benchmarktests

package
v0.2.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Aug 21, 2023 License: MPL-2.0 Imports: 55 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	ApproleAuthTestType   = "approle_auth"
	ApproleAuthTestMethod = "POST"
)

Constants for test

View Source 
const (
	AWSAuthTestType   = "aws_auth"
	AWSAuthTestMethod = "POST"
	AWSAuthAccessKey  = VaultBenchmarkEnvVarPrefix + "AWS_ACCESS_KEY"
	AWSAuthSecretKey  = VaultBenchmarkEnvVarPrefix + "AWS_SECRET_KEY"
)

Constants for test

View Source 
const (
	AzureAuthTestType     = "azure_auth"
	AzureAuthTestMethod   = "POST"
	AzureAuthClientID     = VaultBenchmarkEnvVarPrefix + "AZURE_CLIENT_ID"
	AzureAuthClientSecret = VaultBenchmarkEnvVarPrefix + "AZURE_CLIENT_SECRET"
	AzureAuthJWT          = VaultBenchmarkEnvVarPrefix + "AZURE_JWT"
)

Constants for test

View Source 
const (
	CertAuthTestType   = "cert_auth"
	CertAuthTestMethod = "POST"
)

Constants for test

View Source 
const (
	GCPAuthTestType     = "gcp_auth"
	GCPAuthTestMethod   = "POST"
	IdentityMetadataURL = "http://metadata/computeMetadata/v1/instance/service-accounts/default/identity"
)

Constants for test

View Source 
const (
	GitHubAuthTestType      = "github_auth"
	GitHubAuthTestMethod    = "POST"
	GitHubAuthTestUserToken = VaultBenchmarkEnvVarPrefix + "GITHUB_TOKEN"
)

Constants for test

View Source 
const (
	JWTAuthTestType   = "jwt_auth"
	JWTAuthTestMethod = "POST"
)

Constants for test

View Source 
const (
	KubeAuthTestType               = "kube_auth"
	KubeAuthTestMethod             = "POST"
	DefaultServiceAccountTokenPath = "/var/run/secrets/kubernetes.io/serviceaccount/token"
)

Constants for test

View Source 
const (
	LDAPAuthTestType               = "ldap_auth"
	LDAPAuthTestMethod             = "POST"
	LDAPAuthTestUserNameEnvVar     = VaultBenchmarkEnvVarPrefix + "LDAP_TEST_USERNAME"
	LDAPAuthTestUserPasswordEnvVar = VaultBenchmarkEnvVarPrefix + "LDAP_TEST_PASSWORD"
	LDAPAuthBindPassEnvVar         = VaultBenchmarkEnvVarPrefix + "LDAP_BIND_PASS"
)

Constants for test

View Source 
const (
	UserpassTestType       = "userpass_auth"
	UserpassAuthTestMethod = "POST"
)
View Source 
const (
	AWSSecretTestType   = "aws_secret"
	AWSSecretTestMethod = "GET"
	AWSSecretAccessKey  = VaultBenchmarkEnvVarPrefix + "AWS_ACCESS_KEY"
	AWSSecretSecretKey  = VaultBenchmarkEnvVarPrefix + "AWS_SECRET_KEY"
)

Constants for test

View Source 
const (
	AzureSecretTestType       = "azure_secret"
	AzureSecretTestMethod     = "GET"
	AzureSecretSubscriptionID = VaultBenchmarkEnvVarPrefix + "SUBSCRIPTION_ID"
	AzureSecretTenantID       = VaultBenchmarkEnvVarPrefix + "TENANT_ID"
	AzureSecretClientID       = VaultBenchmarkEnvVarPrefix + "CLIENT_ID"
	AzureSecretClientSecret   = VaultBenchmarkEnvVarPrefix + "CLIENT_SECRET"
	AzureSecretEnvironment    = VaultBenchmarkEnvVarPrefix + "ENVIRONMENT"
)

Constants for test

View Source 
const (
	CassandraSecretTestType   = "cassandra_secret"
	CassandraSecretTestMethod = "GET"
	CassandraDBUsernameEnvVar = VaultBenchmarkEnvVarPrefix + "CASSANDRADB_USERNAME"
	CassandraDBPasswordEnvVar = VaultBenchmarkEnvVarPrefix + "CASSANDRADB_PASSWORD"
)

Constants for test

View Source 
const (
	ConsulSecretTestType   = "consul_secret"
	ConsulSecretTestMethod = "GET"
	ConsulTokenEnvVar      = VaultBenchmarkEnvVarPrefix + "CONSUL_TOKEN"
)

Constants for test

View Source 
const (
	CouchbaseSecretTestType   = "couchbase_secret"
	CouchbaseSecretTestMethod = "GET"
	CouchbaseUsernameEnvVar   = VaultBenchmarkEnvVarPrefix + "COUCHBASE_USERNAME"
	CouchbasePasswordEnvVar   = VaultBenchmarkEnvVarPrefix + "COUCHBASE_PASSWORD"
)
View Source 
const (
	RedisDynamicSecretTestType         = "redis_dynamic_secret"
	RedisDynamicSecretTestMethod       = "GET"
	RedisDynamicSecretDBUsernameEnvVar = VaultBenchmarkEnvVarPrefix + "REDIS_USERNAME"
	RedisDynamicSecretDBPasswordEnvVar = VaultBenchmarkEnvVarPrefix + "REDIS_PASSWORD"
)

Constants for test

View Source 
const (
	ElasticSearchSecretTestType   = "elasticsearch_secret"
	ElasticSearchSecretTestMethod = "GET"
	ElasticSearchUsernameEnvVar   = VaultBenchmarkEnvVarPrefix + "ELASTICSEARCH_USERNAME"
	ElasticSearchPasswordEnvVar   = VaultBenchmarkEnvVarPrefix + "ELASTICSEARCH_PASSWORD"
)

Constants for test

View Source 
const (
	GCPSecretTestType     = "gcp_secret"
	GCPSecretTestMethod   = "GET"
	GCPSecretCredentials  = VaultBenchmarkEnvVarPrefix + "GCP_CREDENTIALS"
	GCPSecretBindings     = VaultBenchmarkEnvVarPrefix + "GCP_BINDINGS"
	GCPAccessTokenType    = "access_token"
	GCPServiceAccountType = "service_account_key"
)

Constants for test

View Source 
const (
	GCPImpersonationSecretTestType            = "gcp_impersonation_secret"
	GCPImpersonationSecretTestMethod          = "GET"
	GCPImpersonationSecretServiceAccountEmail = VaultBenchmarkEnvVarPrefix + "GCP_SERVICE_ACCOUNT_EMAIL"
)

Constants for test

View Source 
const (
	KVV1ReadTestType    = "kvv1_read"
	KVV1WriteTestType   = "kvv1_write"
	KVV1ReadTestMethod  = "GET"
	KVV1WriteTestMethod = "POST"
)

Constants for test

View Source 
const (
	KVV2ReadTestType    = "kvv2_read"
	KVV2WriteTestType   = "kvv2_write"
	KVV2ReadTestMethod  = "GET"
	KVV2WriteTestMethod = "POST"
)
View Source 
const (
	LDAPDynamicSecretTestType   = "ldap_dynamic_secret"
	LDAPDynamicSecretTestMethod = "GET"
	LDAPSecretBindPassEnvVar    = VaultBenchmarkEnvVarPrefix + "LDAP_BIND_PASS"
)

Constants for test

View Source 
const (
	LDAPStaticSecretTestType       = "ldap_static_secret"
	LDAPStaticSecretTestMethod     = "POST"
	LDAPStaticSecretBindPassEnvVar = VaultBenchmarkEnvVarPrefix + "LDAP_BIND_PASS"
)

Constants for test

View Source 
const (
	MongoDBSecretTestType   = "mongodb_secret"
	MongoDBSecretTestMethod = "GET"
	MongoDBUsernameEnvVar   = VaultBenchmarkEnvVarPrefix + "MONGODB_USERNAME"
	MongoDBPasswordEnvVar   = VaultBenchmarkEnvVarPrefix + "MONGODB_PASSWORD"
)
View Source 
const (
	MSSQLSecretTestType   = "mssql_secret"
	MSSQLSecretTestMethod = "GET"
	MSSQLUsernameEnvVar   = VaultBenchmarkEnvVarPrefix + "MSSQL_USERNAME"
	MSSQLPasswordEnvVar   = VaultBenchmarkEnvVarPrefix + "MSSQL_PASSWORD"
)

Constants for test

View Source 
const (
	MySQLSecretTestType   = "mysql_secret"
	MySQLSecretTestMethod = "GET"
	MySQLUsernameEnvVar   = VaultBenchmarkEnvVarPrefix + "MYSQL_USERNAME"
	MySQLPasswordEnvVar   = VaultBenchmarkEnvVarPrefix + "MYSQL_PASSWORD"
)

Constants for test

View Source 
const (
	NomadSecretTestType   = "nomad_secret"
	NomadSecretTestMethod = "GET"
	NomadTokenEnvVar      = VaultBenchmarkEnvVarPrefix + "NOMAD_TOKEN"
)

Constants for test

View Source 
const (
	PKIIssueTestType   = "pki_issue"
	PKIIssueTestMethod = "POST"
)
View Source 
const (
	PKISignTestType   = "pki_sign"
	PKISignTestMethod = "POST"
)
View Source 
const (
	PostgreSQLSecretTestType   = "postgresql_secret"
	PostgreSQLSecretTestMethod = "GET"
	PostgreSQLUsernameEnvVar   = VaultBenchmarkEnvVarPrefix + "POSTGRES_USERNAME"
	PostgreSQLPasswordEnvVar   = VaultBenchmarkEnvVarPrefix + "POSTGRES_PASSWORD"
)

Constants for test

View Source 
const (
	RabbitMQSecretTestType   = "rabbitmq_secret"
	RabbitMQSecretTestMethod = "GET"
	RabbitMQUsernameEnvVar   = VaultBenchmarkEnvVarPrefix + "RABBITMQ_USERNAME"
	RabbitMQPasswordEnvVar   = VaultBenchmarkEnvVarPrefix + "RABBITMQ_PASSWORD"
)

Constants for test

View Source 
const (
	SSHIssueTestType   = "ssh_issue"
	SSHIssueTestMethod = "POST"
)
View Source 
const (
	SSHKeySignTestType   = "ssh_sign"
	SSHKeySignTestMethod = "POST"
)
View Source 
const (
	RedisStaticSecretTestType       = "redis_static_secret"
	RedisStaticSecretTestMethod     = "GET"
	RedisStaticSecretUsernameEnvVar = VaultBenchmarkEnvVarPrefix + "STATIC_REDIS_USERNAME"
	RedisStaticSecretPasswordEnvVar = VaultBenchmarkEnvVarPrefix + "STATIC_REDIS_PASSWORD"
)

Constants for test

View Source 
const (
	TransformTokenizationTestType   = "transform_tokenization"
	TransformTokenizationTestMethod = "POST"
	TransformStoreUsernameEnvVar    = VaultBenchmarkEnvVarPrefix + "TRANSIT_STORE_USERNAME"
	TransformStorePasswordEnvVar    = VaultBenchmarkEnvVarPrefix + "TRANSIT_STORE_PASSWORD"
)
View Source 
const (
	TransitSignSecretTestType    = "transit_sign"
	TransitVerifySecretTestType  = "transit_verify"
	TransitEncryptSecretTestType = "transit_encrypt"
	TransitDecryptSecretTestType = "transit_decrypt"
	TransitSecretTestMethod      = "POST"
)
View Source 
const (
	HAStatusTestType   = "ha_status"
	SealStatusTestType = "seal_status"
	MetricsTestType    = "metrics"
	StatusTestMethod   = "GET"
)
View Source 
const (
	VaultBenchmarkEnvVarPrefix = "VAULT_BENCHMARK_"
)

Variables

View Source 
var (
	ErrIsDirectory = errors.New("location is a directory, not a file")
)
View Source 
var (
	TestList = make(map[string]func() BenchmarkBuilder)
)

Functions

func GenerateCert 

func GenerateCert(caCertTemplate *x509.Certificate, caSigner crypto.Signer) (string, string, error)

GenerateCert creates a new leaf cert from provided CA template and signer

func IsFile 

func IsFile(path string) (bool, error)

Types

type AWSAuth added in v0.2.0 

type AWSAuth struct {
	// contains filtered or unexported fields
}

func (*AWSAuth) Cleanup added in v0.2.0 

func (a *AWSAuth) Cleanup(client *api.Client) error

func (*AWSAuth) Flags added in v0.2.0 

func (a *AWSAuth) Flags(fs *flag.FlagSet)

Func Flags accepts a flag set to assign additional flags defined in the function

func (*AWSAuth) GetTargetInfo added in v0.2.0 

func (a *AWSAuth) GetTargetInfo() TargetInfo

func (*AWSAuth) ParseConfig added in v0.2.0 

func (a *AWSAuth) ParseConfig(body hcl.Body) error

func (*AWSAuth) Setup added in v0.2.0 

func (a *AWSAuth) Setup(client *api.Client, mountName string, topLevelConfig *TopLevelTargetConfig) (BenchmarkBuilder, error)

func (*AWSAuth) Target added in v0.2.0 

func (a *AWSAuth) Target(client *api.Client) vegeta.Target

type AWSAuthConfig added in v0.2.0 

type AWSAuthConfig struct {
	MaxRetries             int      `hcl:"max_retries,optional"`
	AccessKey              string   `hcl:"access_key,optional"`
	SecretKey              string   `hcl:"secret_key,optional"`
	Endpoint               string   `hcl:"endpoint,optional"`
	IAMEndpoint            string   `hcl:"iam_endpoint,optional"`
	STSEndpoint            string   `hcl:"sts_endpoint,optional"`
	STSRegion              string   `hcl:"sts_region,optional"`
	IAMServerIDHeaderValue string   `hcl:"iam_server_id_header_value,optional"`
	AllowedSTSHeaderValues []string `hcl:"allowed_sts_header_values,optional"`
}

type AWSAuthTestConfig added in v0.2.0 

type AWSAuthTestConfig struct {
	AWSAuthConfig     *AWSAuthConfig     `hcl:"auth,block"`
	AWSTestUserConfig *AWSTestUserConfig `hcl:"test_user,block"`
}

type AWSConnectionConfig added in v0.2.0 

type AWSConnectionConfig struct {
	MaxRetries       int    `hcl:"max_retries,optional"`
	AccessKey        string `hcl:"access_key,optional"`
	SecretKey        string `hcl:"secret_key,optional"`
	Region           string `hcl:"region,optional"`
	IAMEndpoint      string `hcl:"iam_endpoint,optional"`
	STSEndpoint      string `hcl:"sts_endpoint,optional"`
	UsernameTemplate string `hcl:"username_template,optional"`
}

type AWSRoleConfig added in v0.2.0 

type AWSRoleConfig struct {
	Name                   string `hcl:"name,optional"`
	CredentialType         string `hcl:"credential_type,optional"`
	RoleARNs               string `hcl:"role_arns,optional"`
	PolicyARNs             string `hcl:"policy_arns,optional"`
	PolicyDocument         string `hcl:"policy_document,optional"`
	IAM_groups             string `hcl:"iam_groups,optional"`
	IAM_tags               string `hcl:"iam_tags,optional"`
	DefaultSTSTTL          string `hcl:"default_sts_ttl,optional"`
	MaxSTSTTL              string `hcl:"max_sts_ttl,optional"`
	UserPath               string `hcl:"user_path,optional"`
	PermissionsBoundaryARN string `hcl:"permissions_boundary_arn,optional"`
}

type AWSSecretTestConfig added in v0.2.0 

type AWSSecretTestConfig struct {
	AWSConnectionConfig *AWSConnectionConfig `hcl:"connection,block"`
	AWSRoleConfig       *AWSRoleConfig       `hcl:"role,block"`
}

Main Config Struct

type AWSTest added in v0.2.0 

type AWSTest struct {
	// contains filtered or unexported fields
}

func (*AWSTest) Cleanup added in v0.2.0 

func (a *AWSTest) Cleanup(client *api.Client) error

func (*AWSTest) Flags added in v0.2.0 

func (a *AWSTest) Flags(fs *flag.FlagSet)

func (*AWSTest) GetTargetInfo added in v0.2.0 

func (a *AWSTest) GetTargetInfo() TargetInfo

func (*AWSTest) ParseConfig added in v0.2.0 

func (a *AWSTest) ParseConfig(body hcl.Body) error

func (*AWSTest) Setup added in v0.2.0 

func (a *AWSTest) Setup(client *api.Client, mountName string, topLevelConfig *TopLevelTargetConfig) (BenchmarkBuilder, error)

func (*AWSTest) Target added in v0.2.0 

func (a *AWSTest) Target(client *api.Client) vegeta.Target

type AWSTestUserConfig added in v0.2.0 

type AWSTestUserConfig struct {
	Role                       string `hcl:"role"`
	AuthType                   string `hcl:"auth_type,optional"`
	BoundAMIID                 string `hcl:"bound_ami_id,optional"`
	BoundAccountID             string `hcl:"bound_account_id,optional"`
	BoundRegion                string `hcl:"bound_region,optional"`
	BoundVPCID                 string `hcl:"bound_vpc_id,optional"`
	BoundSubnetID              string `hcl:"bound_subnet_id,optional"`
	BoundIAMRoleARN            string `hcl:"bound_iam_role_arn,optional"`
	BoundIAMInstanceProfileARN string `hcl:"bound_iam_instance_profile_arn,optional"`
	BoundEC2InstanceARN        string `hcl:"bound_ec2_instance_arn,optional"`
	RoleTag                    string `hcl:"role_tag,optional"`
	BoundIAMPrincipalARN       string `hcl:"bound_iam_principal_arn,optional"`
	InferredEntityType         string `hcl:"inferred_entity_type,optional"`
	InferredAWSRegion          string `hcl:"inferred_aws_region,optional"`
	ResolveAWSUniqueIDs        bool   `hcl:"resolve_aws_unique_ids,optional"`
	AllowInstanceMigration     bool   `hcl:"allow_instance_migration,optional"`
	DisallowReauthentication   bool   `hcl:"disallow_reauthentication,optional"`
	TokenTTL                   string `hcl:"token_ttl,optional"`
	TokenMaxTTL                string `hcl:"token_max_ttl,optional"`
	TokenPolicies              string `hcl:"token_policies,optional"`
	Policies                   string `hcl:"policies,optional"`
	TokenBoundCIDRs            string `hcl:"token_bound_cidrs,optional"`
	TokenExplicitMaxTTL        string `hcl:"token_explicit_max_ttl,optional"`
	TokenNoDefaultPolicy       bool   `hcl:"token_no_default_policy,optional"`
	TokenNumUses               int    `hcl:"token_num_uses,optional"`
	TokenPeriod                string `hcl:"token_period,optional"`
	TokenType                  string `hcl:"token_type,optional"`
}

type ApproleAuth 

type ApproleAuth struct {
	// contains filtered or unexported fields
}

Approle Auth Test Struct

func (*ApproleAuth) Cleanup 

func (a *ApproleAuth) Cleanup(client *api.Client) error

func (*ApproleAuth) Flags 

func (l *ApproleAuth) Flags(fs *flag.FlagSet)

func (*ApproleAuth) GetTargetInfo 

func (a *ApproleAuth) GetTargetInfo() TargetInfo

func (*ApproleAuth) ParseConfig 

func (a *ApproleAuth) ParseConfig(body hcl.Body) error

ParseConfig parses the passed in hcl.Body into Configuration structs for use during test configuration in Vault. Any default configuration definitions for required parameters will be set here.

func (*ApproleAuth) Setup 

func (a *ApproleAuth) Setup(client *api.Client, mountName string, topLevelConfig *TopLevelTargetConfig) (BenchmarkBuilder, error)

func (*ApproleAuth) Target 

func (a *ApproleAuth) Target(client *api.Client) vegeta.Target

type ApproleAuthTestConfig 

type ApproleAuthTestConfig struct {
	RoleConfig     *RoleConfig     `hcl:"role,block"`
	SecretIDConfig *SecretIDConfig `hcl:"secret_id,block"`
}

Main Config Struct

type AzureAuth added in v0.2.0 

type AzureAuth struct {
	// contains filtered or unexported fields
}

func (*AzureAuth) Cleanup added in v0.2.0 

func (a *AzureAuth) Cleanup(client *api.Client) error

func (*AzureAuth) Flags added in v0.2.0 

func (a *AzureAuth) Flags(fs *flag.FlagSet)

Func Flags accepts a flag set to assign additional flags defined in the function

func (*AzureAuth) GetTargetInfo added in v0.2.0 

func (a *AzureAuth) GetTargetInfo() TargetInfo

func (*AzureAuth) ParseConfig added in v0.2.0 

func (a *AzureAuth) ParseConfig(body hcl.Body) error

func (*AzureAuth) Setup added in v0.2.0 

func (a *AzureAuth) Setup(client *api.Client, mountName string, topLevelConfig *TopLevelTargetConfig) (BenchmarkBuilder, error)

func (*AzureAuth) Target added in v0.2.0 

func (a *AzureAuth) Target(client *api.Client) vegeta.Target

type AzureAuthConfig added in v0.2.0 

type AzureAuthConfig struct {
	TenantID     string `hcl:"tenant_id"`
	Resource     string `hcl:"resource"`
	Environment  string `hcl:"environment,optional"`
	ClientID     string `hcl:"client_id,optional"`
	ClientSecret string `hcl:"client_secret,optional"`
}

type AzureAuthRole added in v0.2.0 

type AzureAuthRole struct {
	Name                     string   `hcl:"string,optional"`
	BoundServicePrincipalIDs []string `hcl:"bound_service_principal_ids,optional"`
	BoundGroupIDs            []string `hcl:"bound_group_ids,optional"`
	BoundLocations           []string `hcl:"bound_locations,optional"`
	BoundSubscriptionIDs     []string `hcl:"bound_subscription_ids,optional"`
	BoundResourceGroups      []string `hcl:"bound_resource_groups,optional"`
	BoundScaleSets           []string `hcl:"bound_scale_sets,optional"`
	TokenTTL                 string   `hcl:"token_ttl,optional"`
	TokenMaxTTL              string   `hcl:"token_max_ttl,optional"`
	TokenPolicies            []string `hcl:"token_policies,optional"`
	Policies                 []string `hcl:"policies,optional"`
	TokenBoundCidrs          []string `hcl:"token_bound_cidrs,optional"`
	TokenExplicitMaxTTL      string   `hcl:"token_explicit_max_ttl,optional"`
	TokenNoDefaultPolicy     bool     `hcl:"token_no_default_policy,optional"`
	TokenNumUses             int      `hcl:"token_num_uses,optional"`
	TokenPeriod              string   `hcl:"token_period,optional"`
	TokenType                string   `hcl:"token_type,optional"`
}

type AzureAuthTestConfig added in v0.2.0 

type AzureAuthTestConfig struct {
	AzureAuthConfig *AzureAuthConfig `hcl:"config,block"`
	AzureAuthRole   *AzureAuthRole   `hcl:"role,block"`
	AzureAuthUser   *AzureAuthUser   `hcl:"user,block"`
}

type AzureAuthUser added in v0.2.0 

type AzureAuthUser struct {
	Role              string `hcl:"role,optional"`
	JWT               string `hcl:"jwt,optional"`
	SubscriptionID    string `hcl:"subscription_id"`
	ResourceGroupName string `hcl:"resource_group_name"`
	VMName            string `hcl:"vm_name,optional"`
	VMSSName          string `hcl:"vmss_name,optional"`
	ResourceID        string `hcl:"resource_id,optional"`
}

type AzureSecretConfig added in v0.2.0 

type AzureSecretConfig struct {
	SubscriptionId  string `hcl:"subscription_id,optional"`
	TenantId        string `hcl:"tenant_id,optional"`
	ClientId        string `hcl:"client_id,optional"`
	ClientSecret    string `hcl:"client_secret,optional"`
	Environment     string `hcl:"environment,optional"`
	PasswordPolicy  string `hcl:"password_policy,optional"`
	RootPasswordTTL string `hcl:"root_password_ttl,optional"`
}

type AzureSecretRole added in v0.2.0 

type AzureSecretRole struct {
	Name                string `hcl:"name,optional"`
	AzureRoles          string `hcl:"azure_roles,optional"`
	AzureGroups         string `hcl:"azure_groups,optional"`
	ApplicationObjectId string `hcl:"application_object_id,optional"`
	PersistApp          bool   `hcl:"persist_app,optional"`
	TTL                 string `hcl:"ttl,optional"`
	MaxTTL              string `hcl:"max_ttl,optional"`
	PermanentlyDelete   bool   `hcl:"permanently_delete,optional"`
}

type AzureSecretTestConfig added in v0.2.0 

type AzureSecretTestConfig struct {
	AzureConfig *AzureSecretConfig `hcl:"azure,block"`
	AzureRole   *AzureSecretRole   `hcl:"role,block"`
}

type AzureTest added in v0.2.0 

type AzureTest struct {
	// contains filtered or unexported fields
}

func (*AzureTest) Cleanup added in v0.2.0 

func (a *AzureTest) Cleanup(client *api.Client) error

func (*AzureTest) Flags added in v0.2.0 

func (a *AzureTest) Flags(fs *flag.FlagSet)

func (*AzureTest) GetTargetInfo added in v0.2.0 

func (a *AzureTest) GetTargetInfo() TargetInfo

func (*AzureTest) ParseConfig added in v0.2.0 

func (a *AzureTest) ParseConfig(body hcl.Body) error

func (*AzureTest) Setup added in v0.2.0 

func (a *AzureTest) Setup(client *api.Client, mountName string, topLevelConfig *TopLevelTargetConfig) (BenchmarkBuilder, error)

func (*AzureTest) Target added in v0.2.0 

func (a *AzureTest) Target(client *api.Client) vegeta.Target

type BenchmarkBuilder 

type BenchmarkBuilder interface {
	// Target generates and returns a vegeta.Target struct which is used for the attack
	Target(client *api.Client) vegeta.Target

	// Setup uses the passed in client and configuration to create the necessary test resources
	// in Vault, and retrieve any necessary information needed to perform the test itself. Setup
	// returns a test struct type which satisfies this BenchmarkBuilder interface.
	Setup(client *api.Client, mountName string, config *TopLevelTargetConfig) (BenchmarkBuilder, error)

	// Cleanup uses the passed in client to clean up any created resources used as part of the test
	Cleanup(client *api.Client) error

	// ParseConfig accepts an hcl.Body and parses it into the underlying test struct
	ParseConfig(body hcl.Body) error

	// GetTargetInfo retrieves specific Target information required to pass on to Attack
	GetTargetInfo() TargetInfo

	// Flags allows tests to define flags in the passed in command flag set
	Flags(fs *flag.FlagSet)
}

type BenchmarkTarget 

type BenchmarkTarget struct {
	Builder    BenchmarkBuilder
	Target     func(*api.Client) vegeta.Target
	Remain     hcl.Body `hcl:",remain"`
	Type       string   `hcl:"type,label"`
	Name       string   `hcl:"name,label"`
	MountName  string   `hcl:"mount_name,optional"`
	Method     string
	PathPrefix string
	Weight     int `hcl:"weight,optional"`
}

func (*BenchmarkTarget) ConfigureTarget 

func (bt *BenchmarkTarget) ConfigureTarget(client *api.Client)

type CaCert 

type CaCert struct {
	PEM      string
	Template *x509.Certificate
	Signer   crypto.Signer
}

func GenerateCA 

func GenerateCA() (*CaCert, error)

GenerateCA generates a new self-signed CA cert and returns a CaCert struct containing the PEM encoded cert, X509 Certificate Template, and crypto.Signer

type CassandraDBConfig 

type CassandraDBConfig struct {
	Name                   string   `hcl:"name,optional"`
	PluginName             string   `hcl:"plugin_name,optional"`
	PluginVersion          string   `hcl:"plugin_version,optional"`
	VerifyConnection       *bool    `hcl:"verify_connection"`
	AllowedRoles           []string `hcl:"allowed_roles,optional"`
	RootRotationStatements []string `hcl:"root_rotation_statements,optional"`
	PasswordPolicy         string   `hcl:"password_policy,optional"`
	Hosts                  string   `hcl:"hosts"`
	Port                   int      `hcl:"port,optional"`
	ProtocolVersion        int      `hcl:"protocol_version"`
	Username               string   `hcl:"username,optional"`
	Password               string   `hcl:"password,optional"`
	TLS                    *bool    `hcl:"tls,optional"`
	InsecureTLS            bool     `hcl:"insecure_tls,optional"`
	PEMBundle              string   `hcl:"pem_bundle,optional"`
	TLSServerName          string   `hcl:"tls_server_name,optional"`
	PEMhcl                 string   `hcl:"pem_hcl,optional"`
	SkipVerification       bool     `hcl:"skip_verification,optional"`
	ConnectTimeout         string   `hcl:"connect_timeout,optional"`
	LocalDatacenter        string   `hcl:"local_datacenter,optional"`
	SocketKeepAlive        string   `hcl:"socket_keep_alive,optional"`
	Consistency            string   `hcl:"consistency,optional"`
	UsernameTemplate       string   `hcl:"username_template,optional"`
}

Cassandra DB Config

type CassandraRoleConfig 

type CassandraRoleConfig struct {
	Name                   string   `hcl:"name,optional"`
	DBName                 string   `hcl:"db_name,optional"`
	DefaultTTL             string   `hcl:"default_ttl,optional"`
	MaxTTL                 string   `hcl:"max_ttl,optional"`
	CreationStatements     []string `hcl:"creation_statements"`
	RevocationStatements   []string `hcl:"revocation_statements,optional"`
	RollbackStatements     []string `hcl:"rollback_statements,optional"`
	RootRotationStatements []string `hcl:"root_rotation_statements,optional"`
}

Cassandra Role Config

type CassandraSecret 

type CassandraSecret struct {
	// contains filtered or unexported fields
}

Cassandra Secret Test Struct

func (*CassandraSecret) Cleanup 

func (c *CassandraSecret) Cleanup(client *api.Client) error

func (*CassandraSecret) Flags 

func (c *CassandraSecret) Flags(fs *flag.FlagSet)

func (*CassandraSecret) GetTargetInfo 

func (c *CassandraSecret) GetTargetInfo() TargetInfo

func (*CassandraSecret) ParseConfig 

func (c *CassandraSecret) ParseConfig(body hcl.Body) error

ParseConfig parses the passed in hcl.Body into Configuration structs for use during test configuration in Vault. Any default configuration definitions for required parameters will be set here.

func (*CassandraSecret) Setup 

func (c *CassandraSecret) Setup(client *api.Client, mountName string, topLevelConfig *TopLevelTargetConfig) (BenchmarkBuilder, error)

func (*CassandraSecret) Target 

func (c *CassandraSecret) Target(client *api.Client) vegeta.Target

type CassandraSecretTestConfig 

type CassandraSecretTestConfig struct {
	CassandraDBConfig   *CassandraDBConfig   `hcl:"db_connection,block"`
	CassandraRoleConfig *CassandraRoleConfig `hcl:"role,block"`
}

Main Config Struct

type CertAuth 

type CertAuth struct {
	// contains filtered or unexported fields
}

func (*CertAuth) Cleanup 

func (c *CertAuth) Cleanup(client *api.Client) error

func (*CertAuth) Flags 

func (c *CertAuth) Flags(fs *flag.FlagSet)

func (*CertAuth) GetTargetInfo 

func (c *CertAuth) GetTargetInfo() TargetInfo

func (*CertAuth) ParseConfig 

func (c *CertAuth) ParseConfig(body hcl.Body) error

func (*CertAuth) Setup 

func (c *CertAuth) Setup(client *api.Client, mountName string, topLevelConfig *TopLevelTargetConfig) (BenchmarkBuilder, error)

func (*CertAuth) Target 

func (c *CertAuth) Target(client *api.Client) vegeta.Target

type CertAuthRoleConfig 

type CertAuthRoleConfig struct {
	Name                       string   `hcl:"name,optional"`
	Certificate                string   `hcl:"certificate,optional"`
	AllowedNames               string   `hcl:"allowed_names,optional"`
	AllowedCommonNames         []string `hcl:"allowed_common_names,optional"`
	AllowedDNSSANS             []string `hcl:"allowed_dns_sans,optional"`
	AllowedEmailSANS           []string `hcl:"allowed_email_sans,optional"`
	AllowedURISANS             []string `hcl:"allowed_uri_sans,optional"`
	AllowedOrganizationalUnits []string `hcl:"allowed_organizational_units,optional"`
	RequiredExtensions         []string `hcl:"required_extensions,optional"`
	AllowedMetadataExtensions  []string `hcl:"allowed_metadata_extensions,optional"`
	DisplayName                string   `hcl:"display_name,optional"`
	TokenTTL                   string   `hcl:"token_ttl,optional"`
	TokenMaxTTL                string   `hcl:"token_max_ttl,optional"`
	TokenPolicies              []string `hcl:"token_policies,optional"`
	Policies                   []string `hcl:"policies,optional"`
	TokenBoundCIDRs            []string `hcl:"token_bound_cidrs,optional"`
	TokenExplicitMaxTTL        string   `hcl:"token_explicit_max_ttl,optional"`
	TokenNoDefaultPolicy       bool     `hcl:"token_no_default_policy,optional"`
	TokenNumUses               int      `hcl:"token_num_uses,optional"`
	TokenPeriod                string   `hcl:"token_period,optional"`
	TokenType                  string   `hcl:"token_type,optional"`
}

Main config struct

type ConsulConfig 

type ConsulConfig struct {
	Address    string `hcl:"address"`
	Scheme     string `hcl:"scheme,optional"`
	Token      string `hcl:"token,optional"`
	CaCert     string `hcl:"ca_cert,optional"`
	ClientCert string `hcl:"client_cert,optional"`
	ClientKey  string `hcl:"client_key,optional"`
}

type ConsulRoleConfig 

type ConsulRoleConfig struct {
	Partition         string   `hcl:"partition,optional"`
	NodeIdentities    []string `hcl:"node_identities,optional"`
	ConsulNamespace   string   `hcl:"consul_namespace,optional"`
	ServiceIdentities []string `hcl:"service_identities,optional"`
	ConsulRoles       []string `hcl:"consul_roles,optional"`
	Name              string   `hcl:"name,optional"`
	TokenType         string   `hcl:"token_type,optional"`
	Policy            string   `hcl:"policy,optional"`
	Policies          []string `hcl:"policies,optional"`
	ConsulPolicies    []string `hcl:"consul_policies,optional"`
	Local             bool     `hcl:"local,optional"`
	TTL               string   `hcl:"ttl,optional"`
	MaxTTL            string   `hcl:"max_ttl,optional"`
	Lease             string   `hcl:"lease,optional"`
}

type ConsulSecretTestConfig 

type ConsulSecretTestConfig struct {
	Version          string            `hcl:"version,optional"`
	ConsulConfig     *ConsulConfig     `hcl:"consul,block"`
	ConsulRoleConfig *ConsulRoleConfig `hcl:"role,block"`
}

type ConsulTest 

type ConsulTest struct {
	// contains filtered or unexported fields
}

func (*ConsulTest) Cleanup 

func (c *ConsulTest) Cleanup(client *api.Client) error

func (*ConsulTest) Flags 

func (c *ConsulTest) Flags(fs *flag.FlagSet)

func (*ConsulTest) GetTargetInfo 

func (c *ConsulTest) GetTargetInfo() TargetInfo

func (*ConsulTest) ParseConfig 

func (c *ConsulTest) ParseConfig(body hcl.Body) error

func (*ConsulTest) Setup 

func (c *ConsulTest) Setup(client *api.Client, mountName string, topLevelConfig *TopLevelTargetConfig) (BenchmarkBuilder, error)

func (*ConsulTest) Target 

func (c *ConsulTest) Target(client *api.Client) vegeta.Target

type CouchbaseConfig 

type CouchbaseConfig struct {
	// Common
	Name             string   `hcl:"name,optional"`
	PluginName       string   `hcl:"plugin_name,optional"`
	PluginVersion    string   `hcl:"plugin_version,optional"`
	VerifyConnection *bool    `hcl:"verify_connection,optional"`
	AllowedRoles     []string `hcl:"allowed_roles,optional"`
	PasswordPolicy   string   `hcl:"password_policy,optional"`
	Username         string   `hcl:"username,optional"`
	Password         string   `hcl:"password,optional"`
	DisableEscaping  bool     `hcl:"disable_escaping,optional"`

	// Couchbase Specific
	Hosts            string `hcl:"hosts"`
	TLS              bool   `hcl:"tls,optional"`
	InsecureTLS      bool   `hcl:"insecure_tls,optional"`
	UsernameTemplate string `hcl:"username_template,optional"`
	Base64PEM        string `hcl:"base64pem,optional"`
	BucketName       string `hcl:"bucket_name"`
}

type CouchbaseRoleConfig 

type CouchbaseRoleConfig struct {
	Name               string   `hcl:"name,optional"`
	DBName             string   `hcl:"db_name,optional"`
	DefaultTTL         string   `hcl:"default_ttl,optional"`
	MaxTTL             string   `hcl:"max_ttl,optional"`
	CreationStatements []string `hcl:"creation_statements,optional"`
}

type CouchbaseSecretTest 

type CouchbaseSecretTest struct {
	// contains filtered or unexported fields
}

func (*CouchbaseSecretTest) Cleanup 

func (c *CouchbaseSecretTest) Cleanup(client *api.Client) error

func (*CouchbaseSecretTest) Flags 

func (c *CouchbaseSecretTest) Flags(fs *flag.FlagSet)

func (*CouchbaseSecretTest) GetTargetInfo 

func (c *CouchbaseSecretTest) GetTargetInfo() TargetInfo

func (*CouchbaseSecretTest) ParseConfig 

func (c *CouchbaseSecretTest) ParseConfig(body hcl.Body) error

func (*CouchbaseSecretTest) Setup 

func (c *CouchbaseSecretTest) Setup(client *api.Client, mountName string, topLevelConfig *TopLevelTargetConfig) (BenchmarkBuilder, error)

func (*CouchbaseSecretTest) Target 

func (c *CouchbaseSecretTest) Target(client *api.Client) vegeta.Target

type CouchbaseSecretTestConfig added in v0.2.0 

type CouchbaseSecretTestConfig struct {
	DBConfig   *CouchbaseConfig     `hcl:"db_connection,block"`
	RoleConfig *CouchbaseRoleConfig `hcl:"role,block"`
}

type ElasticSearchConfig 

type ElasticSearchConfig struct {
	Name                   string   `hcl:"name,optional"`
	PluginName             string   `hcl:"plugin_name,optional"`
	PluginVersion          string   `hcl:"plugin_version,optional"`
	VerifyConnectioon      *bool    `hcl:"verify_connection,optional"`
	AllowedRoles           []string `hcl:"allowed_roles,optional"`
	RootRotationStatements []string `hcl:"root_rotation_statements,optional"`
	PasswordPolicy         string   `hcl:"password_policy,optional"`
	URL                    string   `hcl:"url"`
	Username               string   `hcl:"username,optional"`
	Password               string   `hcl:"password,optional"`
	CACert                 string   `hcl:"ca_cert,optional"`
	CAPath                 string   `hcl:"ca_path,optional"`
	ClientCert             string   `hcl:"client_cert,optional"`
	ClientKey              string   `hcl:"client_key,optional"`
	TLSServerName          string   `hcl:"tls_server_name,optional"`
	Insecure               bool     `hcl:"insecure,optional"`
	UsernameTemplate       string   `hcl:"username_template,optional"`
	UseOldXPack            bool     `hcl:"use_old_xpack,optional"`
}

type ElasticSearchRoleConfig 

type ElasticSearchRoleConfig struct {
	RoleName           string   `hcl:"name,optional"`
	DBName             string   `hcl:"db_name,optional"`
	DefaultTTL         string   `hcl:"default_ttl,optional"`
	MaxTTL             string   `hcl:"max_ttl,optional"`
	CreationStatements []string `hcl:"creation_statements,optional"`
}

type ElasticSearchSecretTestConfig 

type ElasticSearchSecretTestConfig struct {
	ElasticSearchConfig     *ElasticSearchConfig     `hcl:"db_connection,block"`
	ElasticSearchRoleConfig *ElasticSearchRoleConfig `hcl:"role,block"`
}

type ElasticSearchTest 

type ElasticSearchTest struct {
	// contains filtered or unexported fields
}

func (*ElasticSearchTest) Cleanup 

func (e *ElasticSearchTest) Cleanup(client *api.Client) error

func (*ElasticSearchTest) Flags 

func (e *ElasticSearchTest) Flags(fs *flag.FlagSet)

func (*ElasticSearchTest) GetTargetInfo 

func (e *ElasticSearchTest) GetTargetInfo() TargetInfo

func (*ElasticSearchTest) ParseConfig 

func (e *ElasticSearchTest) ParseConfig(body hcl.Body) error

func (*ElasticSearchTest) Setup 

func (e *ElasticSearchTest) Setup(client *api.Client, mountName string, topLevelConfig *TopLevelTargetConfig) (BenchmarkBuilder, error)

func (*ElasticSearchTest) Target 

func (e *ElasticSearchTest) Target(client *api.Client) vegeta.Target

type GCPAuth added in v0.2.0 

type GCPAuth struct {
	// contains filtered or unexported fields
}

func (*GCPAuth) Cleanup added in v0.2.0 

func (g *GCPAuth) Cleanup(client *api.Client) error

func (*GCPAuth) Flags added in v0.2.0 

func (g *GCPAuth) Flags(fs *flag.FlagSet)

