Documentation
¶
Index ¶
- Variables
- func AuthenticateClient(ctx context.Context, client *vault.Client, clientAuth ClientAuth) (*vault.Secret, error)
- func NewAuthenticatedClient(ctx context.Context, vaultSettings *v1.Settings_VaultSecrets, ...) (*vault.Client, error)
- func NewUnauthenticatedClient(vaultSettings *v1.Settings_VaultSecrets) (*vault.Client, error)
- type ClientAuth
- type RemoteTokenAuth
- type StaticTokenAuth
Constants ¶
This section is empty.
Variables ¶
View Source
var ( ErrEmptyToken = errors.New("unable to authenticate to vault with empty token") ErrNoAuthInfo = errors.New("no auth info was returned after login") ErrVaultAuthentication = func(err error) error { return errors.Wrap(err, "unable to authenticate to vault") } ErrPartialCredentials = func(err error) error { return eris.Wrap(err, "only partial credentials were provided for AWS IAM auth: ") } ErrAccessKeyId = errors.New("access key id must be defined for AWS IAM auth") ErrSecretAccessKey = errors.New("secret access key must be defined for AWS IAM auth") )
View Source
var ( MLastLoginSuccess = utils.Int64Measure("gloo.solo.io/vault/last_login_success", "Timestamp of last successful authentication of vault") MLastLoginSuccessView = utils.ViewForCounter(MLastLoginSuccess, view.LastValue()) MLastLoginFailure = utils.Int64Measure("gloo.solo.io/vault/last_login_failure", "Timestamp of last failed authentication of vault") MLastLoginFailureView = utils.ViewForCounter(MLastLoginFailure, view.LastValue()) MLoginSuccesses = utils.Int64Measure("gloo.solo.io/vault/login_successes", "Number of successful authentications of vault") MLoginSuccessesView = utils.ViewForCounter(MLoginSuccesses, view.Sum()) MLoginFailures = utils.Int64Measure("gloo.solo.io/vault/login_failures", "Number of failed authentications of vault") MLoginFailuresView = utils.ViewForCounter(MLoginFailures, view.Sum()) )
Functions ¶
func AuthenticateClient ¶
func AuthenticateClient(ctx context.Context, client *vault.Client, clientAuth ClientAuth) (*vault.Secret, error)
AuthenticateClient authenticates the provided vault client with the provided clientAuth.
func NewAuthenticatedClient ¶
func NewAuthenticatedClient(ctx context.Context, vaultSettings *v1.Settings_VaultSecrets, clientAuth ClientAuth) (*vault.Client, error)
NewAuthenticatedClient returns a vault client that has been authenticated with the provided settings, or an error if construction or authentication fails.
func NewUnauthenticatedClient ¶
func NewUnauthenticatedClient(vaultSettings *v1.Settings_VaultSecrets) (*vault.Client, error)
NewUnauthenticatedClient returns a vault client that has not yet been authenticated
Types ¶
type ClientAuth ¶
type ClientAuth interface {
vault.AuthMethod
}
func ClientAuthFactory ¶
func ClientAuthFactory(vaultSettings *v1.Settings_VaultSecrets) (ClientAuth, error)
ClientAuthFactory returns a vault ClientAuth based on the provided settings.
func NewRemoteTokenAuth ¶
func NewRemoteTokenAuth(authMethod vault.AuthMethod, retryOptions ...retry.Option) ClientAuth
NewRemoteTokenAuth is a constructor for RemoteTokenAuth
func NewStaticTokenAuth ¶
func NewStaticTokenAuth(token string) ClientAuth
NewStaticTokenAuth is a constructor for StaticTokenAuth
type RemoteTokenAuth ¶
type RemoteTokenAuth struct {
// contains filtered or unexported fields
}
type StaticTokenAuth ¶
type StaticTokenAuth struct {
// contains filtered or unexported fields
}
func (*StaticTokenAuth) GetToken ¶
func (s *StaticTokenAuth) GetToken() string
GetToken returns the value of the token field
Source Files
Directories
Click to show internal directories.
Click to hide internal directories.