encrypted

package

v0.0.0-...-36387be Latest Latest Go to latest Published: Mar 28, 2024 License: Apache-2.0 Imports: 10 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/cloudopsy/dynamodb-encryption-go

Links

Open Source Insights

Documentation ¶

Index ¶

func ConstructMaterialName(item map[string]types.AttributeValue, pkInfo *PrimaryKeyInfo) (string, error)
type ClientConfig
- func NewClientConfig(options ...Option) *ClientConfig
type DynamoDBClientInterface
type EncryptedClient
- func NewEncryptedClient(client DynamoDBClientInterface, ...) *EncryptedClient
- func (ec *EncryptedClient) BatchGetItem(ctx context.Context, input *dynamodb.BatchGetItemInput) (*dynamodb.BatchGetItemOutput, error)
- func (ec *EncryptedClient) BatchWriteItem(ctx context.Context, input *dynamodb.BatchWriteItemInput) (*dynamodb.BatchWriteItemOutput, error)
- func (ec *EncryptedClient) CreateTable(ctx context.Context, input *dynamodb.CreateTableInput) (*dynamodb.CreateTableOutput, error)
- func (ec *EncryptedClient) DeleteItem(ctx context.Context, input *dynamodb.DeleteItemInput) (*dynamodb.DeleteItemOutput, error)
- func (ec *EncryptedClient) GetItem(ctx context.Context, input *dynamodb.GetItemInput) (*dynamodb.GetItemOutput, error)
- func (ec *EncryptedClient) PutItem(ctx context.Context, input *dynamodb.PutItemInput) (*dynamodb.PutItemOutput, error)
- func (ec *EncryptedClient) Query(ctx context.Context, input *dynamodb.QueryInput, ...) (*dynamodb.QueryOutput, error)
- func (ec *EncryptedClient) Scan(ctx context.Context, input *dynamodb.ScanInput) (*dynamodb.ScanOutput, error)
type EncryptedClientOption
- func WithClientConfig(config *ClientConfig) EncryptedClientOption
type EncryptedResource
- func NewEncryptedResource(client *EncryptedClient, ...) *EncryptedResource
- func (r *EncryptedResource) Table(name string) *EncryptedTable
type EncryptedTable
- func NewEncryptedTable(client *EncryptedClient) *EncryptedTable
- func (et *EncryptedTable) CreateTable(ctx context.Context, tableName string, attributes []types.AttributeDefinition, ...) error
- func (et *EncryptedTable) GetItem(ctx context.Context, tableName string, key map[string]types.AttributeValue) (map[string]types.AttributeValue, error)
- func (et *EncryptedTable) PutItem(ctx context.Context, tableName string, item map[string]types.AttributeValue) error
- func (et *EncryptedTable) Query(ctx context.Context, tableName string, input *dynamodb.QueryInput) (*dynamodb.QueryOutput, error)
- func (et *EncryptedTable) Scan(ctx context.Context, tableName string, input *dynamodb.ScanInput) (*dynamodb.ScanOutput, error)
type EncryptionAction
type EncryptionConfig
type Option
- func WithDefaultEncryption(action EncryptionAction) Option
- func WithEncryption(attributeName string, action EncryptionAction) Option
type PrimaryKeyInfo
- func TableInfo(ctx context.Context, client DynamoDBClientInterface, tableName string) (*PrimaryKeyInfo, error)

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func ConstructMaterialName ¶

func ConstructMaterialName(item map[string]types.AttributeValue, pkInfo *PrimaryKeyInfo) (string, error)

ConstructMaterialName constructs a material name based on an item's primary key.

Types ¶

type ClientConfig ¶

type ClientConfig struct {
	Encryption EncryptionConfig
}

ClientConfig holds the configuration for client operations, focusing on encryption.

func NewClientConfig ¶

func NewClientConfig(options ...Option) *ClientConfig

NewClientConfig initializes a new ClientConfig, applying any provided functional options.

