keyvault

package
v1.23.13 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 26, 2026 License: MIT Imports: 14 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	RoleIdKeyVaultAdministrator string = resourceIdPathPrefix + "00482a5a-887f-4fb3-b363-3b7fe8e74483"
	RoleIdKeyVaultSecretsUser   string = resourceIdPathPrefix + "4633458b-17de-408a-b874-0445c86b69e6"
)

Built-in roles for Key Vault RBAC https://learn.microsoft.com/azure/role-based-access-control/built-in-roles

Variables

View Source 
var ErrAzCliSecretNotFound = errors.New("secret not found")

Functions

func IsAzureKeyVaultSecret 

func IsAzureKeyVaultSecret(id string) bool

func IsValidSecretName 

func IsValidSecretName(kvSecretName string) bool

func NewAzureKeyVaultSecret 

func NewAzureKeyVaultSecret(subId, vaultId, secretName string) string

Types

type AzureKeyVaultSecret 

type AzureKeyVaultSecret struct {
	SubscriptionId string
	VaultName      string
	SecretName     string
}

AzureKeyVaultSecret represents a secret stored in an Azure Key Vault. It contains the necessary information to identify and access the secret.

Fields: - SubscriptionId: The ID of the Azure subscription that contains the Key Vault. - VaultName: The name of the Key Vault where the secret is stored. - SecretName: The name of the secret within the Key Vault.

func ParseAzureKeyVaultSecret 

func ParseAzureKeyVaultSecret(akvs string) (AzureKeyVaultSecret, error)

ParseAzureKeyVaultSecret parses a string representing an Azure Key Vault Secret reference and returns an AzureKeyVaultSecret struct if the reference is valid.

The expected format for the Azure Key Vault Secret reference is: "akvs://<subscription-id>/<vault-name>/<secret-name>"

Parameters:

  • akvs: A string representing the Azure Key Vault Secret reference.

Returns:

  • AzureKeyVaultSecret: A struct containing the subscription ID, vault name, and secret name.
  • error: An error if the Azure Key Vault Secret reference is invalid.

type KeyVault 

type KeyVault struct {
	Id         string `json:"id"`
	Name       string `json:"name"`
	Location   string `json:"location"`
	Properties struct {
		EnableSoftDelete      bool `json:"enableSoftDelete"`
		EnablePurgeProtection bool `json:"enablePurgeProtection"`
	} `json:"properties"`
}

type KeyVaultService 

type KeyVaultService interface {
	GetKeyVault(
		ctx context.Context,
		subscriptionId string,
		resourceGroupName string,
		vaultName string,
	) (*KeyVault, error)
	GetKeyVaultSecret(
		ctx context.Context,
		subscriptionId string,
		vaultName string,
		secretName string,
	) (*Secret, error)
	PurgeKeyVault(ctx context.Context, subscriptionId string, vaultName string, location string) error
	ListSubscriptionVaults(ctx context.Context, subscriptionId string) ([]Vault, error)
	CreateVault(
		ctx context.Context,
		tenantId string,
		subscriptionId string,
		resourceGroupName string,
		location string,
		vaultName string,
	) (Vault, error)
	ListKeyVaultSecrets(
		ctx context.Context,
		subscriptionId string,
		vaultName string,
	) ([]string, error)
	CreateKeyVaultSecret(
		ctx context.Context,
		subscriptionId string,
		vaultName string,
		secretName string,
		secretValue string,
	) error
	SecretFromAkvs(ctx context.Context, akvs string) (string, error)
}

func NewKeyVaultService 

func NewKeyVaultService(
	credentialProvider account.SubscriptionCredentialProvider,
	armClientOptions *arm.ClientOptions,
	coreClientOptions *azcore.ClientOptions,
	cloud *cloud.Cloud,
) KeyVaultService

NewKeyVaultService creates a new KeyVault service

type Secret 

type Secret struct {
	Id    string `json:"id"`
	Name  string `json:"name"`
	Value string `json:"value"`
}

type Vault 

type Vault struct {
	Id   string
	Name string
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.