secretsmanager

package
v2.42.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 10, 2025 License: Apache-2.0 Imports: 5 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type AccountSecret 

type AccountSecret struct {
	Account           string     `json:"account"`
	HostID            string     `json:"host_id"`
	RotationInitiated *time.Time `json:"rotation_initiate,omitempty"`
	LastRotated       *time.Time `json:"last_rotated,omitempty"`
	LastError         *time.Time `json:"last_error,omitempty"`
	LastErrorDetails  string     `json:"last_error_details"`
	InitialPassword   string     `json:"initial_password,omitempty"`
	Created           *time.Time `json:"created,omitempty"`
	CreatedBy         string     `json:"created_by"`
}

AccountSecret account secret definition.

type CompileScript 

type CompileScript struct {
	OperatingSystem string `json:"operating_system"`
	Script          string `json:"script"`
}

CompileScript compile script request definition.

type CompileScriptResponse 

type CompileScriptResponse struct {
	Script string `json:"script"`
}

CompileScriptResponse compile script response definition.

type HostSecret 

type HostSecret struct {
	HostID                           string     `json:"host_id"`
	AccessGroupID                    string     `json:"access_group_id"`
	Address                          string     `json:"address"`
	Port                             int        `json:"port"`
	OperatingSystem                  string     `json:"operating_system"`
	Protocol                         string     `json:"protocol"`
	CertificateValidationOptions     string     `json:"certificate_validation_options"`
	WinRMHostCertificateTrustAnchors string     `json:"winrm_host_certificate_trust_anchors"`
	UseMainAccount                   bool       `json:"use_main_account"`
	MainAccount                      string     `json:"main_account"`
	PolicyID                         string     `json:"policy_id"`
	ScriptTemplateID                 string     `json:"script_template_id"`
	Created                          *time.Time `json:"created,omitempty"`
	CreatedBy                        string     `json:"created_by"`
	Updated                          *time.Time `json:"updated,omitempty"`
	UpdatedBy                        string     `json:"updated_by"`
}

HostSecret host secret definition.

type HostSecretMetadata 

type HostSecretMetadata struct {
	Metadata HostSecret      `json:"metadata"`
	Accounts []AccountSecret `json:"accounts"`
}

HostSecretMetadata host secret metadata definition.

type IDList 

type IDList struct {
	IDs []string `json:"ids"`
}

IDList id list response definition.

type ManagedAccount 

type ManagedAccount struct {
	ID                 string                `json:"id"`
	Username           string                `json:"username"`
	Email              string                `json:"email,omitempty"`
	FullName           string                `json:"full_name,omitempty"`
	SamAccountName     string                `json:"sam_account_name,omitempty"`
	SourceID           string                `json:"source_id,omitempty"`
	SecurityID         string                `json:"security_id,omitempty"`
	AdditionalData     map[string]string     `json:"additional_data,omitempty"`
	TargetDomain       TargetDomainHandle    `json:"target_domain"`
	PasswordPolicy     *PasswordPolicyHandle `json:"password_policy,omitempty"`
	Enabled            bool                  `json:"enabled"`
	RotationEnabled    bool                  `json:"rotation_enabled"`
	ExplicitCheckout   bool                  `json:"explicit_checkout"`
	State              string                `json:"state"`
	Comment            string                `json:"comment,omitempty"`
	SecretName         string                `json:"secret_name,omitempty"`
	Locked             bool                  `json:"locked"`
	LockedTimestamp    *time.Time            `json:"locked_timestamp,omitempty"`
	RotationHistory    []SecretRotationEvent `json:"rotation_history,omitempty"`
	SecretCheckouts    []SecretCheckout      `json:"checkouts,omitempty"`
	Created            time.Time             `json:"created,omitempty"`
	Author             string                `json:"author,omitempty"`
	Updated            *time.Time            `json:"updated,omitempty"`
	UpdatedBy          string                `json:"updated_by,omitempty"`
	DisableRDPCertAuth bool                  `json:"disable_rdp_cert_auth"`
}

ManagedAccount managed account definition.

type ManagedAccountChangeSet 

type ManagedAccountChangeSet struct {
	Enabled            *bool                 `json:"enabled,omitempty"`
	RotationEnabled    *bool                 `json:"rotation_enabled,omitempty"`
	ExplicitCheckout   *bool                 `json:"explicit_checkout,omitempty"`
	DisableRDPCertAuth *bool                 `json:"disable_rdp_cert_auth,omitempty"`
	PasswordPolicy     *PasswordPolicyHandle `json:"password_policy,omitempty"`
	Comment            *string               `json:"comment,omitempty"`
}

ManagedAccountChangeSet manage account change set request definition.

type ManagedAccountCreateBatch 

type ManagedAccountCreateBatch struct {
	IDs  []string                 `json:"ids"`
	Data ManagedAccountCreateData `json:"data"`
}

ManagedAccountCreateBatch managed account create batch definition.

type ManagedAccountCreateData 

type ManagedAccountCreateData struct {
	Enabled            bool                 `json:"enabled"`
	RotationEnabled    bool                 `json:"rotation_enabled"`
	Rotate             bool                 `json:"rotate"`
	ExplicitCheckout   bool                 `json:"explicit_checkout"`
	DisableRDPCertAuth bool                 `json:"disable_rdp_cert_auth"`
	PasswordPolicy     PasswordPolicyHandle `json:"password_policy,omitempty"`
	Comment            string               `json:"comment,omitempty"`
}

ManagedAccountCreateData managed account batch create data definition.

type ManagedAccountDeleteBatch 

type ManagedAccountDeleteBatch struct {
	IDs []string `json:"ids"`
}

ManagedAccountDeleteBatch manage account batch delete request definition.

type ManagedAccountEditBatch 

type ManagedAccountEditBatch struct {
	IDs       []string                `json:"ids"`
	ChangeSet ManagedAccountChangeSet `json:"changes"`
}

type ManagedAccountPasswordSet 

type ManagedAccountPasswordSet struct {
	Password string `json:"password"`
}

ManagedAccountPasswordSet manage account password set request definition.

type ManagedAccountRotateBatch 

type ManagedAccountRotateBatch struct {
	IDs []string `json:"ids"`
}

type ManagedAccountsSearch 

type ManagedAccountsSearch struct {
	Keywords         string     `json:"keywords,omitempty"`
	Enabled          *bool      `json:"enabled,omitempty"`
	CreatedAfter     *time.Time `json:"created_after,omitempty"`
	CreatedBefore    *time.Time `json:"created_before,omitempty"`
	UpdatedAfter     *time.Time `json:"updated_after,omitempty"`
	UpdatedBefore    *time.Time `json:"updated_before,omitempty"`
	State            string     `json:"state,omitempty"`
	RotationEnabled  *bool      `json:"rotation_enabled,omitempty"`
	ExplicitCheckout *bool      `json:"explicit_checkout,omitempty"`
}

ManagedAccountsSearch managed account search request definition.

type PasswordPolicy 

type PasswordPolicy struct {
	ID                     string     `json:"id"`
	Name                   string     `json:"name"`
	RotationInterval       string     `json:"rotation_interval"`
	PasswordMinLength      int        `json:"password_min_length"`
	PasswordMaxLength      int        `json:"password_max_length" `
	UseSpecialCharacters   bool       `json:"use_special_characters"`
	UseLowercase           bool       `json:"use_lower_case"`
	UseUppercase           bool       `json:"use_upper_case"`
	UseNumbers             bool       `json:"use_numbers"`
	MaxVersions            int        `json:"max_versions"`
	NumberOfRetries        int        `json:"number_of_retries"`
	RetryInterval          string     `json:"retry_interval"`
	MaxConcurrentCheckouts int        `json:"max_concurrent_checkouts"`
	MaxCheckoutDuration    string     `json:"max_checkout_duration"`
	RotateOnRelease        bool       `json:"rotate_on_release"`
	VerifyAfterRotation    bool       `json:"verify_after_rotation"`
	Created                *time.Time `json:"created,omitempty"`
	CreatedBy              string     `json:"created_by"`
	Updated                *time.Time `json:"updated,omitempty"`
	UpdatedBy              string     `json:"updated_by"`
}

PasswordPolicy password policy definition.

type PasswordPolicyHandle 

type PasswordPolicyHandle struct {
	ID      string `json:"id,omitempty"`
	Name    string `json:"name,omitempty"`
	Deleted bool   `json:"deleted,omitempty"`
}

PasswordPolicyHandle password policy handle definition.

type ScannedAccount 

type ScannedAccount struct {
	ID             string             `json:"id"`
	Username       string             `json:"username"`
	Email          string             `json:"email"`
	FullName       string             `json:"full_name"`
	SourceID       string             `json:"source_id"`
	SecurityID     string             `json:"security_id"`
	AdditionalData map[string]string  `json:"additional_data"`
	TargetDomain   TargetDomainHandle `json:"target_domain"`
	State          string             `json:"state"`
	Ignored        bool               `json:"ignored"`
	Comment        string             `json:"comment"`
	Created        time.Time          `json:"created,omitempty"`
	Updated        time.Time          `json:"updated,omitempty"`
	UpdatedBy      string             `json:"updated_by,omitempty"`
}

ScannedAccount scanned account definition.

type ScannedAccountChangeSet 

type ScannedAccountChangeSet struct {
	Ignored *bool   `json:"ignored,omitempty"`
	Comment *string `json:"comment,omitempty"`
}

ScannedAccountChangeSet scanned account change set definition.

type ScannedAccountEditBatch 

type ScannedAccountEditBatch struct {
	IDs       []string                `json:"ids"`
	ChangeSet ScannedAccountChangeSet `json:"changes"`
}

ScannedAccountEditBatch scanned account edit batch request definition.

type ScannedAccountsSearch 

type ScannedAccountsSearch struct {
	Keywords      string     `json:"keywords,omitempty"`
	CreatedAfter  *time.Time `json:"created_after,omitempty"`
	CreatedBefore *time.Time `json:"created_before,omitempty"`
	UpdatedAfter  *time.Time `json:"updated_after,omitempty"`
	UpdatedBefore *time.Time `json:"updated_before,omitempty"`
	State         string     `json:"state,omitempty"`
	Ignored       *bool      `json:"ignored,omitempty"`
}

ScannedAccountsSearch scanned account search request definition.

type ScriptTemplate 

type ScriptTemplate struct {
	ID              string     `json:"id"`
	Name            string     `json:"name"`
	OperatingSystem string     `json:"operating_system"`
	Script          string     `json:"script"`
	Created         *time.Time `json:"created,omitempty"`
	CreatedBy       string     `json:"created_by"`
	Updated         *time.Time `json:"updated,omitempty"`
	UpdatedBy       string     `json:"updated_by"`
}

ScriptTemplate script template definition.

type SecretCheckout 

type SecretCheckout struct {
	ID               string          `json:"id"`
	Type             string          `json:"type"`
	UserID           string          `json:"user_id"`
	Expires          time.Time       `json:"expires"`
	Created          time.Time       `json:"created"`
	ExplicitCheckout bool            `json:"explicit_checkout"`
	Secrets          []SecretVersion `json:"secrets,omitempty"`
	Username         string          `json:"username"`
	Email            string          `json:"email,omitempty"`
	FullName         string          `json:"full_name,omitempty"`
	TargetDomainID   string          `json:"target_domain_id,omitempty"`
	ManagedAccountID string          `json:"managed_account_id,omitempty"`
	HostID           string          `json:"host_id,omitempty"`
	SecretName       string          `json:"secret_name,omitempty"`
	Meta             string          `json:"meta,omitempty"`
}

SecretCheckout secret checkout definition.

type SecretRotationEvent 

type SecretRotationEvent struct {
	Version int       `json:"version"`
	Rotated time.Time `json:"rotated"`
	Trigger string    `json:"trigger"`
	Status  string    `json:"status"`
}

SecretRotationEvent secret rotation event definition.

type SecretVersion 

type SecretVersion struct {
	Version int       `json:"version"`
	Secret  string    `json:"secret"`
	Created time.Time `json:"created"`
}

SecretVersion secret version definition.

type SecretsManager 

type SecretsManager struct {
	// contains filtered or unexported fields
}

SecretsManager is a secrets-manager client instance.

func New 

func New(api restapi.Connector) *SecretsManager

New secrets manager client constructor.

