awspca

package

v1.2.1 Latest Latest Go to latest Published: Mar 16, 2022 License: Apache-2.0 Imports: 26 Imported by: 1

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/spiffe/spire

Links

Open Source Insights

Documentation ¶

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func BuiltIn ¶

func BuiltIn() catalog.BuiltIn

Types ¶

type Configuration ¶ added in v1.0.0

type Configuration struct {
	Region                  string `hcl:"region" json:"region"`
	Endpoint                string `hcl:"endpoint" json:"endpoint"`
	CertificateAuthorityARN string `hcl:"certificate_authority_arn" json:"certificate_authority_arn"`
	SigningAlgorithm        string `hcl:"signing_algorithm" json:"signing_algorithm"`
	CASigningTemplateARN    string `hcl:"ca_signing_template_arn" json:"ca_signing_template_arn"`
	AssumeRoleARN           string `hcl:"assume_role_arn" json:"assume_role_arn"`
	SupplementalBundlePath  string `hcl:"supplemental_bundle_path" json:"supplemental_bundle_path"`
}

Configuration provides configuration context for the plugin

type PCAClient ¶

type PCAClient interface {
	DescribeCertificateAuthorityWithContext(aws.Context, *acmpca.DescribeCertificateAuthorityInput, ...request.Option) (*acmpca.DescribeCertificateAuthorityOutput, error)
	IssueCertificateWithContext(aws.Context, *acmpca.IssueCertificateInput, ...request.Option) (*acmpca.IssueCertificateOutput, error)
	WaitUntilCertificateIssuedWithContext(aws.Context, *acmpca.GetCertificateInput, ...request.WaiterOption) error
	GetCertificateWithContext(aws.Context, *acmpca.GetCertificateInput, ...request.Option) (*acmpca.GetCertificateOutput, error)
}

PCAClient provides an interface which can be mocked to test the functionality of the plugin.

type PCAPlugin ¶

type PCAPlugin struct {
	upstreamauthorityv1.UnsafeUpstreamAuthorityServer
	configv1.UnsafeConfigServer
	// contains filtered or unexported fields
}

PCAPlugin is the main representation of this upstreamauthority plugin

func New ¶

func New() *PCAPlugin

New returns an instantiated plugin

func (*PCAPlugin) Configure ¶

func (p *PCAPlugin) Configure(ctx context.Context, req *configv1.ConfigureRequest) (*configv1.ConfigureResponse, error)

Configure sets up the plugin for use as an upstream authority

func (*PCAPlugin) MintX509CAAndSubscribe ¶ added in v1.0.0

func (p *PCAPlugin) MintX509CAAndSubscribe(request *upstreamauthorityv1.MintX509CARequest, stream upstreamauthorityv1.UpstreamAuthority_MintX509CAAndSubscribeServer) error

MintX509CA mints an X509CA by submitting the CSR to ACM to be signed by the certificate authority

func (*PCAPlugin) PublishJWTKeyAndSubscribe ¶ added in v1.0.0

func (*PCAPlugin) PublishJWTKeyAndSubscribe(*upstreamauthorityv1.PublishJWTKeyRequest, upstreamauthorityv1.UpstreamAuthority_PublishJWTKeyAndSubscribeServer) error

PublishJWTKey is not implemented by the wrapper and returns a codes.Unimplemented status

func (*PCAPlugin) SetLogger ¶

func (p *PCAPlugin) SetLogger(log hclog.Logger)

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL