Documentation
¶
Index ¶
- Constants
- func Authenticate(authnURL string, account string, login string, conjurAuthnRequest string, ...) ([]byte, error)
- func GetConjurAccessToken(config Config) ([]byte, error)
- func RetrieveSecret(config Config, accessToken string, secretID string) ([]byte, error)
- func WriteAccessToken(accessToken []byte, tokenPath string) error
- type Config
Constants ¶
View Source
const ( ConjurAwsType = "CONJUR_AWS_TYPE" ConjurAccount = "CONJUR_ACCOUNT" ConjurApplianceUrl = "CONJUR_APPLIANCE_URL" ConjurAuthnUrl = "CONJUR_AUTHN_URL" ConjurAuthnLogin = "CONJUR_AUTHN_LOGIN" ConjurDontAuthenticate = "CONJUR_DONT_AUTHENTICATE" ConjurAccessTokenPath = "CONJUR_ACCESS_TOKEN_PATH" ConjurIgnoreSSLVerify = "CONJUR_IGNORE_SSL_VERIFY" FlagAwsType = "aws-name" FlagAccount = "account" FlagApplianceUrl = "url" FlagLogin = "login" FlagAuthnUrl = "authn-url" FlagTokenPath = "token-path" FlagSecretID = "secret" FlagSilence = "silence" FlagIgnoreSSLVerify = "ignore-ssl-verify" DescriptionAwsType = "AWS Resource type name. Environment variable equivalent '" + ConjurAwsType + "'. e.g. ec2, lambda, ecs" DescriptionAccount = "The Conjur account. Environment variable equivalent '" + ConjurAccount + "'. e.g. company, etc" DescriptionApplianceUrl = "The URL to the Conjur instance. Environment variable equivalent '" + ConjurApplianceUrl + "'. e.g. https://conjur.com" DescriptionLogin = "Conjur login that will be used. Environment variable equivalent '" + ConjurAuthnLogin + "'. e.g. host/6634674884744/iam-role-name" DescriptionAuthnUrl = "URL Conjur will be authenticating to. Environment variable equivalent '" + ConjurAuthnUrl + "'. e.g. https://conjur.com/authn-iam/global" DescriptionTokenPath = "Write the access token to this file. Environment variable equivalent '" + ConjurAccessTokenPath + "'. e.g. /path/to/access-token.json" DescriptionSecretID = "Retrieve a specific secret from Conjur. e.g. db/postgres/username" DescriptionSilence = "Silence debug and info messages" DescriptionIgnoreSSLVerify = "WARNING: Do not verify the SSL certificate provided by Conjur server. THIS SHOULD ONLY BE USED FOR POC" )
Variables ¶
This section is empty.
Functions ¶
func Authenticate ¶
func Authenticate(authnURL string, account string, login string, conjurAuthnRequest string, ignoreSSLVerify bool) ([]byte, error)
Authenticate to conjur using the authnURL and conjurAuthnRequest
func GetConjurAccessToken ¶ added in v0.1.1
GetConjurAccessToken Get Conjur access token from Conjur
func RetrieveSecret ¶ added in v0.1.1
RetrieveSecret from conjur, if secretID is "" then no error will be returned but value will be (nil. nil)
func WriteAccessToken ¶ added in v0.1.1
WriteAccessToken witll write Conjur access token to a file specified
Types ¶
type Config ¶ added in v0.1.1
type Config struct {
AWSName string
Account string
ApplianceURL string
Login string
AuthnURL string
IgnoreSSLVerify bool
// If AccessTokenPath & SecretID is not provided then print access token to stdout
// If only AccessTokenPath is provided then write access token to file
// If only SecretID is provided then print secret value to stdout
// If AccessTokenPath & SecretID is provided then write access token to file and print secret value to stdout
AccessTokenPath string
SecretID string
Silence bool
}
Source Files
Click to show internal directories.
Click to hide internal directories.