Versions in this module Expand all Collapse all v3 v3.1.1 Feb 14, 2022 v3.1.0 Feb 14, 2022 Changes in this version + const AdditionIterationsRange + const BaseIterations + const DefaultSessionName + const NoTolerance + var ErrIncorrectPassword = errors.New("Incorrect password") + var ErrInvalidCommand = errors.New("Invalid command") + var ErrInvalidEncryptionConfig = errors.New("Invalid encryption configuration") + var ErrInvalidKeyConfig = errors.New("Invalid key configuration") + var ErrNoTokenEntered = errors.New("Could not get MFA code") + var ErrVaultSessionNotFound = errors.New("Vault session not found") + var STSDurationDefault = time.Hour + var SessionCacheVersion = "3" + func STSEndpointResolver(nextResolver endpoints.Resolver) endpoints.Resolver + func VaultSessionCacheKey(vault *Vault) string + type AWSCredentials struct + Expiration *time.Time + ID string + Region *string + Secret string + Token string + func AWSCredentialsFromSTSCredentials(creds *sts.Credentials, region *string) *AWSCredentials + func (c *AWSCredentials) AssumeRole(arn string, duration time.Duration) (*AWSCredentials, error) + func (c *AWSCredentials) Expired() bool + func (c *AWSCredentials) GetCallerIdentity() (arn.ARN, error) + func (c *AWSCredentials) GetSessionToken(duration time.Duration) (*AWSCredentials, error) + func (c *AWSCredentials) GetSessionTokenWithMFA(serialNumber, token string, duration time.Duration) (*AWSCredentials, error) + func (c *AWSCredentials) Valid() bool + func (c *AWSCredentials) ValidSession() bool + type AWSKey struct + ForgoTempCredGeneration bool + MFA string + Role string + func (k *AWSKey) GetAWSCredentials(duration time.Duration) (*AWSCredentials, error) + func (k *AWSKey) GetAWSCredentialsWithMFA(mfaToken string, duration time.Duration) (*AWSCredentials, error) + func (k *AWSKey) RequiresMFA() bool + func (k *AWSKey) Valid() bool + type Details map[string]interface + func (d Details) Bytes(name string) []byte + func (d Details) Clone() Details + func (d Details) Int(name string) int + func (d Details) SetBytes(name string, value []byte) + func (d Details) SetInt(name string, value int) + func (d Details) SetString(name string, value string) + func (d Details) String(name string) string + type Operation int + const OpenOperation + const SealOperation + type SSHOptions struct + DisableProxy bool + GenerateRSAKey bool + ValidPrincipals []string + VaultSigningUrl string + type Session struct + AWSCreds *AWSCredentials + ActiveRole string + Expiration time.Time + GeneratedSSHKey string + Name string + Role string + SSHKeys map[string]string + SSHOptions *SSHOptions + Vars map[string]string + func (s *Session) AssumeRole(roleArn string) (*Session, error) + func (s *Session) AssumeSessionRole() (*Session, error) + func (s *Session) Clone() *Session + func (s *Session) Expired(tolerance time.Duration) bool + func (s *Session) Spawn(cmd []string) (*int, error) + func (s *Session) Variables() *Variables + type SessionCache struct + SessionCacheVersion string + Sessions map[string]*Session + func (sc *SessionCache) GetVaultSession(vault *Vault) (*Session, error) + func (sc *SessionCache) PutVaultSession(vault *Vault, session *Session) + func (sc *SessionCache) RemoveExpiredSessions() + type SessionFile struct + Ciphertext []byte + Details Details + Method string + type StaticSteward struct + MFAToken *string + Password string + func NewStaticSteward(password string) *StaticSteward + func NewStaticStewardWithMFA(password, mfaToken string) *StaticSteward + func (s *StaticSteward) GetMFAToken(name string) (string, error) + func (s *StaticSteward) GetPassword(operation Operation, name string) (string, error) + type Steward interface + GetMFAToken func(name string) (string, error) + GetPassword func(operation Operation, name string) (string, error) + type StewardMaxTries interface + GetMaxOpenTries func() int + type Store interface + CreateSession func(vault *Vault, name, password string) (*Session, error) + GetSession func(vault *Vault, name, password string) (*Session, error) + ListVaults func() ([]string, error) + OpenVault func(name string) (*Vault, string, error) + OpenVaultWithPassword func(name, password string) (*Vault, string, error) + RemoveVault func(name string) error + SealVault func(vault *Vault, name string) error + SealVaultWithPassword func(vault *Vault, name, password string) error + Steward func() Steward + VaultExists func(name string) bool + func New(steward Steward) Store + type Variables struct + Set map[string]string + Unset []string + type Vault struct + AWSKey *AWSKey + Duration time.Duration + SSHKeys map[string]string + SSHOptions *SSHOptions + Vars map[string]string + func (v *Vault) NewSession(name string) (*Session, error) + func (v *Vault) NewSessionWithMFA(name, mfaToken string) (*Session, error) + type VaultFile struct + Ciphertext []byte + Details Details + Key *VaultKey + Method string + type VaultKey struct + Details Details + Method string