type DynamoDBClientInterface ¶

type DynamoDBClientInterface interface {
	CreateTable(ctx context.Context, input *dynamodb.CreateTableInput, opts ...func(*dynamodb.Options)) (*dynamodb.CreateTableOutput, error)
	PutItem(ctx context.Context, input *dynamodb.PutItemInput, opts ...func(*dynamodb.Options)) (*dynamodb.PutItemOutput, error)
	GetItem(ctx context.Context, input *dynamodb.GetItemInput, opts ...func(*dynamodb.Options)) (*dynamodb.GetItemOutput, error)
	Query(ctx context.Context, input *dynamodb.QueryInput, opts ...func(*dynamodb.Options)) (*dynamodb.QueryOutput, error)
	Scan(ctx context.Context, input *dynamodb.ScanInput, opts ...func(*dynamodb.Options)) (*dynamodb.ScanOutput, error)
	BatchGetItem(ctx context.Context, input *dynamodb.BatchGetItemInput, opts ...func(*dynamodb.Options)) (*dynamodb.BatchGetItemOutput, error)
	BatchWriteItem(ctx context.Context, input *dynamodb.BatchWriteItemInput, opts ...func(*dynamodb.Options)) (*dynamodb.BatchWriteItemOutput, error)
	DeleteItem(ctx context.Context, input *dynamodb.DeleteItemInput, opts ...func(*dynamodb.Options)) (*dynamodb.DeleteItemOutput, error)
	DescribeTable(ctx context.Context, input *dynamodb.DescribeTableInput, opts ...func(*dynamodb.Options)) (*dynamodb.DescribeTableOutput, error)
}

type EncryptedClient ¶

type EncryptedClient struct {
	Client            DynamoDBClientInterface
	MaterialsProvider provider.CryptographicMaterialsProvider
	PrimaryKeyCache   map[string]*PrimaryKeyInfo
	ClientConfig      *ClientConfig
	// contains filtered or unexported fields
}

EncryptedClient facilitates encrypted operations on DynamoDB items.

func NewEncryptedClient ¶

func NewEncryptedClient(client DynamoDBClientInterface, materialsProvider provider.CryptographicMaterialsProvider, opts ...EncryptedClientOption) *EncryptedClient

NewEncryptedClient creates a new instance of EncryptedClient.

func (*EncryptedClient) BatchGetItem ¶

func (ec *EncryptedClient) BatchGetItem(ctx context.Context, input *dynamodb.BatchGetItemInput) (*dynamodb.BatchGetItemOutput, error)

BatchGetItem retrieves a batch of items from DynamoDB and decrypts them.

func (*EncryptedClient) BatchWriteItem ¶

func (ec *EncryptedClient) BatchWriteItem(ctx context.Context, input *dynamodb.BatchWriteItemInput) (*dynamodb.BatchWriteItemOutput, error)

BatchWriteItem performs batch write operations, encrypting any items to be put.

func (*EncryptedClient) CreateTable ¶

func (ec *EncryptedClient) CreateTable(ctx context.Context, input *dynamodb.CreateTableInput) (*dynamodb.CreateTableOutput, error)

CreateTable creates a new DynamoDB table with the specified name, attribute definitions, and key schema.

func (*EncryptedClient) DeleteItem ¶

func (ec *EncryptedClient) DeleteItem(ctx context.Context, input *dynamodb.DeleteItemInput) (*dynamodb.DeleteItemOutput, error)

DeleteItem deletes an item and its associated metadata from a DynamoDB table.

func (*EncryptedClient) GetItem ¶

func (ec *EncryptedClient) GetItem(ctx context.Context, input *dynamodb.GetItemInput) (*dynamodb.GetItemOutput, error)

GetItem retrieves an item from a DynamoDB table and decrypts it.

func (*EncryptedClient) PutItem ¶

func (ec *EncryptedClient) PutItem(ctx context.Context, input *dynamodb.PutItemInput) (*dynamodb.PutItemOutput, error)

PutItem encrypts an item and puts it into a DynamoDB table.

func (*EncryptedClient) Query ¶

func (ec *EncryptedClient) Query(ctx context.Context, input *dynamodb.QueryInput, optFns ...func(*dynamodb.Options)) (*dynamodb.QueryOutput, error)

Query executes a Query operation on DynamoDB and decrypts the returned items.

func (*EncryptedClient) Scan ¶

func (ec *EncryptedClient) Scan(ctx context.Context, input *dynamodb.ScanInput) (*dynamodb.ScanOutput, error)

Scan executes a Scan operation on DynamoDB and decrypts the returned items.

