store

package
v2.1.0+incompatible Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 8, 2018 License: MIT Imports: 13 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	// DefaultKeyID is the default alias for the KMS key used to encrypt/decrypt secrets
	DefaultKeyID = "alias/parameter_store_key"
)

Variables

View Source 
var (
	// ErrSecretNotFound is returned if the specified secret is not found in the
	// parameter store
	ErrSecretNotFound = errors.New("secret not found")
)

Functions

This section is empty.

Types

type ChangeEvent 

type ChangeEvent struct {
	Type    ChangeEventType
	Time    time.Time
	User    string
	Version int
}

type ChangeEventType 

type ChangeEventType int
const (
	Created ChangeEventType = iota
	Updated
)

func (ChangeEventType) String 

func (c ChangeEventType) String() string

type RawSecret added in v1.17.0 

type RawSecret struct {
	Value string
	Key   string
}

A secret without any metadata

type SSMStore 

type SSMStore struct {
	// contains filtered or unexported fields
}

SSMStore implements the Store interface for storing secrets in SSM Parameter Store

func NewSSMStore 

func NewSSMStore(numRetries int) *SSMStore

NewSSMStore creates a new SSMStore

func (*SSMStore) Delete added in v1.11.0 

func (s *SSMStore) Delete(id SecretId) error

Delete removes a secret from the parameter store. Note this removes all versions of the secret.

func (*SSMStore) History 

func (s *SSMStore) History(id SecretId) ([]ChangeEvent, error)

History returns a list of events that have occured regarding the given secret.

func (*SSMStore) KMSKey added in v1.5.0 

func (s *SSMStore) KMSKey() string

func (*SSMStore) List 

func (s *SSMStore) List(service string, includeValues bool) ([]Secret, error)

List lists all secrets for a given service. If includeValues is true, then those secrets are decrypted and returned, otherwise only the metadata about a secret is returned.

func (*SSMStore) ListRaw added in v1.17.0 

func (s *SSMStore) ListRaw(service string) ([]RawSecret, error)

ListRaw lists all secrets keys and values for a given service. Does not include any other meta-data. Uses faster AWS APIs with much higher rate-limits. Suitable for use in production environments.

func (*SSMStore) Read 

func (s *SSMStore) Read(id SecretId, version int) (Secret, error)

Read reads a secret from the parameter store at a specific version. To grab the latest version, use -1 as the version number.

func (*SSMStore) Write 

func (s *SSMStore) Write(id SecretId, value string) error

Write writes a given value to a secret identified by id. If the secret already exists, then write a new version.

type Secret 

type Secret struct {
	Value *string
	Meta  SecretMetadata
}

type SecretId 

type SecretId struct {
	Service string
	Key     string
}

type SecretMetadata 

type SecretMetadata struct {
	Created   time.Time
	CreatedBy string
	Version   int
	Key       string
}

type Store 

type Store interface {
	Write(id SecretId, value string) error
	Read(id SecretId, version int) (Secret, error)
	List(service string, includeValues bool) ([]Secret, error)
	ListRaw(service string) ([]RawSecret, error)
	History(id SecretId) ([]ChangeEvent, error)
	Delete(id SecretId) error
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.