legacy

package
v4.2.13-dev.1+incompat... Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: May 6, 2021 License: Apache-2.0 Imports: 6 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type CertAuthoritySpecV2

type CertAuthoritySpecV2 struct {
	// Type is either user or host certificate authority
	Type services.CertAuthType `json:"type"`
	// DELETE IN(2.7.0) this field is deprecated,
	// as resource name matches cluster name after migrations.
	// and this property is enforced by the auth server code.
	// ClusterName identifies cluster name this authority serves,
	// for host authorities that means base hostname of all servers,
	// for user authorities that means organization name
	ClusterName string `json:"cluster_name"`
	// Checkers is a list of SSH public keys that can be used to check
	// certificate signatures
	CheckingKeys [][]byte `json:"checking_keys"`
	// SigningKeys is a list of private keys used for signing
	SigningKeys [][]byte `json:"signing_keys,omitempty"`
	// Roles is a list of roles assumed by users signed by this CA
	Roles []string `json:"roles,omitempty"`
	// RoleMap specifies role mappings to remote roles
	RoleMap RoleMap `json:"role_map,omitempty"`
	// TLS is a list of TLS key pairs
	TLSKeyPairs []TLSKeyPair `json:"tls_key_pairs,omitempty"`
	// Rotation is a status of the certificate authority rotation
	Rotation *Rotation `json:"rotation,omitempty"`
}

CertAuthoritySpecV2 is a host or user certificate authority that can check and if it has private key stored as well, sign it too

type CertAuthorityV1

type CertAuthorityV1 struct {
	// Type is either user or host certificate authority
	Type services.CertAuthType `json:"type"`
	// DomainName identifies domain name this authority serves,
	// for host authorities that means base hostname of all servers,
	// for user authorities that means organization name
	DomainName string `json:"domain_name"`
	// Checkers is a list of SSH public keys that can be used to check
	// certificate signatures
	CheckingKeys [][]byte `json:"checking_keys"`
	// SigningKeys is a list of private keys used for signing
	SigningKeys [][]byte `json:"signing_keys"`
	// AllowedLogins is a list of allowed logins for users within
	// this certificate authority
	AllowedLogins []string `json:"allowed_logins"`
}

CertAuthorityV1 is a host or user certificate authority that can check and if it has private key stored as well, sign it too

type CertAuthorityV2

type CertAuthorityV2 struct {
	// Kind is a resource kind
	Kind string `json:"kind"`
	// Version is version
	Version string `json:"version"`
	// Metadata is connector metadata
	Metadata Metadata `json:"metadata"`
	// Spec contains cert authority specification
	Spec CertAuthoritySpecV2 `json:"spec"`
	// contains filtered or unexported fields
}

CertAuthorityV2 is version 2 resource spec for Cert Authority

type CommandLabelV2

type CommandLabelV2 struct {
	// Period is a time between command runs
	Period Duration `json:"period"`
	// Command is a command to run
	Command []string `json:"command"` //["/usr/bin/hostname", "--long"]
	// Result captures standard output
	Result string `json:"result"`
}

CommandLabelV2 is a label that has a value as a result of the output generated by running command, e.g. hostname

type Duration

type Duration struct {
	time.Duration
}

Duration is a wrapper around duration to set up custom marshal/unmarshal

func NewDuration

func NewDuration(d time.Duration) Duration

NewDuration returns Duration struct based on time.Duration

func (Duration) MarshalJSON

func (d Duration) MarshalJSON() ([]byte, error)

MarshalJSON marshals Duration to string

func (Duration) MarshalYAML

func (d Duration) MarshalYAML() (interface{}, error)

MarshalYAML marshals duration into YAML value, encodes it as a string in format "1m"

func (*Duration) UnmarshalJSON

func (d *Duration) UnmarshalJSON(data []byte) error

UnmarshalJSON marshals Duration to string

func (*Duration) UnmarshalYAML

func (d *Duration) UnmarshalYAML(unmarshal func(interface{}) error) error

func (Duration) Value

func (d Duration) Value() time.Duration

Value returns time.Duration value of this wrapper

type Metadata

type Metadata struct {
	// Name is an object name
	Name string `json:"name"`
	// Namespace is object namespace. The field should be called "namespace"
	// when it returns in Teleport 2.4.
	Namespace string `json:"-"`
	// Description is object description
	Description string `json:"description,omitempty"`
	// Labels is a set of labels
	Labels map[string]string `json:"labels,omitempty"`
	// Expires is a global expiry time header can be set on any resource in the system.
	Expires *time.Time `json:"expires,omitempty"`
}

Metadata is resource metadata

type RoleMap

type RoleMap []RoleMapping

RoleMap is a list of mappings

type RoleMapping

type RoleMapping struct {
	// Remote specifies remote role name to map from
	Remote string `json:"remote"`
	// Local specifies local roles to map to
	Local []string `json:"local"`
}

RoleMappping provides mapping of remote roles to local roles for trusted clusters

type Rotation

type Rotation struct {
	// State could be one of "init" or "in_progress".
	State string `json:"state,omitempty"`
	// Phase is the current rotation phase.
	Phase string `json:"phase,omitempty"`
	// Mode sets manual or automatic rotation mode.
	Mode string `json:"mode,omitempty"`
	// CurrentID is the ID of the rotation operation
	// to differentiate between rotation attempts.
	CurrentID string `json:"current_id"`
	// Started is set to the time when rotation has been started
	// in case if the state of the rotation is "in_progress".
	Started time.Time `json:"started,omitempty"`
	// GracePeriod is a period during which old and new CA
	// are valid for checking purposes, but only new CA is issuing certificates.
	GracePeriod Duration `json:"grace_period,omitempty"`
	// LastRotated specifies the last time of the completed rotation.
	LastRotated time.Time `json:"last_rotated,omitempty"`
	// Schedule is a rotation schedule - used in
	// automatic mode to switch beetween phases.
	Schedule RotationSchedule `json:"schedule,omitempty"`
}

Rotation is a status of the rotation of the certificate authority

type RotationSchedule

type RotationSchedule struct {
	// UpdateClients specifies time to switch to the "Update clients" phase
	UpdateClients time.Time `json:"update_clients,omitempty"`
	// UpdateServers specifies time to switch to the "Update servers" phase.
	UpdateServers time.Time `json:"update_servers,omitempty"`
	// Standby specifies time to switch to the "Standby" phase.
	Standby time.Time `json:"standby,omitempty"`
}

RotationSchedule is a rotation schedule setting time switches for different phases.

type ServerSpecV2

type ServerSpecV2 struct {
	// Addr is server host:port address
	Addr string `json:"addr"`
	// PublicAddr is the public address this cluster can be reached at.
	PublicAddr string `json:"public_addr,omitempty"`
	// Hostname is server hostname
	Hostname string `json:"hostname"`
	// CmdLabels is server dynamic labels
	CmdLabels map[string]CommandLabelV2 `json:"cmd_labels,omitempty"`
	// Rotation specifies server rotatoin status
	Rotation Rotation `json:"rotation,omitempty"`
}

ServerSpecV2 is a specification for V2 Server

type ServerV2

type ServerV2 struct {
	// Kind is a resource kind
	Kind string `json:"kind"`
	// Version is version
	Version string `json:"version"`
	// Metadata is User metadata
	Metadata Metadata `json:"metadata"`
	// Spec contains user specification
	Spec ServerSpecV2 `json:"spec"`
}

ServerV2 is version1 resource spec of the server

type TLSKeyPair

type TLSKeyPair struct {
	// Cert is a PEM encoded TLS cert
	Cert []byte `json:"cert,omitempty"`
	// Key is a PEM encoded TLS key
	Key []byte `json:"key,omitempty"`
}

TLSKeyPair is a TLS key pair

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL