Documentation ¶
Index ¶
- Constants
- Variables
- type ChangeEvent
- type ChangeEventType
- type RawSecret
- type SSMStore
- func (s *SSMStore) Delete(id SecretId) error
- func (s *SSMStore) History(id SecretId) ([]ChangeEvent, error)
- func (s *SSMStore) KMSKey() string
- func (s *SSMStore) List(service string, includeValues bool) ([]Secret, error)
- func (s *SSMStore) ListRaw(service string) ([]RawSecret, error)
- func (s *SSMStore) Read(id SecretId, version int) (Secret, error)
- func (s *SSMStore) Write(id SecretId, value string) error
- type Secret
- type SecretId
- type SecretMetadata
- type Store
Constants ¶
View Source
const (
// DefaultKeyID is the default alias for the KMS key used to encrypt/decrypt secrets
DefaultKeyID = "alias/parameter_store_key"
)
Variables ¶
View Source
var ( // ErrSecretNotFound is returned if the specified secret is not found in the // parameter store ErrSecretNotFound = errors.New("secret not found") )
Functions ¶
This section is empty.
Types ¶
type ChangeEvent ¶
type ChangeEvent struct { Type ChangeEventType Time time.Time User string Version int }
type ChangeEventType ¶
type ChangeEventType int
const ( Created ChangeEventType = iota Updated )
func (ChangeEventType) String ¶
func (c ChangeEventType) String() string
type SSMStore ¶
type SSMStore struct {
// contains filtered or unexported fields
}
SSMStore implements the Store interface for storing secrets in SSM Parameter Store
func (*SSMStore) Delete ¶ added in v1.11.0
Delete removes a secret from the parameter store. Note this removes all versions of the secret.
func (*SSMStore) History ¶
func (s *SSMStore) History(id SecretId) ([]ChangeEvent, error)
History returns a list of events that have occured regarding the given secret.
func (*SSMStore) List ¶
List lists all secrets for a given service. If includeValues is true, then those secrets are decrypted and returned, otherwise only the metadata about a secret is returned.
func (*SSMStore) ListRaw ¶ added in v1.17.0
ListRaw lists all secrets keys and values for a given service. Does not include any other meta-data. Uses faster AWS APIs with much higher rate-limits. Suitable for use in production environments.
type Secret ¶
type Secret struct { Value *string Meta SecretMetadata }
type SecretMetadata ¶
Click to show internal directories.
Click to hide internal directories.