Documentation ¶
Index ¶
- Constants
- Variables
- func DecryptKMSSecret(ctx context.Context, svc KMSAPI, ciphertext string) (string, error)
- func GetSSMSecret(k string, v []byte) (string, error)
- func GetSSMSecretWithLabels(ctx context.Context, svc SSMAPI, name string, cred SSM) (string, error)
- type KMS
- type KMSAPI
- type SSM
- type SSMAPI
Constants ¶
View Source
const (
// KMSIdentifier is the magic string identifying a KMS secret stanza
KMSIdentifier = "$kms"
)
View Source
const (
// SSMIdentifier is the magic string identifying an SSM secret stanza
SSMIdentifier = "$ssm"
)
Variables ¶
View Source
var ( // ErrKMSMissingRegion is a typed error if a KMS stanza is missing a region ErrKMSMissingRegion = errors.New("KMS credential is missing the region key") )
View Source
var ( // ErrSSMMissingRegion is a typed error if a SSM stanza is missing a region ErrSSMMissingRegion = errors.New("SSM credential is missing the region key") )
Functions ¶
func DecryptKMSSecret ¶ added in v0.8.3
DecryptKMSSecret decrypts a KMS encrypted secret
func GetSSMSecret ¶
GetSSMSecret parses all properties looking for an $ssm key. When found, it gets the ssm parameter store secret and writes the key and secret to GetSSMSessionthe kv store.
Types ¶
type KMS ¶ added in v0.8.3
type KMS struct { KMS struct { Region string `mapstructure:"region"` Encrypted string `mapstructure:"encrypted"` } `mapstructure:"$kms"` }
KMS is a plain-old-Go-object for carrying structured KMS stanzas in CPS props
type KMSAPI ¶ added in v0.8.3
KMSAPI is a local wrapper over aws-sdk-go's KMS API
func GetKMSSession ¶ added in v0.8.3
GetKMSSession gets a regional KMS session
type SSM ¶ added in v0.8.3
type SSM struct { SSM struct { Service string `mapstructure:"service"` Region string `mapstructure:"region"` Label string `mapstructure:"label"` Encrypted string `mapstructure:"encrypted"` } `mapstructure:"$ssm"` }
SSM is a plain-old-Go-object for carrying structured SSM stanzas in CPS props
Click to show internal directories.
Click to hide internal directories.