Documentation
¶
Overview ¶
Package keyrotation implements the API handlers for running key rotation jobs.
Package keyrotation implements the API handlers for running key rotation jobs.
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Config ¶
type Config struct {
Database database.Config
SecretManager secrets.Config
ObservabilityExporter observability.Config
RevisionToken revision.Config
KeyManager keys.Config
Port string `env:"PORT, default=8080"`
// NewKeyPeriod is the duration after which we will rotate encryption keys. By default we
// generate a new key every two weeks.
NewKeyPeriod time.Duration `env:"NEW_KEY_PERIOD, default=168h"`
// DeleteOldKeyPeriod is the duration after which it is safe to delete old keys.
// We delete old data after two weeks after which it should be safe to also delete
// the associated key - we default to 15d to buffer for potential timezones issues.
DeleteOldKeyPeriod time.Duration `env:"DELETE_OLD_KEY_PERIOD, default=360h"`
}
Config represents the configuration and associated environment variables for the key rotation components.
func (*Config) DatabaseConfig ¶
func (*Config) KeyManagerConfig ¶ added in v0.3.0
func (*Config) ObservabilityExporterConfig ¶
func (c *Config) ObservabilityExporterConfig() *observability.Config
func (*Config) SecretManagerConfig ¶
Source Files
Click to show internal directories.
Click to hide internal directories.