The highest tagged major version is v2.

vault

package

v1.3.771 Latest Latest Go to latest Published: Jan 19, 2019 License: Apache-2.0 Imports: 9 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

This section is empty.

View Source

var (
	ServiceAccountRoles = []string{"roles/storage.objectAdmin",
		"roles/cloudkms.admin",
		"roles/cloudkms.cryptoKeyEncrypterDecrypter",
	}
)

func AuthServiceAccountName(vaultName string, clusterName string) string

AuthServiceAccountName creates a service account name for a given vault and cluster name

func BucketName(vaultName string, clusterName string) string

BucketName creates a Bucket name for a given vault name and cluster name

func CreateAuthServiceAccount(client kubernetes.Interface, vaultName, namespace, clusterName string) (string, error)

CreateAuthServiceAccount creates a Serivce Account for the Auth service for vault

func CreateBucket(vaultName, clusterName, projectId, zone string) (string, error)

CreateBucket Creates a bucket in GKE to store the backend (encrypted) data for vault

func CreateGCPServiceAccount(kubeClient kubernetes.Interface, vaultName, namespace, clusterName, projectId string) (string, error)

CreateGCPServiceAccount creates a service account in GCP for the vault service

func GcpServiceAccountSecretName(vaultName string, clusterName string) string

GcpServiceAccountSecretName builds the secret name where the GCP service account is stored

func KeyName(vaultName string, clusterName string) string

KeyName creates a key name for a given vault and cluster name

func KeyringName(vaultName string, clusterName string) string

KeyringName creates a keyring name for a given vault and cluster name

func ServiceAccountName(vaultName string, clusterName string) string

ServiceAccountName creates a service account name for a given vault and cluster name

type KmsConfig struct {
	Keyring  string
	Key      string
	Location string
	// contains filtered or unexported fields
}

KmsConfig keeps the configuration for Google KMS service

func CreateKmsConfig(vaultName, clusterName, projectId string) (*KmsConfig, error)

CreateKmsConfig creates a KMS config for the GKE Vault