Documentation
¶
Index ¶
- type Config
- type Credentials
- type Store
- func (s *Store) Close() error
- func (s *Store) Create(ctx context.Context, name string, value []byte) error
- func (s *Store) Delete(ctx context.Context, name string) error
- func (s *Store) Get(ctx context.Context, name string) ([]byte, error)
- func (s *Store) List(ctx context.Context, prefix string, n int) ([]string, string, error)
- func (s *Store) Set(ctx context.Context, name string, value []byte) error
- func (s *Store) Status(ctx context.Context) (kes.KeyStoreState, error)
- func (s *Store) String() string
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Config ¶
type Config struct {
// Addr is the HTTP address of the AWS Secret
// Manager. In general, the address has the
// following form:
// secretsmanager.<region>.amazonaws.com
Addr string
// Region is the AWS region. Even though the Addr
// endpoint contains that information already, this
// field is mandatory.
Region string
// The KMSKeyID is the AWS-KMS key ID specifying the
// AWS-KMS key that is used to encrypt (and decrypt) the
// values stored at AWS Secrets Manager.
KMSKeyID string
// Login contains the AWS credentials (access/secret key).
Login Credentials
}
Config is a structure containing configuration options for connecting to the AWS SecretsManager.
type Credentials ¶
type Credentials struct {
AccessKey string // The AWS access key
SecretKey string // The AWS secret key
SessionToken string // The AWS session token
}
Credentials represents static AWS credentials: access key, secret key and a session token
type Store ¶ added in v0.23.0
type Store struct {
// contains filtered or unexported fields
}
Store is an AWS SecretsManager secret store.
func Connect ¶
Connect establishes and returns a Conn to a AWS SecretManager using the given config.
func (*Store) Create ¶ added in v0.23.0
Create stores the given key-value pair at the AWS SecretsManager if and only if it doesn't exists. If such an entry already exists it returns kes.ErrKeyExists.
If the SecretsManager.KMSKeyID is set AWS will use this key ID to encrypt the values. Otherwise, AWS will use the default key ID for encrypting secrets at the AWS SecretsManager.
func (*Store) Delete ¶ added in v0.23.0
Delete removes the key-value pair from the AWS SecretsManager, if it exists.
func (*Store) Get ¶ added in v0.23.0
Get returns the value associated with the given key. If no entry for key exists, it returns kes.ErrKeyNotFound.
func (*Store) List ¶ added in v0.23.0
List returns a new Iterator over the names of all stored keys. List returns the first n key names, that start with the given prefix, and the next prefix from which the listing should continue.
It returns all keys with the prefix if n < 0 and less than n names if n is greater than the number of keys with the prefix.
An empty prefix matches any key name. At the end of the listing or when there are no (more) keys starting with the prefix, the returned prefix is empty.
func (*Store) Set ¶ added in v0.23.0
Set stores the given key-value pair at the AWS SecretsManager if and only if it doesn't exists. If such an entry already exists it returns kes.ErrKeyExists.
If the SecretsManager.KMSKeyID is set AWS will use this key ID to encrypt the values. Otherwise, AWS will use the default key ID for encrypting secrets at the AWS SecretsManager.
Source Files