README
¶
Javascript Object Signing and Encryption Secret-store Plugin
The jose plugin allows to manage and store secrets locally
protected by the Javascript Object Signing and Encryption algorithm.
To manage your secrets of this secret-store, you should use Telegraf. Run
telegraf secrets help
to get more information on how to do this.
Configuration
# File based Javascript Object Signing and Encryption based secret-store
[[secretstores.jose]]
## Unique identifier for the secret-store.
## This id can later be used in plugins to reference the secrets
## in this secret-store via @{<id>:<secret_key>} (mandatory)
id = "secretstore"
## Directory for storing the secrets
path = "/etc/telegraf/secrets"
## Password to access the secrets.
## If no password is specified here, Telegraf will prompt for it at startup time.
# password = ""
Each secret is stored in an individual file in the subdirectory specified
using the path parameter. To access the secrets, a password is required.
This password can be specified using the password parameter containing a
string, an environment variable or as a reference to a secret in another
secret store. If password is not specified in the config, you will be
prompted for the password at startup.
Please note: All secrets in this secret store are encrypted using
the same password. If you need individual passwords for each jose
secret, please use multiple instances of this plugin.
Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Jose ¶
type Jose struct {
ID string `toml:"id"`
Path string `toml:"path"`
Password config.Secret `toml:"password"`
// contains filtered or unexported fields
}
func (*Jose) GetResolver ¶
func (j *Jose) GetResolver(key string) (telegraf.ResolveFunc, error)
GetResolver returns a function to resolve the given key.
Source Files