Documentation
¶
Index ¶
- type AzureKeyVaultCredentials
- func NewAzureKeyVaultCredentialsFromClient(clientID, clientSecret, tenantID string) (*AzureKeyVaultCredentials, error)
- func NewAzureKeyVaultCredentialsFromCloudConfig(cloudConfigPath string) (*AzureKeyVaultCredentials, error)
- func NewAzureKeyVaultCredentialsFromEnvironment() (*AzureKeyVaultCredentials, error)
- type Certificate
- type CertificateKeyType
- type Service
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type AzureKeyVaultCredentials ¶
type AzureKeyVaultCredentials struct {
// contains filtered or unexported fields
}
AzureKeyVaultCredentials for service principal
func NewAzureKeyVaultCredentialsFromClient ¶
func NewAzureKeyVaultCredentialsFromClient(clientID, clientSecret, tenantID string) (*AzureKeyVaultCredentials, error)
NewAzureKeyVaultCredentialsFromClient creates a credentials object from a servbice principal to use with Azure Key Vault
func NewAzureKeyVaultCredentialsFromCloudConfig ¶
func NewAzureKeyVaultCredentialsFromCloudConfig(cloudConfigPath string) (*AzureKeyVaultCredentials, error)
NewAzureKeyVaultCredentialsFromCloudConfig gets a credentials object from cloud config to use with Azure Key Vault
func NewAzureKeyVaultCredentialsFromEnvironment ¶
func NewAzureKeyVaultCredentialsFromEnvironment() (*AzureKeyVaultCredentials, error)
NewAzureKeyVaultCredentialsFromEnvironment creates a credentials object based on available environment settings to use with Azure Key Vault
func (AzureKeyVaultCredentials) Authorizer ¶
func (c AzureKeyVaultCredentials) Authorizer() (autorest.Authorizer, error)
Authorizer gets an Authorizer from credentials
type Certificate ¶
type Certificate struct {
// Has the complete certificate with both public and private keys, if both exists
Certificates []*x509.Certificate
PrivateKeyRaw []byte
PrivateKeyRsa *rsa.PrivateKey
PrivateKeyEcdsa *ecdsa.PrivateKey
PrivateKeyType CertificateKeyType
// Indicate if Certificate has private key
HasPrivateKey bool
// contains filtered or unexported fields
}
Certificate handles data on Certificates from Azure Key Vault
func NewCertificateFromDer ¶
func NewCertificateFromDer(der []byte) (*Certificate, error)
NewCertificateFromDer creates a new Certificate from a public cer key
func NewCertificateFromPem ¶
func NewCertificateFromPem(pem string) (*Certificate, error)
NewCertificateFromPem creates a new Certificate from a base64 encoded pem string
func NewCertificateFromPfx ¶
func NewCertificateFromPfx(pfx []byte) (*Certificate, error)
NewCertificateFromPfx creates a new Certificate from a PFX certificate
func (*Certificate) ExportPrivateKeyAsPem ¶
func (cert *Certificate) ExportPrivateKeyAsPem() ([]byte, error)
ExportPrivateKeyAsPem returns a pem formatted certificate
func (*Certificate) ExportPublicKeyAsPem ¶
func (cert *Certificate) ExportPublicKeyAsPem() ([]byte, error)
ExportPublicKeyAsPem returns a pem formatted certificate
func (*Certificate) ExportRaw ¶
func (cert *Certificate) ExportRaw() []byte
ExportRaw returns the raw format of the original certificate
type CertificateKeyType ¶
type CertificateKeyType string
CertificateKeyType contains the private key type
const ( // CertificateKeyTypeRsa represents private key type RSA CertificateKeyTypeRsa CertificateKeyType = "rsa" // CertificateKeyTypeEcdsa represents private key type ECDSA CertificateKeyTypeEcdsa = "ecdsa" )
type Service ¶
type Service interface {
GetSecret(secret *akvsv1alpha1.AzureKeyVault) (string, error)
GetKey(secret *akvsv1alpha1.AzureKeyVault) (string, error)
GetCertificate(secret *akvsv1alpha1.AzureKeyVault, exportPrivateKey bool) (*Certificate, error)
}
Service is an interface for implementing vaults
func NewService ¶
func NewService(credentials *AzureKeyVaultCredentials) Service
NewService creates a new AzureKeyVaultService using crednetials found in cloud config
Source Files