func (*SecretsManager) BatchCreateManagedAccount 

func (c *SecretsManager) BatchCreateManagedAccount(tdID string, create ManagedAccountCreateBatch) (IDList, error)

BatchCreateManagedAccount create a batch of managed accounts.

func (*SecretsManager) BatchDeleteManagedAccount 

func (c *SecretsManager) BatchDeleteManagedAccount(tdID string, delete ManagedAccountDeleteBatch) error

BatchDeleteManagedAccount delete a batch of managed accounts.

func (*SecretsManager) BatchRotateManagedAccount 

func (c *SecretsManager) BatchRotateManagedAccount(tdID string, rotate ManagedAccountRotateBatch) error

BatchRotateManagedAccount rotate a batch of managed accounts.

func (*SecretsManager) BatchUpdateManagedAccount 

func (c *SecretsManager) BatchUpdateManagedAccount(tdID string, change *ManagedAccountEditBatch) error

BatchUpdateManagedAccount update a batch of managed accounts.

func (*SecretsManager) BatchUpdateTargetDomain 

func (c *SecretsManager) BatchUpdateTargetDomain(tdID string, edit ScannedAccountEditBatch) error

BatchUpdateTargetDomain update target domain in batch.

func (*SecretsManager) CompileScript 

func (c *SecretsManager) CompileScript(compile CompileScript) (CompileScriptResponse, error)

CompileScript compile script with test data.

func (*SecretsManager) CreateHostSecret 

func (c *SecretsManager) CreateHostSecret(hostID string, secret *HostSecretMetadata) (*HostSecretMetadata, error)

CreateHostSecret create host secret.

func (*SecretsManager) CreateManagedAccount 

func (c *SecretsManager) CreateManagedAccount(tdID string, account *ManagedAccount) (response.Identifier, error)

CreateManagedAccount create a managed account.

func (*SecretsManager) CreatePasswordPolicy 

func (c *SecretsManager) CreatePasswordPolicy(policy *PasswordPolicy) (response.Identifier, error)

CreatePasswordPolicy create password policy.

func (*SecretsManager) CreateScriptTemplate 

func (c *SecretsManager) CreateScriptTemplate(template *ScriptTemplate) (response.Identifier, error)

CreateScriptTemplate create script template.

func (*SecretsManager) CreateTargetDomain 

func (c *SecretsManager) CreateTargetDomain(td *TargetDomain) (response.Identifier, error)

CreateTargetDomain create target domain.

func (*SecretsManager) DeleteHostSecret 

func (c *SecretsManager) DeleteHostSecret(hostID string) error

DeleteHostSecret delete host secret.

func (*SecretsManager) DeleteManagedAccount 

func (c *SecretsManager) DeleteManagedAccount(tdID, maID string) error

DeleteManagedAccount delete managed account.

func (*SecretsManager) DeletePasswordPolicy 

func (c *SecretsManager) DeletePasswordPolicy(policyID string) error

DeletePasswordPolicy delete password policy.

func (*SecretsManager) DeleteScriptTemplate 

func (c *SecretsManager) DeleteScriptTemplate(templateID string) error

DeleteScriptTemplate delete script template.

func (*SecretsManager) DeleteTargetDomain 

func (c *SecretsManager) DeleteTargetDomain(tdID string) error

DeleteTargetDomain delete target domain.

func (*SecretsManager) GetHostSecretMetadata 

func (c *SecretsManager) GetHostSecretMetadata(hostID string) (*HostSecretMetadata, error)

MARK: Manage Secrets GetHostSecretMetadata get host secret metadata for all accounts.

func (*SecretsManager) GetManagedAccount 

func (c *SecretsManager) GetManagedAccount(tdID, maID string) (*ManagedAccount, error)

GetManagedAccount get managed account in target domain by id.

func (*SecretsManager) GetManagedAccounts 

func (c *SecretsManager) GetManagedAccounts(tdID string, opts ...filters.Option) (*response.ResultSet[ManagedAccount], error)

MARK: Managed accounts GetManagedAccounts get managed accounts in a target domain.

func (*SecretsManager) GetPasswordPolicies 

func (c *SecretsManager) GetPasswordPolicies() (*response.ResultSet[PasswordPolicy], error)

MARK: Password Policies GetPasswordPolicies get password policies.

func (*SecretsManager) GetPasswordPolicy 

func (c *SecretsManager) GetPasswordPolicy(policyID string) (*PasswordPolicy, error)

GetPasswordPolicy get password policy by id.

func (*SecretsManager) GetScriptTemplate 

func (c *SecretsManager) GetScriptTemplate(templateID string) (*ScriptTemplate, error)

GetScriptTemplate get script template by id.

func (*SecretsManager) GetScriptTemplates 

func (c *SecretsManager) GetScriptTemplates() (*response.ResultSet[ScriptTemplate], error)

MARK: Manage Rotation Scripts GetScriptTemplates get script templates.

func (*SecretsManager) GetTargetDomain 

func (c *SecretsManager) GetTargetDomain(tdID string) (*TargetDomain, error)

GetTargetDomain get target domain by id.

func (*SecretsManager) GetTargetDomainAccount 

func (c *SecretsManager) GetTargetDomainAccount(tdID, accountID string) (*ScannedAccount, error)

GetTargetDomainAccount get target domain account by id.

func (*SecretsManager) GetTargetDomainAccounts 

func (c *SecretsManager) GetTargetDomainAccounts(tdID string, opts ...filters.Option) (*response.ResultSet[ScannedAccount], error)

MARK: Target domain accounts GetTargetDomainAccounts get accounts in target domain.

func (*SecretsManager) GetTargetDomains 

func (c *SecretsManager) GetTargetDomains(opts ...filters.Option) (*response.ResultSet[TargetDomain], error)

MARK: Target Domains GetTargetDomains get target domains.

func (*SecretsManager) RefreshTargetDomain 

func (c *SecretsManager) RefreshTargetDomain(tdID string) error

RefreshTargetDomain trigger target domain account scan.

func (*SecretsManager) ResolveTargetDomains 

func (s *SecretsManager) ResolveTargetDomains(tdNames []string) (TargetDomainsResolveResponse, error)

ResolveTargetDomains resolve target domain names to target domain IDs.

func (*SecretsManager) RotateManagedAccountPassword 

func (c *SecretsManager) RotateManagedAccountPassword(tdID, maID string) error

RotateManagedAccountPassword trigger managed account password rotation.

func (*SecretsManager) RotatePassword 

func (c *SecretsManager) RotatePassword(hostID, account string) error

MARK: Manage Passwords RotatePassword initiate password rotation.

func (*SecretsManager) SearchManagedAccounts 

func (c *SecretsManager) SearchManagedAccounts(tdID string, search ManagedAccountsSearch, opts ...filters.Option) (*response.ResultSet[ManagedAccount], error)

SearchManagedAccounts search managed accounts in a target domain.

func (*SecretsManager) SearchTargetDomain 

func (c *SecretsManager) SearchTargetDomain(search TargetDomainsSearch, opts ...filters.Option) (*response.ResultSet[TargetDomain], error)

SearchTargetDomain search target domains.

func (*SecretsManager) SearchTargetDomainAccounts 

func (c *SecretsManager) SearchTargetDomainAccounts(tdID string, search ScannedAccountsSearch, opts ...filters.Option) (*response.ResultSet[ScannedAccount], error)

SearchTargetDomainAccounts search accounts in target domain.

func (*SecretsManager) SetManagedAccountPassword 

func (c *SecretsManager) SetManagedAccountPassword(tdID, maID, password ManagedAccountPasswordSet) error

SetManagedAccountPassword set password for managed account.

func (*SecretsManager) Status 

func (c *SecretsManager) Status() (*response.ServiceStatus, error)

MARK: STATUS Status get secrets manager microservice status.

func (*SecretsManager) UpdatePasswordPolicy 

func (c *SecretsManager) UpdatePasswordPolicy(policyID string, policy *PasswordPolicy) error

UpdatePasswordPolicy update password policy.

func (*SecretsManager) UpdateScriptTemplate 

func (c *SecretsManager) UpdateScriptTemplate(templateID string, template *ScriptTemplate) error

UpdateScriptTemplate update script template.

func (*SecretsManager) UpdateTargetDomain 

func (c *SecretsManager) UpdateTargetDomain(tdID string, td *TargetDomain) error

UpdateTargetDomain update target domain.

func (*SecretsManager) UpdateTargetDomainAccount 

func (c *SecretsManager) UpdateTargetDomainAccount(tdID, accountID string, change ScannedAccountChangeSet) error

UpdateTargetDomainAccount update target domain account.

func (*SecretsManager) UpdateTargetManagedAccount 

func (c *SecretsManager) UpdateTargetManagedAccount(tdID, maID string, account *ManagedAccount) error

UpdateTargetManagedAccount update managed account.

type TargetDomain 

type TargetDomain struct {
	ID                   string                 `json:"id"`
	Name                 string                 `json:"name"`
	DomainName           string                 `json:"domain_name"`
	Enabled              bool                   `json:"enabled"`
	PeriodicScan         bool                   `json:"periodic_scan"`
	PeriodicScanInterval int                    `json:"periodic_scan_interval"`
	ScanStatus           string                 `json:"scan_status,omitempty"`
	ScanMessage          string                 `json:"scan_message,omitempty"`
	LastScanned          *time.Time             `json:"last_scanned,omitempty"`
	AutoOnboarding       bool                   `json:"auto_onboarding"`
	AutoOnboardingPolicy *PasswordPolicyHandle  `json:"auto_onboarding_policy,omitempty"`
	EndPoints            []TargetDomainEndpoint `json:"endpoints"`
	Comment              string                 `json:"comment"`
	Created              time.Time              `json:"created,omitempty"`
	Author               string                 `json:"author,omitempty"`
	Updated              time.Time              `json:"updated,omitempty"`
	UpdatedBy            string                 `json:"updated_by,omitempty"`
}

TargetDomain target domain definition.

type TargetDomainEndpoint 

type TargetDomainEndpoint struct {
	Type                    string            `json:"type"`
	ScanPriority            int               `json:"scan_priority"`
	RotationPriority        int               `json:"rotation_priority"`
	AttributeMapping        map[string]string `json:"attribute_mapping,omitempty"`
	LdapProtocol            string            `json:"ldap_protocol,omitempty"`
	LdapAddress             string            `json:"ldap_address,omitempty"`
	LdapPort                int               `json:"ldap_port,omitempty"`
	LdapBaseDN              string            `json:"ldap_base_dn,omitempty"`
	LdapBindDN              string            `json:"ldap_bind_dn,omitempty"`
	LdapBindPassword        string            `json:"ldap_bind_password,omitempty"`
	LdapUserFilter          string            `json:"ldap_user_filter,omitempty"`
	LdapRootCertificates    string            `json:"ldap_root_certificates,omitempty"`
	LdapSkipStrictCertCheck bool              `json:"ldap_skip_strict_cert_check,omitempty"`
	EntraBaseUrl            string            `json:"entra_base_url,omitempty"`
	EntraTenantID           string            `json:"entra_tenant_id,omitempty"`
	EntraClientID           string            `json:"entra_client_id,omitempty"`
	EntraClientSecret       string            `json:"entra_client_secret,omitempty"`
	EntraBatchSize          int               `json:"entra_batch_size,omitempty"`
	EntraPageSize           int               `json:"entra_page_size,omitempty"`
	EntraGroupFilter        []string          `json:"entra_group_filter,omitempty"`
}

TargetDomainEndpoint target domain endpoint definition.

type TargetDomainHandle 

type TargetDomainHandle struct {
	ID      string `json:"id"`
	Name    string `json:"name,omitempty"`
	Deleted bool   `json:"deleted,omitempty"`
}

TargetDomainHandle target domain handle definition.

type TargetDomainsResolve 

type TargetDomainsResolve struct {
	ID               string `json:"id"`
	TargetDomainName string `json:"target_domain_name"`
}

type TargetDomainsResolveResponse 

type TargetDomainsResolveResponse struct {
	Count int                    `json:"count"`
	Items []TargetDomainsResolve `json:"items"`
}

type TargetDomainsSearch 

type TargetDomainsSearch struct {
	Keywords       string `json:"keywords,omitempty"`
	Enabled        *bool  `json:"enabled,omitempty"`
	PeriodicScan   *bool  `json:"periodic_scan,omitempty"`
	AutoOnboarding *bool  `json:"auto_onboarding,omitempty"`
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.