Documentation
¶
Index ¶
- Constants
- Variables
- func ConstraintMacaroon(macHex string, duration time.Duration) (string, error)
- func DeleteSecret(ctx context.Context, name string) (string, error)
- func GetConstrained(d *entities.Data, duration time.Duration) entities.Data
- func GetData(name string, uniqueID string) (*entities.Data, error)
- func GetSecret(ctx context.Context, arn string) (string, string, error)
- func InvalidateSecret(ctx context.Context, name string) (string, error)
- func InvalidateSecretDummy(ctx context.Context, name string) (string, error)
- func InvalidateSecretWithRetries(ctx context.Context, name string) (string, error)
- func LoadSecrets(ctx context.Context, prefix string) map[string]string
- func PresignGetCallerIdentity(validity time.Duration) (string, error)
- func VerifyGetCallerIdentity(query string, timeout time.Duration) (string, error)
- type Change
- type DeleteSecretSignature
- type GetCallerIdentityResponse
- type GetCallerIdentityResult
- type InsertOrUpdateSecretSignature
Constants ¶
const ( // PresignHeader - HTTP Header for pre-signed requests PresignHeader = "X-Amazon-Presigned-Getcalleridentity" // EmptyBodyHash - Hash of empty body EmptyBodyHash = "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855" )
const ( // MaxTries is the maximum number of retries to AWS API MaxTries = 3 // Sleep is the amount of time we wait before retrying Sleep = 1 * time.Second )
const ( // Delimiter between entries Delimiter = "," // UserPassSeparator separates username from password (cannot use :) UserPassSeparator = "|" // IAMAuthFlag defines that IAM authentication should be used IAMAuthFlag = "$iam" // starts with $ so it's an invalid crypted password )
Variables ¶
var ( // Mutex is used for mutual exclusion Mutex sync.Mutex // Names contains all the secrets Names = make(map[string]struct{}) )
Functions ¶
func ConstraintMacaroon ¶
ConstraintMacaroon - adds a time constraint for duration since now on the macaroon
func DeleteSecret ¶
DeleteSecret - deletes a secret - Deprecated since you cannot reuse same secret name in 7 days
func GetConstrained ¶
GetConstrained returns a constrained version of d (macaroon will be time constrained)
func InvalidateSecret ¶
InvalidateSecret - is used as a replacement for DeleteSecret
func InvalidateSecretDummy ¶
InvalidateSecretDummy - mock version of the InvalidateSecret method
func InvalidateSecretWithRetries ¶
InvalidateSecretWithRetries calls InvalidateSecret with retry logic
func LoadSecrets ¶
LoadSecrets - loads all secrets (used at startup)
func PresignGetCallerIdentity ¶
PresignGetCallerIdentity will sign a query string to retrieve my caller identity by third party. Returns: - the query string - error (when not successful)
Types ¶
type Change ¶
type Change int
Change enum
func InsertOrUpdateSecret ¶
InsertOrUpdateSecret - inserts or updates a secret
type DeleteSecretSignature ¶
DeleteSecretSignature is the signature of a function
type GetCallerIdentityResponse ¶
type GetCallerIdentityResponse struct {
GetCallerIdentityResult GetCallerIdentityResult
}
GetCallerIdentityResponse struct
type GetCallerIdentityResult ¶
type GetCallerIdentityResult struct {
Arn string `xml:"Arn"`
UserID string `xml:"UserId"`
Account string `xml:"Account"`
}
GetCallerIdentityResult struct
Source Files