Documentation
Overview ¶
Package hashivault provides a secrets implementation using the Transit Secrets Engine of Vault by Hashicorp. Use OpenKeeper to construct a *secrets.Keeper.
URLs ¶
For secrets.OpenKeeper, hashivault registers for the scheme "hashivault". The default URL opener will dial a Vault server using the environment variables "VAULT_SERVER_URL" and "VAULT_SERVER_TOKEN". To customize the URL opener, or for more details on the URL format, see URLOpener. See https://gocloud.dev/concepts/urls/ for background information.
As ¶
hashivault does not support any types for As.
Index ¶
Examples ¶
Constants ¶
const Scheme = "hashivault"
Scheme is the URL scheme hashivault registers its URLOpener under on secrets.DefaultMux.
Variables ¶
Functions ¶
func OpenKeeper ¶
OpenKeeper returns a *secrets.Keeper that uses the Transit Secrets Engine of Vault by Hashicorp. See the package documentation for an example.
Types ¶
type Config ¶
type Config struct { // Token is the access token the Vault client uses to talk to the server. // See https://www.vaultproject.io/docs/concepts/tokens.html for more // information. Token string // APIConfig is used to configure the creation of the client. APIConfig api.Config }
Config is the authentication configurations of the Vault server.
type KeeperOptions ¶
type KeeperOptions struct{}
KeeperOptions controls Keeper behaviors. It is provided for future extensibility.
type URLOpener ¶
type URLOpener struct { // Client must be non-nil. Client *api.Client // Options specifies the options to pass to OpenKeeper. Options KeeperOptions }
URLOpener opens Vault URLs like "hashivault://mykey".
The URL Host + Path are used as the keyID.
No query parameters are supported.