vault

package

v0.4.0 Latest Latest Go to latest Published: Oct 26, 2017 License: Apache-2.0 Imports: 10 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/elliottsam/vault-config

Links

Open Source Insights

Documentation ¶

Index ¶

func ConvertMapStringInterface(data interface{}) map[string]interface{}
func EnableAndConfigure(a AuthType, c *VCClient) error
func Path(a AuthType) string
func SecretsEncrypted(c Config) (sf bool)
type Auth
type AuthType
type Config
- func (c *Config) DecryptSecrets(key []byte) error
type Github
type Ldap
type Mount
type Policy
type Secret
type TokenRole
type VCClient
- func NewClient(c *api.Config) (*VCClient, error)

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func ConvertMapStringInterface ¶

func ConvertMapStringInterface(data interface{}) map[string]interface{}

func EnableAndConfigure ¶

func EnableAndConfigure(a AuthType, c *VCClient) error

func Path ¶

func Path(a AuthType) string

Path will return the path of an Auth backend

func SecretsEncrypted ¶ added in v0.4.0

func SecretsEncrypted(c Config) (sf bool)

SecretsEncrypted will search a slice of secrets for encryption strings and return true if found

Types ¶

type Auth ¶

type Auth struct {
	Ldap   *Ldap   `hcl:"ldap"`
	Github *Github `hcl:"github"`
}

type AuthType ¶

type AuthType interface {
	Describe() string
	GetType() string

	//AConfig() map[string]interface{}
	Configure(c *VCClient) error
	TuneMount(c *VCClient, path string) error
	WriteUsers(c *VCClient) error
	WriteGroups(c *VCClient) error
	// contains filtered or unexported methods
}

AuthType defines an interface for dealing with Auth backends

type Config ¶

type Config struct {
	Mounts     []Mount     `hcl:"mount"`
	Policies   []Policy    `hcl:"policy"`
	TokenRoles []TokenRole `hcl:"token_role"`
	Auth       Auth        `hcl:"auth"`
	Secrets    []Secret    `hcl:"secret"`
}

Config contains the Vault configuration that will be applied to the server

func (*Config) DecryptSecrets ¶ added in v0.4.0

func (c *Config) DecryptSecrets(key []byte) error

type Github ¶

type Github struct {
	Description string `hcl:"description"`
	Users       []struct {
		Name    string                 `hcl:",key"`
		Options map[string]interface{} `hcl:"options"`
	} `hcl:"users,ommitempty"`
	Groups []struct {
		Name    string                 `hcl:"name"`
		Options map[string]interface{} `hcl:"options"`
	} `hcl:"teams,ommitempty"`
	MountConfig struct {
		DefaultLeaseTTL string `hcl:"default_lease_ttl"`
		MaxLeaseTTL     string `hcl:"max_lease_ttl"`
	} `hcl:"mountconfig"`
	AuthConfig map[string]interface{} `hcl:"authconfig"`
}

func (Github) AConfig ¶

func (g Github) AConfig() map[string]interface{}

func (Github) Configure ¶

func (g Github) Configure(c *VCClient) error

func (Github) Describe ¶

func (g Github) Describe() string

func (Github) GetType ¶

func (g Github) GetType() string

func (Github) TuneMount ¶

func (g Github) TuneMount(c *VCClient, path string) error

func (Github) WriteGroups ¶

func (g Github) WriteGroups(c *VCClient) error

func (Github) WriteUsers ¶

func (g Github) WriteUsers(c *VCClient) error

type Ldap ¶

type Ldap struct {
	Description string                 `hcl:"description"`
	AuthConfig  map[string]interface{} `hcl:"authconfig"`
	Users       []struct {
		Name    string                 `hcl:",key"`
		Options map[string]interface{} `hcl:"options"`
	} `hcl:"User"`
	Groups []struct {
		Name    string                 `hcl:",key"`
		Options map[string]interface{} `hcl:"options"`
	} `hcl:"group"`
	MountConfig struct {
		DefaultLeaseTTL string `hcl:"default_lease_ttl" mapstructure:"default_lease_ttl"`
		MaxLeaseTTL     string `hcl:"max_lease_ttl" mapstructure:"max_lease_ttl"`
	} `hcl:"mountconfig"`
}

func (Ldap) Configure ¶

func (l Ldap) Configure(c *VCClient) error

func (Ldap) Describe ¶

func (l Ldap) Describe() string

func (Ldap) GetType ¶

func (l Ldap) GetType() string

func (Ldap) TuneMount ¶

func (l Ldap) TuneMount(c *VCClient, path string) error

func (Ldap) WriteGroups ¶

func (l Ldap) WriteGroups(c *VCClient) error

func (Ldap) WriteUsers ¶

func (l Ldap) WriteUsers(c *VCClient) error

type Mount ¶

type Mount struct {
	Name   string `hcl:",key"`
	Path   string `hcl:"path"`
	Config struct {
		PathType    string `hcl:"type" mapstructure:"type"`
		Description string `hcl:"description" mapstructure:"description"`
		MountConfig struct {
			DefaultLeaseTTL string `hcl:"default_lease_ttl" mapstructure:"default_lease_ttl"`
			MaxLeaseTTL     string `hcl:"max_lease_ttl" mapstructure:"max_lease_ttl"`
		} `hcl:"mountconfig"`
	} `hcl:"config"`
}

type Policy ¶

type Policy struct {
	Name  string `hcl:",key"`
	Rules string `hcl:"rules"`
}

type Secret ¶ added in v0.2.1

type Secret struct {
	Name string                 `hcl:",key"`
	Path string                 `hcl:"path"`
	Data map[string]interface{} `hcl:"data"`
}

type TokenRole ¶

type TokenRole struct {
	Name    string                 `hcl:",key"`
	Options map[string]interface{} `hcl:"options"`
}

type VCClient ¶

type VCClient struct {
	*api.Client
}

VCClient is a wrapper around the Vault api.Client

func NewClient ¶

func NewClient(c *api.Config) (*VCClient, error)

NewClient returns a Vault client

func (*VCClient) AuthConfigure ¶

func (c *VCClient) AuthConfigure(a AuthType) error

AuthConfigure sets the configuration for an auth backend

func (*VCClient) AuthEnable ¶

func (c *VCClient) AuthEnable(a AuthType) error

AuthEnable enables an auth backend

func (*VCClient) AuthExist ¶

func (c *VCClient) AuthExist(name string) bool

AuthExist checks for the existance of an Auth mount

func (*VCClient) Mount ¶

func (c *VCClient) Mount(path string, config map[string]interface{}) error

Mount creates a new mount on Vault server

func (*VCClient) MountExist ¶

func (c *VCClient) MountExist(name string) bool

MountExist checks for the existence of specified mount

func (*VCClient) PolicyAdd ¶

func (c *VCClient) PolicyAdd(p Policy) error

PolicyAdd adds a new policy

func (*VCClient) PolicyExist ¶

func (c *VCClient) PolicyExist(name string) bool

PolicyExists checks for the existence of a policy

func (*VCClient) TuneMount ¶

func (c *VCClient) TuneMount(path string, config map[string]interface{}) error

TuneMount will configure a mounts settings

func (*VCClient) WalkVault ¶ added in v0.4.0

func (c *VCClient) WalkVault(path string) (output []string, err error)

WalkVault will go through a specific path and return the path of all secrets

func (*VCClient) WriteSecret ¶ added in v0.2.1

func (c *VCClient) WriteSecret(s Secret) error

func (*VCClient) WriteTokenRole ¶

func (c *VCClient) WriteTokenRole(tr TokenRole) error

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL