fields }
SecretsManager is a key-value store that saves/fetches values as secrets on/from the AWS Secrets Manager. See: https://aws.amazon.com/secrets-manager
func (*SecretsManager) Authenticate ¶
func (s *SecretsManager) Authenticate() error
Authenticate tries to establish a connection to the AWS Secrets Manager using the login credentials.
func (*SecretsManager) Create ¶
Create stores the given key-value pair at the AWS SecretsManager if and only if it doesn't exists. If such an entry already exists it returns kes.ErrKeyExists.
If the SecretsManager.KMSKeyID is set AWS will use this key ID to encrypt the values. Otherwise, AWS will use the default key ID for encrypting secrets at the AWS SecretsManager.
func (*SecretsManager) Delete ¶
func (s *SecretsManager) Delete(ctx context.Context, name string) error
Delete removes the key-value pair from the AWS SecretsManager, if it exists.