engine

package

v0.3.0 Latest Latest Go to latest Published: Jan 10, 2020 License: Apache-2.0 Imports: 19 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/kubevault/operator

Documentation ¶

Index ¶

Constants
func GetSecretEnginePath(engine *api.SecretEngine) string
type EngineInterface
type KubernetesAuthRole
- func GetVaultRoleInfo(appClient appcat_cs.AppcatalogV1alpha1Interface, vClient *vaultapi.Client, ...) (*KubernetesAuthRole, string, error)
type RoleData
type SecretEngine
- func NewSecretEngine(kClient kubernetes.Interface, appClient appcat_cs.AppcatalogV1alpha1Interface, ...) (*SecretEngine, error)

Constants ¶

View Source

const SecretEnginePolicyAWS = `` /* 311-byte string literal not displayed */

AWS secret engine policies

View Source

const SecretEnginePolicyAzure = `` /* 238-byte string literal not displayed */

Azure secret engine policies

View Source

const SecretEnginePolicyDatabase = `` /* 240-byte string literal not displayed */

Database secret engine policies

View Source

const SecretEnginePolicyGCP = `` /* 311-byte string literal not displayed */

GCP secret engine policies

Variables ¶

This section is empty.

Functions ¶

func GetSecretEnginePath ¶

func GetSecretEnginePath(engine *api.SecretEngine) string

Types ¶

type EngineInterface ¶

type EngineInterface interface {
	CreatePolicy() error
	UpdateAuthRole() error
	IsSecretEngineEnabled() (bool, error)
	EnableSecretEngine() error
	CreateConfig() error
}

type KubernetesAuthRole ¶

type KubernetesAuthRole struct {
	Data RoleData `json:"data"`
}

func GetVaultRoleInfo ¶

func GetVaultRoleInfo(appClient appcat_cs.AppcatalogV1alpha1Interface, vClient *vaultapi.Client, secretEngine *api.SecretEngine) (*KubernetesAuthRole, string, error)

type RoleData ¶

type RoleData struct {
	BoundServiceAccountNames      []string    `json:"bound_service_account_names"`
	BoundServiceAccountNamespaces []string    `json:"bound_service_account_namespaces"`
	TokenTtl                      json.Number `json:"token_ttl"`
	TokenMaxTtl                   json.Number `json:"token_max_ttl"`
	TokenPolicies                 []string    `json:"token_policies"`
	TokenBoundCidrs               []string    `json:"token_bound_cidrs"`
	TokenExplicitMaxTtl           json.Number `json:"token_explicit_max_ttl"`
	TokenNoDefaultPolicy          bool        `json:"token_no_default_policy"`
	TokenNumUses                  json.Number `json:"token_num_uses"`
	TokenPeriod                   json.Number `json:"token_period"`
	TokenType                     string      `json:"token_type"`
}

type SecretEngine ¶

type SecretEngine struct {
	// contains filtered or unexported fields
}

func NewSecretEngine ¶

func NewSecretEngine(kClient kubernetes.Interface, appClient appcat_cs.AppcatalogV1alpha1Interface, engine *api.SecretEngine) (*SecretEngine, error)

func (*SecretEngine) CreateAWSConfig ¶

func (seClient *SecretEngine) CreateAWSConfig() error

Configures AWS secret engine at specified path

func (*SecretEngine) CreateAzureConfig ¶

func (seClient *SecretEngine) CreateAzureConfig() error

Configures Azure secret engine at specified path

func (*SecretEngine) CreateConfig ¶

func (seClient *SecretEngine) CreateConfig() error

func (*SecretEngine) CreateGCPConfig ¶

func (seClient *SecretEngine) CreateGCPConfig() error

Configures GCP secret engine at specified path

func (*SecretEngine) CreateMongoDBConfig ¶

func (seClient *SecretEngine) CreateMongoDBConfig() error

https://www.vaultproject.io/api/secret/databases/index.html#configure-connection https://www.vaultproject.io/api/secret/databases/mongodb.html#configure-connection

CreateMongoDBConfig creates MongoDB database configuration

func (*SecretEngine) CreateMySQLConfig ¶

func (seClient *SecretEngine) CreateMySQLConfig() error

https://www.vaultproject.io/api/secret/databases/index.html#configure-connection https:https://www.vaultproject.io/api/secret/databases/mysql-maria.html#configure-connection

CreateMySQLConfig creates MySQL database configuration

func (*SecretEngine) CreatePolicy ¶

func (seClient *SecretEngine) CreatePolicy() error

func (*SecretEngine) CreatePostgresConfig ¶

func (seClient *SecretEngine) CreatePostgresConfig() error

https://www.vaultproject.io/api/secret/databases/index.html#configure-connection https://www.vaultproject.io/api/secret/databases/postgresql.html#configure-connection

CreatePostgresConfig creates database configuration

func (*SecretEngine) DeletePolicyAndUpdateRole ¶

func (seClient *SecretEngine) DeletePolicyAndUpdateRole() error

func (*SecretEngine) DisableSecretEngine ¶

func (seClient *SecretEngine) DisableSecretEngine() error

func (*SecretEngine) EnableSecretEngine ¶

func (seClient *SecretEngine) EnableSecretEngine() error

It enables secret engine It first checks whether secret engine is enabled or not

func (*SecretEngine) IsSecretEngineEnabled ¶

func (seClient *SecretEngine) IsSecretEngineEnabled() (bool, error)

checks whether SecretEngine is enabled or not

func (*SecretEngine) UpdateAuthRole ¶

func (seClient *SecretEngine) UpdateAuthRole() error

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL