secretsmanager

package
v1.36.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Sep 3, 2024 License: Apache-2.0 Imports: 4 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Client 

type Client struct {
	// contains filtered or unexported fields
}

Client is a secrets-manager client instance.

func New 

func New(api restapi.Connector) *Client

New creates a new secrets-manager client instance

func (*Client) BatchCreateManagedAccount 

func (s *Client) BatchCreateManagedAccount(tdId string, ma ManagedAccountCreateBatch) ([]string, error)

BatchCreateManagedAccount create a batch of managed accounts

func (*Client) BatchDeleteManagedAccount 

func (s *Client) BatchDeleteManagedAccount(tdId string, delete ManagedAccountBatch) error

BatchDeleteManagedAccount delete a batch of managed accounts

func (*Client) BatchRotateManagedAccount 

func (s *Client) BatchRotateManagedAccount(tdId string, rotate ManagedAccountBatch) error

BatchRotateManagedAccount rotate a batch of managed accounts

func (*Client) BatchUpdateManagedAccount 

func (s *Client) BatchUpdateManagedAccount(tdId string, change ManagedAccountChangeSet) error

BatchUpdateManagedAccount update a batch of managed accounts

func (*Client) BatchUpdateTargetDomain 

func (s *Client) BatchUpdateTargetDomain(tdId string, change ScannedAccountEditBatch) error

BatchUpdateTargetDomain update target domain in batch

func (*Client) CompileScript 

func (s *Client) CompileScript(r CompileScriptRequest) (string, error)

CompileScript compile script with test data

func (*Client) CreateManagedAccount 

func (s *Client) CreateManagedAccount(tdId string, ma ManagedAccount) (string, error)

CreateManagedAccount create a managed account

func (*Client) CreatePasswordPolicy 

func (s *Client) CreatePasswordPolicy(p PasswordPolicy) (string, error)

CreatePasswordPolicy create a password policy

func (*Client) CreateScriptTemplate 

func (s *Client) CreateScriptTemplate(t ScriptTemplate) (string, error)

CreateScriptTemplate create a script template

func (*Client) CreateTargetDomain 

func (s *Client) CreateTargetDomain(td TargetDomain) (string, error)

CreateTargetDomain create a target domain

func (*Client) DeleteManagedAccount 

func (s *Client) DeleteManagedAccount(tdId, maId string) error

DeleteManagedAccount delete managed account

func (*Client) DeletePasswordPolicy 

func (s *Client) DeletePasswordPolicy(policyId string) error

DeletePasswordPolicy delete a password policy

func (*Client) DeleteScriptTemplate 

func (s *Client) DeleteScriptTemplate(templateId string) error

DeleteScriptTemplate delete a script template

func (*Client) DeleteTargetDomain 

func (s *Client) DeleteTargetDomain(tdId string) error

DeleteTargetDomain delete a target domain

func (*Client) ManagedAccount 

func (s *Client) ManagedAccount(tdId, maId string) (ManagedAccount, error)

ManagedAccount get managed account

func (*Client) ManagedAccountPassword 

func (s *Client) ManagedAccountPassword(tdId, maId, password string) error

ManagedAccountPassword provide password for managed account

func (*Client) ManagedAccounts 

func (s *Client) ManagedAccounts(offset, limit int, sortkey, sortdir, tdId string) (ManagedAccountResult, error)

MARK: Managed accounts ManagedAccounts lists all managed accounts in a target domain

func (*Client) PasswordPolicies 

func (s *Client) PasswordPolicies() (PwPolicyResult, error)

MARK: Password Policies PasswordPolicies lists all password policies

func (*Client) PasswordPolicy 

func (s *Client) PasswordPolicy(policyId string) (*PasswordPolicy, error)

PasswordPolicy get password policy by id

func (*Client) RefreshTargetDomain 

func (s *Client) RefreshTargetDomain(tdId string) error

RefreshTargetDomain trigger target domain account scan

func (*Client) RotateManagedAccountPassword 

func (s *Client) RotateManagedAccountPassword(tdId, maId string) error

RotateManagedAccountPassword trigger managed account password rotation

func (*Client) RotatePassword 

func (s *Client) RotatePassword(hostId, account string) error

MARK: Manage passwords RotatePassword initiate password rotation

func (*Client) ScriptTemplate 

func (s *Client) ScriptTemplate(templateId string) (*ScriptTemplate, error)

ScriptTemplate get script template by id

func (*Client) ScriptTemplates 

func (s *Client) ScriptTemplates() (ScriptTemplateResult, error)

MARK: Manage rotation scripts ScriptTemplates lists all script templates

func (*Client) SearchManagedAccounts 

func (s *Client) SearchManagedAccounts(sortkey, sortdir, tdId string, offset, limit int, searchObject ManagedAccountsSearch) (ManagedAccountResult, error)

SearchManagedAccounts search managed accounts in a target domain

func (*Client) SearchTargetDomain 

func (s *Client) SearchTargetDomain(sortkey, sortdir string, offset, limit int, searchObject TargetDomainsSearch) (TdResult, error)

SearchTargetDomain search for existing target domain

func (*Client) SearchTargetDomainAccounts 

func (s *Client) SearchTargetDomainAccounts(sortkey, sortdir, tdId string, offset, limit int, searchObject ScannedAccountsSearch) (ScannedAccountResult, error)

SearchTargetDomainAccounts search accounts in target domain

func (*Client) SecretsManagerStatus 

func (s *Client) SecretsManagerStatus() (*common.ServiceStatus, error)

SecretsManagerStatus get microservice status

func (*Client) TargetDomain 

func (s *Client) TargetDomain(tdId string) (*TargetDomain, error)

TargetDomain get target domain by id

func (*Client) TargetDomainAccount 

func (s *Client) TargetDomainAccount(tdId, accountId string) (ScannedAccount, error)

TargetDomainAccount get target domain account

func (*Client) TargetDomainAccounts 

func (s *Client) TargetDomainAccounts(offset, limit int, sortkey, sortdir, tdId string) (ScannedAccountResult, error)

MARK: Target domain accounts TargetDomainAccounts lists all accounts in target domain

func (*Client) TargetDomains 

func (s *Client) TargetDomains(offset, limit int, sortkey, sortdir string) (TdResult, error)

MARK: Target domains TargetDomains lists all target domains

func (*Client) UpdatePasswordPolicy 

func (s *Client) UpdatePasswordPolicy(policyId string, p PasswordPolicy) error

UpdatePasswordPolicy update existing password policy

func (*Client) UpdateScriptTemplate 

func (s *Client) UpdateScriptTemplate(templateId string, t ScriptTemplate) error

UpdateScriptTemplate update existing script template

func (*Client) UpdateTargetDomain 

func (s *Client) UpdateTargetDomain(tdId string, td TargetDomain) error

UpdateTargetDomain update existing target domain

func (*Client) UpdateTargetDomainAccount 

func (s *Client) UpdateTargetDomainAccount(tdId, accountId string, change ScannedAccountChangeSet) error

UpdateTargetDomainAccount update target domain account

func (*Client) UpdateTargetManagedAccount 

func (s *Client) UpdateTargetManagedAccount(tdId, maId string, change ManagedAccount) error

UpdateTargetManagedAccount update managed account

type CompileScriptRequest 

type CompileScriptRequest struct {
	OperatingSystem string `json:"operating_system"`
	Script          string `json:"script"`
}

type ManagedAccount 

type ManagedAccount struct {
	ID                 string                `json:"id"`
	Username           string                `json:"username"`
	Email              string                `json:"email,omitempty"`
	FullName           string                `json:"full_name,omitempty"`
	SamAccountName     string                `json:"sam_account_name,omitempty"`
	SourceID           string                `json:"source_id,omitempty"`
	SecurityID         string                `json:"security_id,omitempty"`
	AdditionalData     map[string]string     `json:"additional_data,omitempty"`
	TargetDomain       TargetDomainHandle    `json:"target_domain"`
	PasswordPolicy     *PasswordPolicyHandle `json:"password_policy,omitempty"`
	Enabled            bool                  `json:"enabled"`
	RotationEnabled    bool                  `json:"rotation_enabled"`
	ExplicitCheckout   bool                  `json:"explicit_checkout"`
	State              string                `json:"state"`
	Comment            string                `json:"comment,omitempty"`
	SecretName         string                `json:"secret_name,omitempty"`
	Locked             bool                  `json:"locked"`
	LockedTimestamp    *time.Time            `json:"locked_timestamp,omitempty"`
	RotationHistory    []SecretRotationEvent `json:"rotation_history,omitempty"`
	SecretCheckouts    []SecretCheckout      `json:"checkouts,omitempty"`
	Created            time.Time             `json:"created,omitempty"`
	Author             string                `json:"author,omitempty"`
	Updated            *time.Time            `json:"updated,omitempty"`
	UpdatedBy          string                `json:"updated_by,omitempty"`
	DisableRdpCertAuth bool                  `json:"disable_rdp_cert_auth"`
}

type ManagedAccountBatch 

type ManagedAccountBatch struct {
	IDs []string `json:"ids"`
}

type ManagedAccountChangeSet 

type ManagedAccountChangeSet struct {
	Enabled            *bool                 `json:"enabled"`
	RotationEnabled    *bool                 `json:"rotation_enabled"`
	ExplicitCheckout   *bool                 `json:"explicit_checkout"`
	DisableRdpCertAuth *bool                 `json:"disable_rdp_cert_auth"`
	PasswordPolicy     *PasswordPolicyHandle `json:"password_policy,omitempty"`
	Comment            *string               `json:"comment,omitempty"`
}

type ManagedAccountCreateBatch 

type ManagedAccountCreateBatch struct {
	IDs  []string                 `json:"ids"`
	Data ManagedAccountCreateData `json:"data"`
}

type ManagedAccountCreateData 

type ManagedAccountCreateData struct {
	Enabled            bool                 `json:"enabled"`
	RotationEnabled    bool                 `json:"rotation_enabled"`
	Rotate             bool                 `json:"rotate"`
	ExplicitCheckout   bool                 `json:"explicit_checkout"`
	DisableRdpCertAuth bool                 `json:"disable_rdp_cert_auth"`
	PasswordPolicy     PasswordPolicyHandle `json:"password_policy,omitempty"`
	Comment            string               `json:"comment,omitempty"`
}

type ManagedAccountEditBatch 

type ManagedAccountEditBatch struct {
	IDs       []string                `json:"ids"`
	ChangeSet ManagedAccountChangeSet `json:"changes"`
}

type ManagedAccountPasswordRequest 

type ManagedAccountPasswordRequest struct {
	Password string `json:"password"`
}

type ManagedAccountResult 

type ManagedAccountResult struct {
	Count int              `json:"count"`
	Items []ManagedAccount `json:"items"`
}

type ManagedAccountsSearch 

type ManagedAccountsSearch struct {
	Keywords         string     `json:"keywords,omitempty"`
	Enabled          *bool      `json:"enabled,omitempty"`
	CreatedAfter     *time.Time `json:"created_after,omitempty"`
	CreatedBefore    *time.Time `json:"created_before,omitempty"`
	UpdatedAfter     *time.Time `json:"updated_after,omitempty"`
	UpdatedBefore    *time.Time `json:"updated_before,omitempty"`
	State            string     `json:"state,omitempty"`
	RotationEnabled  *bool      `json:"rotation_enabled,omitempty"`
	ExplicitCheckout *bool      `json:"explicit_checkout,omitempty"`
}

type Params 

type Params struct {
	Offset  int    `json:"offset,omitempty"`
	Limit   int    `json:"limit,omitempty"`
	Sortdir string `json:"sortdir,omitempty"`
	Sortkey string `json:"sortkey,omitempty"`
}

type PasswordPolicy 

type PasswordPolicy struct {
	ID                     string     `json:"id"`
	Name                   string     `json:"name"`
	RotationInterval       string     `json:"rotation_interval"`
	PasswordMinLength      int        `json:"password_min_length"`
	PasswordMaxLength      int        `json:"password_max_length" `
	UseSpecialCharacters   bool       `json:"use_special_characters"`
	UseLowercase           bool       `json:"use_lower_case"`
	UseUppercase           bool       `json:"use_upper_case"`
	UseNumbers             bool       `json:"use_numbers"`
	MaxVersions            int        `json:"max_versions"`
	NumberOfRetries        int        `json:"number_of_retries"`
	RetryInterval          string     `json:"retry_interval"`
	MaxConcurrentCheckouts int        `json:"max_concurrent_checkouts"`
	MaxCheckoutDuration    string     `json:"max_checkout_duration"`
	RotateOnRelease        bool       `json:"rotate_on_release"`
	VerifyAfterRotation    bool       `json:"verify_after_rotation"`
	Created                *time.Time `json:"created"`
	CreatedBy              string     `json:"created_by"`
	Updated                *time.Time `json:"updated"`
	UpdatedBy              string     `json:"updated_by"`
}

type PasswordPolicyHandle 

type PasswordPolicyHandle struct {
	ID      string `json:"id,omitempty"`
	Name    string `json:"name,omitempty"`
	Deleted bool   `json:"deleted,omitempty"`
}

type PwPolicyResult 

type PwPolicyResult struct {
	Count int              `json:"count"`
	Items []PasswordPolicy `json:"items"`
}

type ScannedAccount 

type ScannedAccount struct {
	ID             string             `json:"id"`
	Username       string             `json:"username"`
	Email          string             `json:"email"`
	FullName       string             `json:"full_name"`
	SourceID       string             `json:"source_id"`
	SecurityID     string             `json:"security_id"`
	AdditionalData map[string]string  `json:"additional_data"`
	TargetDomain   TargetDomainHandle `json:"target_domain"`
	State          string             `json:"state"`
	Ignored        bool               `json:"ignored"`
	Comment        string             `json:"comment"`
	Created        time.Time          `json:"created,omitempty"`
	Updated        time.Time          `json:"updated,omitempty"`
	UpdatedBy      string             `json:"updated_by,omitempty"`
}

type ScannedAccountChangeSet 

type ScannedAccountChangeSet struct {
	Ignored *bool   `json:"ignored,omitempty"`
	Comment *string `json:"comment,omitempty"`
}

type ScannedAccountEditBatch 

type ScannedAccountEditBatch struct {
	IDs       []string                `json:"ids"`
	ChangeSet ScannedAccountChangeSet `json:"changes"`
}

type ScannedAccountResult 

type ScannedAccountResult struct {
	Count int              `json:"count"`
	Items []ScannedAccount `json:"items"`
}

type ScannedAccountsSearch 

type ScannedAccountsSearch struct {
	Keywords      string     `json:"keywords,omitempty"`
	CreatedAfter  *time.Time `json:"created_after,omitempty"`
	CreatedBefore *time.Time `json:"created_before,omitempty"`
	UpdatedAfter  *time.Time `json:"updated_after,omitempty"`
	UpdatedBefore *time.Time `json:"updated_before,omitempty"`
	State         string     `json:"state,omitempty"`
	Ignored       *bool      `json:"ignored,omitempty"`
}

type ScriptTemplate 

type ScriptTemplate struct {
	ID              string     `json:"id"`
	Name            string     `json:"name"`
	OperatingSystem string     `json:"operating_system"`
	Script          string     `json:"script"`
	Created         *time.Time `json:"created"`
	CreatedBy       string     `json:"created_by"`
	Updated         *time.Time `json:"updated"`
	UpdatedBy       string     `json:"updated_by"`
}

type ScriptTemplateResult 

type ScriptTemplateResult struct {
	Count int              `json:"count"`
	Items []ScriptTemplate `json:"items"`
}

type SecretCheckout 

type SecretCheckout struct {
	ID               string          `json:"id"`
	Type             string          `json:"type"`
	UserID           string          `json:"user_id"`
	Expires          time.Time       `json:"expires"`
	Created          time.Time       `json:"created"`
	ExplicitCheckout bool            `json:"explicit_checkout"`
	Secrets          []SecretVersion `json:"secrets,omitempty"`
	Username         string          `json:"username"`
	Email            string          `json:"email,omitempty"`
	FullName         string          `json:"full_name,omitempty"`
	TargetDomainID   string          `json:"target_domain_id,omitempty"`
	ManagedAccountID string          `json:"managed_account_id,omitempty"`
	HostID           string          `json:"host_id,omitempty"`
	SecretName       string          `json:"secret_name,omitempty"`
	Meta             string          `json:"meta,omitempty"`
}

type SecretRotationEvent 

type SecretRotationEvent struct {
	Version int       `json:"version"`
	Rotated time.Time `json:"rotated"`
	Trigger string    `json:"trigger"`
	Status  string    `json:"status"`
}

type SecretVersion 

type SecretVersion struct {
	Version int       `json:"version"`
	Secret  string    `json:"secret"`
	Created time.Time `json:"created"`
}

type TargetDomain 

type TargetDomain struct {
	ID                   string                 `json:"id"`
	Name                 string                 `json:"name"`
	DomainName           string                 `json:"domain_name"`
	Enabled              bool                   `json:"enabled"`
	PeriodicScan         bool                   `json:"periodic_scan"`
	PeriodicScanInterval int                    `json:"periodic_scan_interval"`
	ScanStatus           string                 `json:"scan_status,omitempty"`
	ScanMessage          string                 `json:"scan_message,omitempty"`
	LastScanned          *time.Time             `json:"last_scanned,omitempty"`
	AutoOnboarding       bool                   `json:"auto_onboarding"`
	AutoOnboardingPolicy *PasswordPolicyHandle  `json:"auto_onboarding_policy,omitempty"`
	EndPoints            []TargetDomainEndpoint `json:"endpoints"`
	Comment              string                 `json:"comment"`
	Created              time.Time              `json:"created,omitempty"`
	Author               string                 `json:"author,omitempty"`
	Updated              time.Time              `json:"updated,omitempty"`
	UpdatedBy            string                 `json:"updated_by,omitempty"`
}

type TargetDomainEndpoint 

type TargetDomainEndpoint struct {
	TargetDomainID          string            `json:"-"`
	Type                    string            `json:"type"`
	ScanPriority            int               `json:"scan_priority"`
	RotationPriority        int               `json:"rotation_priority"`
	AttributeMapping        map[string]string `json:"attribute_mapping,omitempty"`
	LdapProtocol            string            `json:"ldap_protocol,omitempty"`
	LdapAddress             string            `json:"ldap_address,omitempty"`
	LdapPort                int               `json:"ldap_port,omitempty"`
	LdapBaseDN              string            `json:"ldap_base_dn,omitempty"`
	LdapBindDN              string            `json:"ldap_bind_dn,omitempty"`
	LdapBindPassword        string            `json:"ldap_bind_password,omitempty"`
	LdapUserFilter          string            `json:"ldap_user_filter,omitempty"`
	LdapRootCertificates    string            `json:"ldap_root_certificates,omitempty"`
	LdapSkipStrictCertCheck bool              `json:"ldap_skip_strict_cert_check,omitempty"`
	EntraBaseUrl            string            `json:"entra_base_url,omitempty"`
	EntraTenantID           string            `json:"entra_tenant_id,omitempty"`
	EntraClientID           string            `json:"entra_client_id,omitempty"`
	EntraClientSecret       string            `json:"entra_client_secret,omitempty"`
	EntraBatchSize          int               `json:"entra_batch_size,omitempty"`
	EntraPageSize           int               `json:"entra_page_size,omitempty"`
	EntraGroupFilter        []string          `json:"entra_group_filter,omitempty"`
}

type TargetDomainHandle 

type TargetDomainHandle struct {
	ID      string `json:"id"`
	Name    string `json:"name,omitempty"`
	Deleted bool   `json:"deleted,omitempty"`
}

type TargetDomainsSearch 

type TargetDomainsSearch struct {
	Keywords       string `json:"keywords,omitempty"`
	Enabled        *bool  `json:"enabled,omitempty"`
	PeriodicScan   *bool  `json:"periodic_scan,omitempty"`
	AutoOnboarding *bool  `json:"auto_onboarding,omitempty"`
}

type TdResult 

type TdResult struct {
	Count int            `json:"count"`
	Items []TargetDomain `json:"items"`
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.