Documentation
¶
Index ¶
Constants ¶
View Source
const ( // DefaultConfigFile is the default file where blessclient will look for its config DefaultConfigFile = "~/.blessclient/config.yml" // DefaultSSHPrivateKey is a path to where users usually keep an ssh key DefaultSSHPrivateKey = "~/.ssh/id_rsa" )
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Bastion ¶
type Bastion struct {
Host `yaml:",inline"`
Hosts []Host `yaml:"hosts"`
IdentityFile string `yaml:"identity_file"`
User string `yaml:"user"`
}
Bastion is an internet accessibly server used to "jump" to other servers
type ClientConfig ¶
type ClientConfig struct {
// ConfigFile is the path to blessclient config file
ConfigFile string
// AWSUserProfile is an aws profile that references a user (not a role)
// leaving this empty typically means use `default` profile
AWSUserProfile string `json:"aws_user_profile" yaml:"aws_user_profule"`
// Path to your ssh private key
SSHPrivateKey string `json:"ssh_private_key" yaml:"ssh_private_key"`
// cert related
CertLifetime Duration `json:"cert_lifetime" yaml:"cert_lifetime,inline"`
// ask bless to sign for these remote users
RemoteUsers []string `json:"remote_users" yaml:"remote_users"`
// bless calls these bastion ips - your source ip. 0.0.0.0/0 is all
BastionIPS []string `json:"bastion_ips" yaml:"bastion_ips"`
}
ClientConfig is the client config
type Config ¶
type Config struct {
// Version versions this config
Version int `json:"version" yaml:"version"`
// ClientConfig is config for blessclient
ClientConfig ClientConfig `json:"client_config" yaml:"client_config"`
// LambdaConfig holds configuration around the bless lambda
LambdaConfig LambdaConfig `json:"lambda_config" yaml:"lambda_config"`
// For convenience, you can bundle an ~/.ssh/config template here
SSHConfig *SSHConfig `json:"ssh_config,omitempty" yaml:"ssh_config,omitempty"`
}
Config is a blessclient config
func DefaultConfig ¶
DefaultConfig generates a config with some defaults
func (*Config) GetAWSSessionCachePath ¶ added in v0.0.6
GetAWSSessionCachePath gets path to aws user session cache file
func (*Config) GetKMSAuthCachePath ¶ added in v0.0.6
GetKMSAuthCachePath gets a path to kmsauth cache file kmsauth is regional
type Duration ¶
Duration is a wrapper around Duration to marshal/unmarshal
func (Duration) AsDuration ¶
AsDuration returns as duration
func (Duration) MarshalJSON ¶
MarshalJSON marshals to json
func (*Duration) UnmarshalJSON ¶
UnmarshalJSON unmarshals
type Host ¶
type Host struct {
Pattern string `yaml:"pattern"`
}
Host represents a Host block in an ssh config
type LambdaConfig ¶
type LambdaConfig struct {
// RoleARN used to assume and invoke bless lambda
RoleARN string `json:"role_arn" yaml:"role_arn"`
// Bless lambda function name
FunctionName string `json:"function_name" yaml:"function_name"`
// bless lambda regions
Regions []Region `json:"regions,omitempty" yaml:"regions,omitempty"`
}
LambdaConfig is the lambda config
type Region ¶
type Region struct {
// name of the aws region (us-west-2)
AWSRegion string `json:"aws_region" yaml:"aws_region"`
// region specific kms key id (not arn) of the key used for kmsauth
KMSAuthKeyID string `json:"kms_auth_key_id" yaml:"kms_auth_key_id"`
}
Region is an aws region that contains an aws lambda
Source Files
Click to show internal directories.
Click to hide internal directories.