The highest tagged major version is
Documentation
¶
Index ¶
- Constants
- Variables
- type ChangeEvent
- type ChangeEventType
- type LatestIndexFile
- type LatestValue
- type NullStore
- func (s *NullStore) Delete(id SecretId) error
- func (s *NullStore) History(id SecretId) ([]ChangeEvent, error)
- func (s *NullStore) List(service string, includeValues bool) ([]Secret, error)
- func (s *NullStore) ListRaw(service string) ([]RawSecret, error)
- func (s *NullStore) ListServices(service string, includeSecretNames bool) ([]string, error)
- func (s *NullStore) Read(id SecretId, version int) (Secret, error)
- func (s *NullStore) Write(id SecretId, value string) error
- type RawSecret
- type S3KMSStore
- func (s *S3KMSStore) Delete(id SecretId) error
- func (s *S3KMSStore) List(service string, includeValues bool) ([]Secret, error)
- func (s *S3KMSStore) ListRaw(service string) ([]RawSecret, error)
- func (s *S3KMSStore) ListServices(service string, includeSecretName bool) ([]string, error)
- func (s *S3KMSStore) Write(id SecretId, value string) error
- type S3Store
- func (s *S3Store) Delete(id SecretId) error
- func (s *S3Store) History(id SecretId) ([]ChangeEvent, error)
- func (s *S3Store) List(service string, includeValues bool) ([]Secret, error)
- func (s *S3Store) ListRaw(service string) ([]RawSecret, error)
- func (s *S3Store) ListServices(service string, includeSecretName bool) ([]string, error)
- func (s *S3Store) Read(id SecretId, version int) (Secret, error)
- func (s *S3Store) Write(id SecretId, value string) error
- type SSMStore
- func (s *SSMStore) Delete(id SecretId) error
- func (s *SSMStore) History(id SecretId) ([]ChangeEvent, error)
- func (s *SSMStore) KMSKey() string
- func (s *SSMStore) List(service string, includeValues bool) ([]Secret, error)
- func (s *SSMStore) ListRaw(service string) ([]RawSecret, error)
- func (s *SSMStore) ListServices(service string, includeSecretName bool) ([]string, error)
- func (s *SSMStore) Read(id SecretId, version int) (Secret, error)
- func (s *SSMStore) Write(id SecretId, value string) error
- type Secret
- type SecretId
- type SecretMetadata
- type Store
Constants ¶
View Source
const ( MaximumVersions = 100 // deprecated BucketEnvVar = "CHAMBER_S3_BUCKET" )
View Source
const ( RegionEnvVar = "CHAMBER_AWS_REGION" CustomSSMEndpointEnvVar = "CHAMBER_AWS_SSM_ENDPOINT" )
View Source
const (
// DefaultKeyID is the default alias for the KMS key used to encrypt/decrypt secrets
DefaultKeyID = "alias/parameter_store_key"
)
Variables ¶
View Source
var ( // ErrSecretNotFound is returned if the specified secret is not found in the // parameter store ErrSecretNotFound = errors.New("secret not found") )
Functions ¶
This section is empty.
Types ¶
type ChangeEvent ¶
type ChangeEvent struct {
Type ChangeEventType
Time time.Time
User string
Version int
}
type ChangeEventType ¶
type ChangeEventType int
const ( Created ChangeEventType = iota Updated )
func (ChangeEventType) String ¶
func (c ChangeEventType) String() string
type LatestIndexFile ¶
type LatestIndexFile struct {
Latest map[string]LatestValue `json:"latest"`
}
latest is used to keep a single object in s3 with all of the most recent values for the given service's secrets. Keeping this in a single s3 object allows us to use a single s3 GetObject for ListRaw (and thus chamber exec).
type LatestValue ¶
type NullStore ¶
type NullStore struct{}
func NewNullStore ¶
func NewNullStore() *NullStore
func (*NullStore) ListServices ¶
type S3KMSStore ¶
type S3KMSStore struct {
S3Store
// contains filtered or unexported fields
}
func NewS3KMSStore ¶
func NewS3KMSStore(numRetries int, bucket string, kmsKeyAlias string) (*S3KMSStore, error)
func (*S3KMSStore) Delete ¶
func (s *S3KMSStore) Delete(id SecretId) error
func (*S3KMSStore) List ¶
func (s *S3KMSStore) List(service string, includeValues bool) ([]Secret, error)
func (*S3KMSStore) ListRaw ¶ added in v2.7.5
func (s *S3KMSStore) ListRaw(service string) ([]RawSecret, error)
func (*S3KMSStore) ListServices ¶
func (s *S3KMSStore) ListServices(service string, includeSecretName bool) ([]string, error)
type S3Store ¶
type S3Store struct {
// contains filtered or unexported fields
}
func NewS3Store ¶
Deprecated; use NewS3StoreWithBucket instead
func NewS3StoreWithBucket ¶
func (*S3Store) ListServices ¶
type SSMStore ¶
type SSMStore struct {
// contains filtered or unexported fields
}
SSMStore implements the Store interface for storing secrets in SSM Parameter Store
func NewSSMStore ¶
NewSSMStore creates a new SSMStore
func (*SSMStore) Delete ¶
Delete removes a secret from the parameter store. Note this removes all versions of the secret.
func (*SSMStore) History ¶
func (s *SSMStore) History(id SecretId) ([]ChangeEvent, error)
History returns a list of events that have occurred regarding the given secret.
func (*SSMStore) List ¶
List lists all secrets for a given service. If includeValues is true, then those secrets are decrypted and returned, otherwise only the metadata about a secret is returned.
func (*SSMStore) ListRaw ¶
ListRaw lists all secrets keys and values for a given service. Does not include any other meta-data. Uses faster AWS APIs with much higher rate-limits. Suitable for use in production environments.
func (*SSMStore) ListServices ¶
type Secret ¶
type Secret struct {
Value *string
Meta SecretMetadata
}
type SecretMetadata ¶
type Store ¶
type Store interface {
Write(id SecretId, value string) error
Read(id SecretId, version int) (Secret, error)
List(service string, includeValues bool) ([]Secret, error)
ListRaw(service string) ([]RawSecret, error)
ListServices(service string, includeSecretName bool) ([]string, error)
History(id SecretId) ([]ChangeEvent, error)
Delete(id SecretId) error
}
Source Files
Click to show internal directories.
Click to hide internal directories.