gcpauth

package

v0.7.2 Latest Latest Go to latest Published: Apr 29, 2021 License: MPL-2.0 Imports: 33 Imported by: 41

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/hashicorp/vault-plugin-auth-gcp

Links

Open Source Insights

Documentation ¶

Index ¶

func AuthorizeGCE(ctx context.Context, i *AuthorizeGCEInput) error
func Factory(ctx context.Context, conf *logical.BackendConfig) (logical.Backend, error)
func ServiceAccountLoginJwt(iamClient *iamcredentials.Service, exp time.Time, aud, serviceAccount string) (*iamcredentials.SignJwtResponse, error)
type AuthorizeGCEInput
type CLIHandler
- func (h *CLIHandler) Auth(c *api.Client, m map[string]string) (*api.Secret, error)
- func (h *CLIHandler) Help() string
type GcpAuthBackend
- func Backend() *GcpAuthBackend

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func AuthorizeGCE ¶

func AuthorizeGCE(ctx context.Context, i *AuthorizeGCEInput) error

func Factory ¶

func Factory(ctx context.Context, conf *logical.BackendConfig) (logical.Backend, error)

Factory returns a new backend as logical.Backend.

func ServiceAccountLoginJwt ¶

func ServiceAccountLoginJwt(iamClient *iamcredentials.Service, exp time.Time, aud, serviceAccount string) (*iamcredentials.SignJwtResponse, error)

Types ¶

type AuthorizeGCEInput ¶

type AuthorizeGCEInput struct {
	// contains filtered or unexported fields
}

type CLIHandler ¶

type CLIHandler struct{}

func (*CLIHandler) Auth ¶

func (h *CLIHandler) Auth(c *api.Client, m map[string]string) (*api.Secret, error)

func (*CLIHandler) Help ¶

func (h *CLIHandler) Help() string

type GcpAuthBackend ¶

type GcpAuthBackend struct {
	*framework.Backend
	// contains filtered or unexported fields
}

func Backend ¶

func Backend() *GcpAuthBackend

func (*GcpAuthBackend) CRMClient ¶

func (b *GcpAuthBackend) CRMClient(s logical.Storage) (*cloudresourcemanager.Service, error)

CRMClient returns a new Cloud Resource Manager client. The client is cached.

func (*GcpAuthBackend) ClearCaches ¶

func (b *GcpAuthBackend) ClearCaches()

ClearCaches deletes all cached clients and credentials.

func (*GcpAuthBackend) ComputeClient ¶

func (b *GcpAuthBackend) ComputeClient(s logical.Storage) (*compute.Service, error)

ComputeClient returns a new Compute client. The client is cached.

func (*GcpAuthBackend) IAMClient ¶

func (b *GcpAuthBackend) IAMClient(s logical.Storage) (*iam.Service, error)

IAMClient returns a new IAM client. This client talks to the IAM endpoint, for all things that are not signing JWTs. The SignJWT method in the IAM client has been deprecated, but other methods are still valid and supported.

See: https://pkg.go.dev/google.golang.org/api@v0.45.0/iam/v1 and: https://cloud.google.com/iam/docs/migrating-to-credentials-api#iam-sign-jwt-go

The client is cached.

func (*GcpAuthBackend) IAMCredentialsClient ¶ added in v0.7.2

func (b *GcpAuthBackend) IAMCredentialsClient(s logical.Storage) (*iamcredentials.Service, error)

IAMCredentialsClient returns a new IAM Service Account Credentials client. This client talks to the IAM Service Credentials endpoint, for signing JWTs.

See: https://pkg.go.dev/google.golang.org/api@v0.45.0/iamcredentials/v1#pkg-overview

The client is cached.

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
cache

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL