Documentation
¶
Index ¶
- Constants
- func Handler(props *vault.HandlerProperties) http.Handler
- func TestListener(tb testing.TB) (net.Listener, string)
- func TestServer(tb testing.TB, core *vault.Core) (net.Listener, string)
- func TestServerAuth(tb testing.TB, addr string, token string)
- func TestServerWithListener(tb testing.TB, ln net.Listener, addr string, core *vault.Core)
- func TestServerWithListenerAndProperties(tb testing.TB, ln net.Listener, addr string, core *vault.Core, ...)
- func WrapForwardedForHandler(h http.Handler, authorizedAddrs []*sockaddr.SockAddrMarshaler, ...) http.Handler
- type ErrorResponse
- type GenerateRootInitRequest
- type GenerateRootStatusResponse
- type GenerateRootUpdateRequest
- type HealthResponse
- type InitRequest
- type InitResponse
- type InitStatusResponse
- type LeaderResponse
- type RekeyRequest
- type RekeyStatusResponse
- type RekeyUpdateRequest
- type RekeyUpdateResponse
- type RekeyVerificationStatusResponse
- type RekeyVerificationUpdateRequest
- type RekeyVerificationUpdateResponse
- type SealStatusResponse
- type UIAssetWrapper
- type UnsealRequest
Constants ¶
View Source
const ( // WrapTTLHeaderName is the name of the header containing a directive to // wrap the response WrapTTLHeaderName = "X-Vault-Wrap-TTL" // WrapFormatHeaderName is the name of the header containing the format to // wrap in; has no effect if the wrap TTL is not set WrapFormatHeaderName = "X-Vault-Wrap-Format" // NoRequestForwardingHeaderName is the name of the header telling Vault // not to use request forwarding NoRequestForwardingHeaderName = "X-Vault-No-Request-Forwarding" // MFAHeaderName represents the HTTP header which carries the credentials // required to perform MFA on any path. MFAHeaderName = "X-Vault-MFA" // PolicyOverrideHeaderName is the header set to request overriding // soft-mandatory Sentinel policies. PolicyOverrideHeaderName = "X-Vault-Policy-Override" // DefaultMaxRequestSize is the default maximum accepted request size. This // is to prevent a denial of service attack where no Content-Length is // provided and the server is fed ever more data until it exhausts memory. // Can be overridden per listener. DefaultMaxRequestSize = 32 * 1024 * 1024 )
Variables ¶
This section is empty.
Functions ¶
func Handler ¶
func Handler(props *vault.HandlerProperties) http.Handler
Handler returns an http.Handler for the API. This can be used on its own to mount the Vault API within another web server.
func TestServerWithListener ¶
func TestServerWithListenerAndProperties ¶ added in v0.10.4
func WrapForwardedForHandler ¶ added in v0.10.1
Types ¶
type ErrorResponse ¶
type ErrorResponse struct {
Errors []string `json:"errors"`
}
type GenerateRootInitRequest ¶ added in v0.5.0
type GenerateRootStatusResponse ¶ added in v0.5.0
type GenerateRootStatusResponse struct {
Nonce string `json:"nonce"`
Started bool `json:"started"`
Progress int `json:"progress"`
Required int `json:"required"`
Complete bool `json:"complete"`
EncodedToken string `json:"encoded_token"`
EncodedRootToken string `json:"encoded_root_token"`
PGPFingerprint string `json:"pgp_fingerprint"`
OTP string `json:"otp"`
OTPLength int `json:"otp_length"`
}
type GenerateRootUpdateRequest ¶ added in v0.5.0
type HealthResponse ¶
type HealthResponse struct {
Initialized bool `json:"initialized"`
Sealed bool `json:"sealed"`
Standby bool `json:"standby"`
PerformanceStandby bool `json:"performance_standby"`
ReplicationPerformanceMode string `json:"replication_performance_mode"`
ReplicationDRMode string `json:"replication_dr_mode"`
ServerTimeUTC int64 `json:"server_time_utc"`
Version string `json:"version"`
ClusterName string `json:"cluster_name,omitempty"`
ClusterID string `json:"cluster_id,omitempty"`
LastWAL uint64 `json:"last_wal,omitempty"`
}
type InitRequest ¶
type InitResponse ¶
type InitStatusResponse ¶
type InitStatusResponse struct {
Initialized bool `json:"initialized"`
}
type LeaderResponse ¶
type LeaderResponse struct {
HAEnabled bool `json:"ha_enabled"`
IsSelf bool `json:"is_self"`
LeaderAddress string `json:"leader_address"`
LeaderClusterAddress string `json:"leader_cluster_address"`
PerfStandby bool `json:"performance_standby"`
PerfStandbyLastRemoteWAL uint64 `json:"performance_standby_last_remote_wal"`
LastWAL uint64 `json:"last_wal,omitempty"`
}
type RekeyRequest ¶ added in v0.2.0
type RekeyStatusResponse ¶ added in v0.2.0
type RekeyStatusResponse struct {
Nonce string `json:"nonce"`
Started bool `json:"started"`
T int `json:"t"`
N int `json:"n"`
Progress int `json:"progress"`
Required int `json:"required"`
PGPFingerprints []string `json:"pgp_fingerprints"`
Backup bool `json:"backup"`
VerificationRequired bool `json:"verification_required"`
VerificationNonce string `json:"verification_nonce,omitempty"`
}
type RekeyUpdateRequest ¶ added in v0.2.0
type RekeyUpdateResponse ¶ added in v0.2.0
type RekeyUpdateResponse struct {
Nonce string `json:"nonce"`
Complete bool `json:"complete"`
Keys []string `json:"keys"`
KeysB64 []string `json:"keys_base64"`
PGPFingerprints []string `json:"pgp_fingerprints"`
Backup bool `json:"backup"`
VerificationRequired bool `json:"verification_required"`
VerificationNonce string `json:"verification_nonce,omitempty"`
}
type RekeyVerificationStatusResponse ¶ added in v0.10.2
type RekeyVerificationUpdateRequest ¶ added in v0.10.2
type RekeyVerificationUpdateResponse ¶ added in v0.10.2
type SealStatusResponse ¶
type SealStatusResponse struct {
Type string `json:"type"`
Initialized bool `json:"initialized"`
Sealed bool `json:"sealed"`
T int `json:"t"`
N int `json:"n"`
Progress int `json:"progress"`
Nonce string `json:"nonce"`
Version string `json:"version"`
Migration bool `json:"migration"`
ClusterName string `json:"cluster_name,omitempty"`
ClusterID string `json:"cluster_id,omitempty"`
RecoverySeal bool `json:"recovery_seal"`
}
type UIAssetWrapper ¶ added in v0.10.0
type UIAssetWrapper struct {
FileSystem *assetfs.AssetFS
}
type UnsealRequest ¶
Note: because we didn't provide explicit tagging in the past we can't do it now because if it then no longer accepts capitalized versions it could break clients
Source Files
Click to show internal directories.
Click to hide internal directories.