vault

package

v0.20.0 Latest Latest Go to latest Published: Dec 16, 2023 License: MIT Imports: 10 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/abtreece/confd

Links

Open Source Insights

README ¶

Vault Backend

The vault backend enables confd to pull configuration parameters from Hashicorp Vault

Configuration

Authentication

Environment Variables

Environment variables can be used to provide the required configurations to confd. They will override configurations set in the config and credentials files.

export AWS_ACCESS_KEY_ID=AKIAIOSFODNN7EXAMPLE
export AWS_SECRET_ACCESS_KEY=wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
export AWS_DEFAULT_REGION=us-east-2

Config and Credentials Files

AWS credentials and configuration can be stored in the standard AWS CLI config files. These may be set up manually or via aws configure

~/.aws/credentials

[default]
aws_access_key_id=AKIAIOSFODNN7EXAMPLE
aws_secret_access_key=wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY

~/.aws/config

[default]
region=us-east-2

IAM Role for EC2

An IAM role can be used to grant confd permissions to SSM. When used you will not need to set AWS_ACCESS_KEY_ID or AWS_SECRET_ACCESS_KEY. When confd is executed on an EC2 instance it will acquire the AWS Region setting from EC2 Metadata.

Setup of IAM roles for EC2 instances is well documented in the AWS User Guides.

Options

Basic Example

Advanced Example

Documentation ¶

Index ¶

type Client
- func New(address, authType string, params map[string]string) (*Client, error)
- func (c *Client) GetValues(keys []string) (map[string]string, error)
- func (c *Client) WatchPrefix(prefix string, keys []string, waitIndex uint64, stopChan chan bool) (uint64, error)

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type Client ¶

type Client struct {
	// contains filtered or unexported fields
}

Client is a wrapper around the vault client

func New ¶

func New(address, authType string, params map[string]string) (*Client, error)

New returns an *vault.Client with a connection to named machines. It returns an error if a connection to the cluster cannot be made.

func (*Client) GetValues ¶

func (c *Client) GetValues(keys []string) (map[string]string, error)

GetValues queries Vault for keys prefixed by prefix.

func (*Client) WatchPrefix ¶

func (c *Client) WatchPrefix(prefix string, keys []string, waitIndex uint64, stopChan chan bool) (uint64, error)

WatchPrefix - not implemented at the moment

Source Files ¶

View all Source files

client.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL