Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
View Source
var ( ErrGCPAlreadyExists = gcpErr.Code("already_exists") ErrGCPNotFound = gcpErr.Code("not_found") ErrGCPAccessDenied = gcpErr.Code("access_denied") ErrGCPInvalidArgument = gcpErr.Code("invalid_argument") ErrGCPUnauthenticated = gcpErr.Code("unauthenticated").Error("missing valid GCP authentication") )
Errors
Functions ¶
func HandleError ¶
Types ¶
type CredentialCreator ¶
type CredentialCreator struct {
// contains filtered or unexported fields
}
CredentialCreator is an implementation of the secrethub.Verifier and secrethub.Encrypter interface that can be used to create an GCP service account.
func NewCredentialCreator ¶
func NewCredentialCreator(serviceAccountEmail, keyResourceID string, gcpOptions ...option.ClientOption) (*CredentialCreator, map[string]string, error)
NewCredentialCreator returns a CredentialCreator that uses the provided GCP KMS key and Service Account Email to create a new credential. The GCP client is configured with the optionally provided option.ClientOption.
func (CredentialCreator) AddProof ¶
func (c CredentialCreator) AddProof(req *api.CreateCredentialRequest) error
func (CredentialCreator) Type ¶
func (c CredentialCreator) Type() api.CredentialType
func (CredentialCreator) Wrap ¶
func (c CredentialCreator) Wrap(plaintext []byte) (*api.EncryptedData, error)
type KMSDecrypter ¶
type KMSDecrypter struct {
// contains filtered or unexported fields
}
KMSDecrypter is an implementation of the secrethub.Decrypter interface that uses GCP KMS for decryption.
func NewKMSDecrypter ¶
func NewKMSDecrypter(options ...option.ClientOption) (*KMSDecrypter, error)
NewKMSDecrypter returns a new KMSDecrypter that uses the provided configuration to configure the GCP session.
func (KMSDecrypter) Unwrap ¶
func (d KMSDecrypter) Unwrap(ciphertext *api.EncryptedData) ([]byte, error)
Unwrap the provided ciphertext using GCP KMS.
Source Files
Click to show internal directories.
Click to hide internal directories.