type EncryptedClientOption ¶

type EncryptedClientOption func(*EncryptedClient)

EncryptedClientOption defines a function signature for options that modify an EncryptedClient.

func WithClientConfig ¶

func WithClientConfig(config *ClientConfig) EncryptedClientOption

WithClientConfig sets the EncryptedClient's configuration.

type EncryptedResource ¶

type EncryptedResource struct {
	Client            *EncryptedClient
	MaterialsProvider provider.CryptographicMaterialsProvider
	ClientConfig      *ClientConfig
}

EncryptedResource provides a high-level interface to work with encrypted DynamoDB resources.

func NewEncryptedResource ¶

func NewEncryptedResource(client *EncryptedClient, materialsProvider provider.CryptographicMaterialsProvider, clientConfig *ClientConfig) *EncryptedResource

NewEncryptedResource creates a new instance of EncryptedResource.

func (*EncryptedResource) Table ¶

func (r *EncryptedResource) Table(name string) *EncryptedTable

Table returns an EncryptedTable instance for the specified table name.

type EncryptedTable ¶

type EncryptedTable struct {
	// contains filtered or unexported fields
}

EncryptedTable provides a high-level interface to encrypted DynamoDB operations.

func NewEncryptedTable ¶

func NewEncryptedTable(client *EncryptedClient) *EncryptedTable

NewEncryptedTable creates a new EncryptedTable with the given EncryptedClient.

func (*EncryptedTable) CreateTable ¶

func (et *EncryptedTable) CreateTable(ctx context.Context, tableName string, attributes []types.AttributeDefinition, keySchema []types.KeySchemaElement) error

CreateTable creates a new DynamoDB table with the specified name, attribute definitions, and key schema.

func (*EncryptedTable) GetItem ¶

func (et *EncryptedTable) GetItem(ctx context.Context, tableName string, key map[string]types.AttributeValue) (map[string]types.AttributeValue, error)

GetItem retrieves and decrypts an item from the DynamoDB table.

func (*EncryptedTable) PutItem ¶

func (et *EncryptedTable) PutItem(ctx context.Context, tableName string, item map[string]types.AttributeValue) error

PutItem encrypts and stores an item in the DynamoDB table.

func (*EncryptedTable) Query ¶

func (et *EncryptedTable) Query(ctx context.Context, tableName string, input *dynamodb.QueryInput) (*dynamodb.QueryOutput, error)

Query executes a Query operation on the DynamoDB table and decrypts the returned items.

func (*EncryptedTable) Scan ¶

func (et *EncryptedTable) Scan(ctx context.Context, tableName string, input *dynamodb.ScanInput) (*dynamodb.ScanOutput, error)

Scan executes a Scan operation on the DynamoDB table and decrypts the returned items.

type EncryptionAction ¶

type EncryptionAction int

EncryptionAction represents the encryption-related action to be taken on a specific attribute.

const (
	EncryptNone          EncryptionAction = iota // No encryption should be applied.
	EncryptStandard                              // The attribute should be encrypted using a standard algorithm.
	EncryptDeterministic                         // The attribute should be encrypted deterministically for consistent outcomes.
)

type EncryptionConfig ¶

type EncryptionConfig struct {
	DefaultAction   EncryptionAction            // The default encryption action if no specific action is provided.
	SpecificActions map[string]EncryptionAction // Map of attribute names to their specific encryption actions.
}

EncryptionConfig holds encryption-specific settings, including a default action and specific actions for named attributes.

type Option ¶

type Option func(*ClientConfig)

Option defines a function signature for options that modify ClientConfig.

func WithDefaultEncryption ¶

func WithDefaultEncryption(action EncryptionAction) Option

WithDefaultEncryptionAction sets the default encryption action for the client.

func WithEncryption ¶

func WithEncryption(attributeName string, action EncryptionAction) Option

WithEncryption sets a specific encryption action for a named attribute.

type PrimaryKeyInfo ¶

type PrimaryKeyInfo struct {
	Table        string
	PartitionKey string
	SortKey      string
}

PrimaryKeyInfo holds information about the primary key of a DynamoDB table.

func TableInfo ¶

func TableInfo(ctx context.Context, client DynamoDBClientInterface, tableName string) (*PrimaryKeyInfo, error)

TableInfo fetches the primary key names of a DynamoDB table.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL