Documentation ¶
Overview ¶
Package credstash implements backend for Credstash (that uses AWS KMS and DynamoDB) Heavily inspired in github.com/ouzi-dev/credstash-operator using https://github.com/versent/unicreds
Index ¶
- func NewBackend() backend.Backend
- type Backend
- type SecretManagerClient
- func (s SecretManagerClient) GetHighestVersionSecret(tableName *string, name string, encContext *unicreds.EncryptionContextValue) (*unicreds.DecryptedCredential, error)
- func (s SecretManagerClient) GetSecret(tableName *string, name string, version string, ...) (*unicreds.DecryptedCredential, error)
- func (s SecretManagerClient) SetDynamoDBConfig(config *aws.Config)
- func (s SecretManagerClient) SetKMSConfig(config *aws.Config)
- type SecretManagerClientProvider
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func NewBackend ¶
NewBackend returns an uninitialized Backend for Credstash
Types ¶
type Backend ¶
type Backend struct { SecretsManager SecretManagerClientProvider // contains filtered or unexported fields }
Backend represents a backend for Credstash
type SecretManagerClient ¶
type SecretManagerClient struct { }
SecretManagerClient defining this struct to write methods for it
func (SecretManagerClient) GetHighestVersionSecret ¶
func (s SecretManagerClient) GetHighestVersionSecret(tableName *string, name string, encContext *unicreds.EncryptionContextValue) (*unicreds.DecryptedCredential, error)
GetHighestVersionSecret gets a secret with latest version from credstash
func (SecretManagerClient) GetSecret ¶
func (s SecretManagerClient) GetSecret(tableName *string, name string, version string, encContext *unicreds.EncryptionContextValue) (*unicreds.DecryptedCredential, error)
GetSecret gets a secret with specific version from credstash
func (SecretManagerClient) SetDynamoDBConfig ¶
func (s SecretManagerClient) SetDynamoDBConfig(config *aws.Config)
SetDynamoDBConfig sets configuration for DynamoDB access
func (SecretManagerClient) SetKMSConfig ¶
func (s SecretManagerClient) SetKMSConfig(config *aws.Config)
SetKMSConfig sets configuration for KMS access
type SecretManagerClientProvider ¶
type SecretManagerClientProvider interface { SetKMSConfig(config *aws.Config) SetDynamoDBConfig(config *aws.Config) GetHighestVersionSecret(tableName *string, name string, encContext *unicreds.EncryptionContextValue) (*unicreds.DecryptedCredential, error) GetSecret(tableName *string, name string, version string, encContext *unicreds.EncryptionContextValue) (*unicreds.DecryptedCredential, error) }
SecretManagerClientProvider will be our unicreds client
Click to show internal directories.
Click to hide internal directories.