Back to godoc.org
github.com/hashicorp/vault/physical/dynamodb

package dynamodb

v1.4.3
Latest Go to latest
Published: 4 days ago | License: MPL-2.0 | Module: github.com/hashicorp/vault

Index

Constants

const (
	// DefaultDynamoDBRegion is used when no region is configured
	// explicitly.
	DefaultDynamoDBRegion = "us-east-1"
	// DefaultDynamoDBTableName is used when no table name
	// is configured explicitly.
	DefaultDynamoDBTableName = "vault-dynamodb-backend"

	// DefaultDynamoDBReadCapacity is the default read capacity
	// that is used when none is configured explicitly.
	DefaultDynamoDBReadCapacity = 5
	// DefaultDynamoDBWriteCapacity is the default write capacity
	// that is used when none is configured explicitly.
	DefaultDynamoDBWriteCapacity = 5

	// DynamoDBEmptyPath is the string that is used instead of
	// empty strings when stored in DynamoDB.
	DynamoDBEmptyPath = " "
	// DynamoDBLockPrefix is the prefix used to mark DynamoDB records
	// as locks. This prefix causes them not to be returned by
	// List operations.
	DynamoDBLockPrefix = "_"

	// The lock TTL matches the default that Consul API uses, 15 seconds.
	DynamoDBLockTTL = 15 * time.Second

	// The amount of time to wait between the lock renewals
	DynamoDBLockRenewInterval = 5 * time.Second

	// DynamoDBLockRetryInterval is the amount of time to wait
	// if a lock fails before trying again.
	DynamoDBLockRetryInterval = time.Second
	// DynamoDBWatchRetryMax is the number of times to re-try a
	// failed watch before signaling that leadership is lost.
	DynamoDBWatchRetryMax = 5
	// DynamoDBWatchRetryInterval is the amount of time to wait
	// if a watch fails before trying again.
	DynamoDBWatchRetryInterval = 5 * time.Second
)

func NewDynamoDBBackend

func NewDynamoDBBackend(conf map[string]string, logger log.Logger) (physical.Backend, error)

NewDynamoDBBackend constructs a DynamoDB backend. If the configured DynamoDB table does not exist, it creates it.

type DynamoDBBackend

type DynamoDBBackend struct {
	// contains filtered or unexported fields
}

DynamoDBBackend is a physical backend that stores data in a DynamoDB table. It can be run in high-availability mode as DynamoDB has locking capabilities.

func (*DynamoDBBackend) Delete

func (d *DynamoDBBackend) Delete(ctx context.Context, key string) error

Delete is used to permanently delete an entry

func (*DynamoDBBackend) Get

func (d *DynamoDBBackend) Get(ctx context.Context, key string) (*physical.Entry, error)

Get is used to fetch an entry

func (*DynamoDBBackend) HAEnabled

func (d *DynamoDBBackend) HAEnabled() bool

func (*DynamoDBBackend) List

func (d *DynamoDBBackend) List(ctx context.Context, prefix string) ([]string, error)

List is used to list all the keys under a given prefix, up to the next prefix.

func (*DynamoDBBackend) LockWith

func (d *DynamoDBBackend) LockWith(key, value string) (physical.Lock, error)

LockWith is used for mutual exclusion based on the given key.

func (*DynamoDBBackend) Put

func (d *DynamoDBBackend) Put(ctx context.Context, entry *physical.Entry) error

Put is used to insert or update an entry

type DynamoDBLock

type DynamoDBLock struct {
	// contains filtered or unexported fields
}

DynamoDBLock implements a lock using an DynamoDB client.

func (*DynamoDBLock) Lock

func (l *DynamoDBLock) Lock(stopCh <-chan struct{}) (doneCh <-chan struct{}, retErr error)

Lock tries to acquire the lock by repeatedly trying to create a record in the DynamoDB table. It will block until either the stop channel is closed or the lock could be acquired successfully. The returned channel will be closed once the lock is deleted or changed in the DynamoDB table.

func (*DynamoDBLock) Unlock

func (l *DynamoDBLock) Unlock() error

Unlock releases the lock by deleting the lock record from the DynamoDB table.

func (*DynamoDBLock) Value

func (l *DynamoDBLock) Value() (bool, string, error)

Value checks whether or not the lock is held by any instance of DynamoDBLock, including this one, and returns the current value.

type DynamoDBLockRecord

type DynamoDBLockRecord struct {
	Path     string
	Key      string
	Value    []byte
	Identity []byte
	Expires  int64
}

type DynamoDBRecord

type DynamoDBRecord struct {
	Path  string
	Key   string
	Value []byte
}

DynamoDBRecord is the representation of a vault entry in DynamoDB. The vault key is split up into two components (Path and Key) in order to allow more efficient listings.

Documentation was rendered with GOOS=linux and GOARCH=amd64.

Jump to identifier

Keyboard shortcuts

? : This menu
f or F : Jump to identifier