Func Flags accepts a flag set to assign additional flags defined in the function

func (*GCPAuth) GetTargetInfo added in v0.2.0 

func (g *GCPAuth) GetTargetInfo() TargetInfo

func (*GCPAuth) ParseConfig added in v0.2.0 

func (g *GCPAuth) ParseConfig(body hcl.Body) error

func (*GCPAuth) Setup added in v0.2.0 

func (g *GCPAuth) Setup(client *api.Client, mountName string, topLevelConfig *TopLevelTargetConfig) (BenchmarkBuilder, error)

func (*GCPAuth) Target added in v0.2.0 

func (g *GCPAuth) Target(client *api.Client) vegeta.Target

type GCPAuthConfig added in v0.2.0 

type GCPAuthConfig struct {
	Credentials    string `hcl:"credentials"`
	IAMAlias       string `hcl:"iam_alias,optional"`
	IAMMetadata    string `hcl:"iam_metadata,optional"`
	GCEAlias       string `hcl:"gce_alias,optional"`
	GCEMetadata    string `hcl:"gce_metadata,optional"`
	CustomEndpoint string `hcl:"custom_endpoint,optional"`
}

type GCPAuthTestConfig added in v0.2.0 

type GCPAuthTestConfig struct {
	GCPAuthConfig     *GCPAuthConfig     `hcl:"auth,block"`
	GCPTestRoleConfig *GCPTestRoleConfig `hcl:"role,block"`
}

type GCPImpersonate added in v0.2.0 

type GCPImpersonate struct {
	Name                string   `hcl:"name,optional"`
	ServiceAccountEmail string   `hcl:"service_account_email,optional"`
	TTL                 string   `hcl:"ttl,optional"`
	TokenScopes         []string `hcl:"token_scopes,optional"`
}

type GCPImpersonationSecretTestConfig added in v0.2.0 

type GCPImpersonationSecretTestConfig struct {
	GCPConfig      *GCPSecretConfig `hcl:"gcp,block"`
	GCPImpersonate *GCPImpersonate  `hcl:"impersonate,block"`
}

type GCPImpersonationTest added in v0.2.0 

type GCPImpersonationTest struct {
	// contains filtered or unexported fields
}

func (*GCPImpersonationTest) Cleanup added in v0.2.0 

func (g *GCPImpersonationTest) Cleanup(client *api.Client) error

func (*GCPImpersonationTest) Flags added in v0.2.0 

func (a *GCPImpersonationTest) Flags(fs *flag.FlagSet)

func (*GCPImpersonationTest) GetTargetInfo added in v0.2.0 

func (g *GCPImpersonationTest) GetTargetInfo() TargetInfo

func (*GCPImpersonationTest) ParseConfig added in v0.2.0 

func (g *GCPImpersonationTest) ParseConfig(body hcl.Body) error

func (*GCPImpersonationTest) Setup added in v0.2.0 

func (g *GCPImpersonationTest) Setup(client *api.Client, mountName string, topLevelConfig *TopLevelTargetConfig) (BenchmarkBuilder, error)

func (*GCPImpersonationTest) Target added in v0.2.0 

func (g *GCPImpersonationTest) Target(client *api.Client) vegeta.Target

type GCPSecretConfig added in v0.2.0 

type GCPSecretConfig struct {
	Credentials string `hcl:"credentials,optional"`
	TTL         string `hcl:"ttl,optional"`
	MaxTTL      string `hcl:"max_ttl,optional"`
}

type GCPSecretRoleset added in v0.2.0 

type GCPSecretRoleset struct {
	Name        string   `hcl:"name,optional"`
	SecretType  string   `hcl:"secret_type,optional"`
	Project     string   `hcl:"project"`
	Bindings    string   `hcl:"bindings,optional"`
	TokenScopes []string `hcl:"token_scopes,optional"`
}

type GCPSecretTestConfig added in v0.2.0 

type GCPSecretTestConfig struct {
	GCPConfig  *GCPSecretConfig  `hcl:"gcp,block"`
	GCPRoleset *GCPSecretRoleset `hcl:"roleset,block"`
}

type GCPTest added in v0.2.0 

type GCPTest struct {
	// contains filtered or unexported fields
}

func (*GCPTest) Cleanup added in v0.2.0 

func (g *GCPTest) Cleanup(client *api.Client) error

func (*GCPTest) Flags added in v0.2.0 

func (g *GCPTest) Flags(fs *flag.FlagSet)

func (*GCPTest) GetTargetInfo added in v0.2.0 

func (g *GCPTest) GetTargetInfo() TargetInfo

func (*GCPTest) ParseConfig added in v0.2.0 

func (g *GCPTest) ParseConfig(body hcl.Body) error

func (*GCPTest) Setup added in v0.2.0 

func (g *GCPTest) Setup(client *api.Client, mountName string, topLevelConfig *TopLevelTargetConfig) (BenchmarkBuilder, error)

func (*GCPTest) Target added in v0.2.0 

func (g *GCPTest) Target(client *api.Client) vegeta.Target

type GCPTestRoleConfig added in v0.2.0 

type GCPTestRoleConfig struct {
	Name                 string   `hcl:"name"`
	Type                 string   `hcl:"type"`
	AddGroupAliases      bool     `hcl:"add_group_aliases,optional"`
	AllowGCEInference    bool     `hcl:"allow_gce_inference,optional"`
	BoundServiceAccounts []string `hcl:"bound_service_accounts,optional"`
	BoundProjects        []string `hcl:"bound_projects,optional"`
	BoundZones           []string `hcl:"bound_zones,optional"`
	BoundRegions         []string `hcl:"bound_regions,optional"`
	BoundInstanceGroups  []string `hcl:"bound_instance_groups,optional"`
	BoundLabels          []string `hcl:"bound_labels,optional"`
	MaxJWTExp            string   `hcl:"max_jwt_exp,optional"`
	TokenBoundCIDRs      []string `hcl:"token_bound_cidrs,optional"`
	TokenExplicitMaxTTL  string   `hcl:"token_explicit_max_ttl,optional"`
	TokenMaxTTL          string   `hcl:"token_max_ttl,optional"`
	TokenNoDefaultPolicy bool     `hcl:"token_no_default_policy,optional"`
	TokenNumUses         int      `hcl:"token_num_uses,optional"`
	TokenPolicies        []string `hcl:"token_policies,optional"`
	TokenPeriod          string   `hcl:"token_period,optional"`
	TokenTTL             string   `hcl:"token_ttl,optional"`
	TokenType            string   `hcl:"token_type,optional"`
}

type GitHubAuth added in v0.2.0 

type GitHubAuth struct {
	// contains filtered or unexported fields
}

func (*GitHubAuth) Cleanup added in v0.2.0 

func (g *GitHubAuth) Cleanup(client *api.Client) error

func (*GitHubAuth) Flags added in v0.2.0 

func (g *GitHubAuth) Flags(fs *flag.FlagSet)

Func Flags accepts a flag set to assign additional flags defined in the function

func (*GitHubAuth) GetTargetInfo added in v0.2.0 

func (g *GitHubAuth) GetTargetInfo() TargetInfo

func (*GitHubAuth) ParseConfig added in v0.2.0 

func (g *GitHubAuth) ParseConfig(body hcl.Body) error

func (*GitHubAuth) Setup added in v0.2.0 

func (g *GitHubAuth) Setup(client *api.Client, mountName string, topLevelConfig *TopLevelTargetConfig) (BenchmarkBuilder, error)

func (*GitHubAuth) Target added in v0.2.0 

func (g *GitHubAuth) Target(client *api.Client) vegeta.Target

type GitHubAuthConfig added in v0.2.0 

type GitHubAuthConfig struct {
	Organization         string `hcl:"organization"`
	OrganizationID       string `hcl:"organization_id,optional"`
	BaseURL              string `hcl:"base_url,optional"`
	TokenTTL             string `hcl:"token_ttl,optional"`
	TokenMaxTTL          string `hcl:"token_max_ttl,optional"`
	TokenPolicies        string `hcl:"token_policies,optional"`
	Policies             string `hcl:"policies,optional"`
	TokenBoundCIDRs      string `hcl:"token_bound_cidrs,optional"`
	TokenExplicitMaxTTL  string `hcl:"token_explicit_max_ttl,optional"`
	TokenNoDefaultPolicy bool   `hcl:"token_no_default_policy,optional"`
	TokenNumUses         string `hcl:"token_num_uses,optional"`
	TokenPeriod          string `hcl:"token_period,optional"`
	TokenType            string `hcl:"token_type,optional"`
}

type GitHubAuthTestConfig added in v0.2.0 

type GitHubAuthTestConfig struct {
	GitHubAuthConfig     *GitHubAuthConfig     `hcl:"auth,block"`
	GitHubTestUserConfig *GitHubTestUserConfig `hcl:"test_user,block"`
}

type GitHubTestUserConfig added in v0.2.0 

type GitHubTestUserConfig struct {
	Token string `hcl:"token,optional"`
}

type JWTAuth 

type JWTAuth struct {
	// contains filtered or unexported fields
}

JWT Auth Test Struct

func (*JWTAuth) Cleanup 

func (j *JWTAuth) Cleanup(client *api.Client) error

func (*JWTAuth) Flags 

func (j *JWTAuth) Flags(fs *flag.FlagSet)

func (*JWTAuth) GetTargetInfo 

func (j *JWTAuth) GetTargetInfo() TargetInfo

func (*JWTAuth) ParseConfig 

func (j *JWTAuth) ParseConfig(body hcl.Body) error

ParseConfig parses the passed in hcl.Body into Configuration structs for use during test configuration in Vault. Any default configuration definitions for required parameters will be set here.

func (*JWTAuth) Setup 

func (j *JWTAuth) Setup(client *api.Client, mountName string, topLevelConfig *TopLevelTargetConfig) (BenchmarkBuilder, error)

func (*JWTAuth) Target 

func (j *JWTAuth) Target(client *api.Client) vegeta.Target

type JWTAuthConfig 

type JWTAuthConfig struct {
	OIDCDiscoveryUrl     string   `hcl:"oidc_discovery_url,optional"`
	OIDCDiscoveryCaPEM   string   `hcl:"oidc_discovery_ca_pem,optional"`
	OIDCClientId         string   `hcl:"oidc_client_id,optional"`
	OIDCClientSecret     string   `hcl:"oidc_client_secret,optional"`
	OIDCResponseMode     string   `hcl:"oidc_response_mode,optional"`
	OIDCResponseTypes    []string `hcl:"oidc_response_types,optional"`
	JWKSUrl              string   `hcl:"jwks_url,optional"`
	JWKSCaPEM            string   `hcl:"jwks_ca_pem,optional"`
	JWTValidationPubKeys []string `hcl:"jwt_validation_pubkeys,optional"`
	BoundIssuer          string   `hcl:"bound_issuer,optional"`
	JWTSupportedAlgs     []string `hcl:"jwt_supported_algs,optional"`
	DefaultRole          string   `hcl:"default_role,optional"`
	ProviderConfig       string   `hcl:"provider_config,optional"`
	NamespaceInState     *bool    `hcl:"namespace_in_state,optional"`
}

JWT Auth Config

type JWTAuthTestConfig 

type JWTAuthTestConfig struct {
	JWTAuthConfig *JWTAuthConfig `hcl:"auth,block"`
	JWTRoleConfig *JWTRoleConfig `hcl:"role,block"`
}

Main Config Struct

type JWTRoleConfig 

type JWTRoleConfig struct {
	Name                 string                 `hcl:"name,optional"`
	RoleType             string                 `hcl:"role_type,optional"`
	BoundAudiences       []string               `hcl:"bound_audiences,optional"`
	UserClaim            string                 `hcl:"user_claim,optional"`
	UserClaimJSONPointer string                 `hcl:"user_claim_json_pointer,optional"`
	ClockSkewLeeway      int                    `hcl:"clock_skew_leeway,optional"`
	ExpirationLeeway     int                    `hcl:"expiration_leeway,optional"`
	NotBeforeLeeway      int                    `hcl:"not_before_leeway,optional"`
	BoundSubject         string                 `hcl:"bound_subject,optional"`
	BoundClaims          map[string]interface{} `hcl:"bound_claims,optional"`
	BoundClaimsType      string                 `hcl:"bound_claims_type,optional"`
	GroupsClaim          string                 `hcl:"groups_claim,optional"`
	ClaimMappings        map[string]string      `hcl:"claim_mappings,optional"`
	OIDCScopes           []string               `hcl:"oidc_scopes,optional"`
	AllowedRedirectUris  []string               `hcl:"allowed_redirect_uris,optional"`
	VerboseOIDCLogging   bool                   `hcl:"verbose_oidc_logging,optional"`
	MaxAge               int                    `hcl:"max_age,optional"`
	TokenTTL             string                 `hcl:"token_ttl,optional"`
	TokenMaxTTL          string                 `hcl:"token_max_ttl,optional"`
	TokenPolicies        []string               `hcl:"token_policies,optional"`
	Policies             []string               `hcl:"policies,optional"`
	TokenBoundCidrs      []string               `hcl:"token_bound_cidrs,optional"`
	TokenExplicitMaxTTL  string                 `hcl:"token_explicit_max_ttl,optional"`
	TokenNoDefaultPolicy bool                   `hcl:"token_no_default_policy,optional"`
	TokenNumUses         int                    `hcl:"token_num_uses,optional"`
	TokenPeriod          string                 `hcl:"token_period,optional"`
	TokenType            string                 `hcl:"token_type,optional"`
}

JWT Role Config

type KVV1SecretTestConfig added in v0.2.0 

type KVV1SecretTestConfig struct {
	KVSize int `hcl:"kvsize,optional"`
	NumKVs int `hcl:"numkvs,optional"`
}

type KVV1Test 

type KVV1Test struct {
	// contains filtered or unexported fields
}

func (*KVV1Test) Cleanup 

func (k *KVV1Test) Cleanup(client *api.Client) error

func (*KVV1Test) Flags 

func (k *KVV1Test) Flags(fs *flag.FlagSet)

func (*KVV1Test) GetTargetInfo 

func (k *KVV1Test) GetTargetInfo() TargetInfo

func (*KVV1Test) ParseConfig 

func (k *KVV1Test) ParseConfig(body hcl.Body) error

func (*KVV1Test) Setup 

func (k *KVV1Test) Setup(client *api.Client, mountName string, topLevelConfig *TopLevelTargetConfig) (BenchmarkBuilder, error)

func (*KVV1Test) Target 

func (k *KVV1Test) Target(client *api.Client) vegeta.Target

type KVV2SecretTestConfig added in v0.2.0 

type KVV2SecretTestConfig struct {
	KVSize int `hcl:"kvsize,optional"`
	NumKVs int `hcl:"numkvs,optional"`
}

type KVV2Test 

type KVV2Test struct {
	// contains filtered or unexported fields
}

func (*KVV2Test) Cleanup 

func (k *KVV2Test) Cleanup(client *api.Client) error

func (*KVV2Test) Flags 

func (k *KVV2Test) Flags(fs *flag.FlagSet)

func (*KVV2Test) GetTargetInfo 

func (k *KVV2Test) GetTargetInfo() TargetInfo

func (*KVV2Test) ParseConfig 

func (k *KVV2Test) ParseConfig(body hcl.Body) error

func (*KVV2Test) Setup 

func (k *KVV2Test) Setup(client *api.Client, mountName string, topLevelConfig *TopLevelTargetConfig) (BenchmarkBuilder, error)

func (*KVV2Test) Target 

func (k *KVV2Test) Target(client *api.Client) vegeta.Target

type KubeAuth 

type KubeAuth struct {
	// contains filtered or unexported fields
}

func (*KubeAuth) Cleanup 

func (k *KubeAuth) Cleanup(client *api.Client) error

func (*KubeAuth) Flags 

func (k *KubeAuth) Flags(fs *flag.FlagSet)

Func Flags accepts a flag set to assign additional flags defined in the function

func (*KubeAuth) GetTargetInfo 

func (k *KubeAuth) GetTargetInfo() TargetInfo

func (*KubeAuth) ParseConfig 

func (k *KubeAuth) ParseConfig(body hcl.Body) error

func (*KubeAuth) Setup 

func (k *KubeAuth) Setup(client *api.Client, mountName string, topLevelConfig *TopLevelTargetConfig) (BenchmarkBuilder, error)

func (*KubeAuth) Target 

func (k *KubeAuth) Target(client *api.Client) vegeta.Target

type KubeAuthConfig 

type KubeAuthConfig struct {
	KubernetesHost    string   `hcl:"kubernetes_host"`
	KubernetesCACert  string   `hcl:"kubernetes_ca_cert,optional"`
	TokenReviewerJWT  string   `hcl:"token_reviewer_jwt,optional"`
	PEMKeys           []string `hcl:"pem_keys,optional"`
	DisableLocalCAJWT bool     `hcl:"disable_local_ca_jwt,optional"`

	// Deprecated Parameters (Including for older versions of Vault)
	DisableISSValidation bool   `hcl:"disable_iss_validation,optional"`
	Issuer               string `hcl:"issuer,optional"`
}

type KubeAuthTestConfig 

type KubeAuthTestConfig struct {
	KubeAuthConfig     *KubeAuthConfig     `hcl:"auth,block"`
	KubeTestRoleConfig *KubeTestRoleConfig `hcl:"role,block"`
}

type KubeTestRoleConfig 

type KubeTestRoleConfig struct {
	Name                          string   `hcl:"name"`
	BoundServiceAccountNames      []string `hcl:"bound_service_account_names"`
	BoundServiceAccountNamespaces []string `hcl:"bound_service_account_namespaces"`
	Audience                      string   `hcl:"audience,optional"`
	AliasNameSource               string   `hcl:"alias_name_source,optional"`
	TokenTTL                      string   `hcl:"token_ttl,optional"`
	TokenMaxTTL                   string   `hcl:"token_max_ttl,optional"`
	TokenPolicies                 []string `hcl:"token_policies,optional"`
	TokenBoundCIDRs               []string `hcl:"token_bound_cidrs,optional"`
	TokenExplicitMaxTTL           string   `hcl:"token_explicit_max_ttl,optional"`
	TokenNoDefaultPolicy          bool     `hcl:"token_no_default_policy,optional"`
	TokenNumUses                  int      `hcl:"token_num_uses,optional"`
	TokenPeriod                   string   `hcl:"token_period,optional"`
	TokenType                     string   `hcl:"token_type,optional"`
}

type LDAPAuth 

type LDAPAuth struct {
	// contains filtered or unexported fields
}

func (*LDAPAuth) Cleanup 

func (l *LDAPAuth) Cleanup(client *api.Client) error

func (*LDAPAuth) Flags 

func (l *LDAPAuth) Flags(fs *flag.FlagSet)

Func Flags accepts a flag set to assign additional flags defined in the function

func (*LDAPAuth) GetTargetInfo 

func (l *LDAPAuth) GetTargetInfo() TargetInfo

func (*LDAPAuth) ParseConfig 

func (l *LDAPAuth) ParseConfig(body hcl.Body) error

func (*LDAPAuth) Setup 

func (l *LDAPAuth) Setup(client *api.Client, mountName string, topLevelConfig *TopLevelTargetConfig) (BenchmarkBuilder, error)

func (*LDAPAuth) Target 

func (l *LDAPAuth) Target(client *api.Client) vegeta.Target

type LDAPAuthConfig 

type LDAPAuthConfig struct {
	URL                  string   `hcl:"url"`
	CaseSensitiveNames   bool     `hcl:"case_sensitive_names,optional"`
	RequestTimeout       int      `hcl:"request_timeout,optional"`
	StartTLS             bool     `hcl:"starttls,optional"`
	TLSMinVersion        string   `hcl:"tls_min_version,optional"`
	TLSMaxVersion        string   `hcl:"tls_max_version,optional"`
	InsecureTLS          bool     `hcl:"insecure_tls,optional"`
	Certificate          string   `hcl:"certificate,optional"`
	ClientTLSCert        string   `hcl:"client_tls_cert,optional"`
	ClientTLSKey         string   `hcl:"client_tls_key,optional"`
	BindDN               string   `hcl:"binddn,optional"`
	BindPass             string   `hcl:"bindpass,optional"`
	UserDN               string   `hcl:"userdn,optional"`
	UserAttr             string   `hcl:"userattr,optional"`
	DiscoverDN           string   `hcl:"discoverdn,optional"`
	DenyNullBind         *bool    `hcl:"deny_null_bind,optional"`
	UPNDomain            string   `hcl:"upndomain,optional"`
	UserFilter           string   `hcl:"userfilter,optional"`
	AnonymousGroupSearch bool     `hcl:"anonymous_group_search,optional"`
	GroupFilter          string   `hcl:"groupfilter,optional"`
	GroupDN              string   `hcl:"groupdn,optional"`
	GroupAttr            string   `hcl:"groupattr,optional"`
	UsernameAsAlias      bool     `hcl:"username_as_alias,optional"`
	TokenTTL             int      `hcl:"token_ttl,optional"`
	TokenMaxTTL          int      `hcl:"token_max_ttl,optional"`
	TokenPolicies        []string `hcl:"token_policies,optional"`
	TokenBoundCIDRs      []string `hcl:"token_bound_cidrs,optional"`
	TokenExplicitMaxTTL  int      `hcl:"token_explicit_max_ttl,optional"`
	TokenNoDefaultPolicy bool     `hcl:"token_no_default_policy,optional"`
	TokenNumUses         int      `hcl:"token_num_uses,optional"`
	TokenPeriod          string   `hcl:"token_period,optional"`
	TokenType            string   `hcl:"token_type,optional"`
	MaxPageSize          string   `hcl:"max_page_size,optional"`
}

type LDAPAuthTestConfig 

type LDAPAuthTestConfig struct {
	LDAPAuthConfig     *LDAPAuthConfig     `hcl:"auth,block"`
	LDAPTestUserConfig *LDAPTestUserConfig `hcl:"test_user,block"`
}

type LDAPDynamicConfig added in v0.2.0 

type LDAPDynamicConfig struct {
	BindDN            string `hcl:"binddn"`
	BindPass          string `hcl:"bindpass,optional"`
	URL               string `hcl:"url,optional"`
	PasswordPolicy    string `hcl:"password_policy,optional"`
	Schema            string `hcl:"schema,optional"`
	UserDN            string `hcl:"userdn,optional"`
	UserAttr          string `hcl:"userattr,optional"`
	UPNDomain         string `hcl:"upndomain,optional"`
	ConnectionTimeout int    `hcl:"connection_timeout,optional"`
	RequestTimeout    int    `hcl:"request_timeout,optional"`
	StartTLS          bool   `hcl:"starttls,optional"`
	InsecureTLS       bool   `hcl:"insecure_tls,optional"`
	Certificate       string `hcl:"certificate,optional"`
	ClientTLSCert     string `hcl:"client_tls_cert,optional"`
	ClientTLSKey      string `hcl:"client_tls_key,optional"`
}

type LDAPDynamicRoleConfig added in v0.2.0 

type LDAPDynamicRoleConfig struct {
	RoleName         string `hcl:"role_name,optional"`
	CreationLDIF     string `hcl:"creation_ldif"`
	DeletionLDIF     string `hcl:"deletion_ldif"`
	RollbackLDIF     string `hcl:"rollback_ldif,optional"`
	UsernameTemplate string `hcl:"username_template,optional"`
	DefaultTTL       int    `hcl:"default_ttl,optional"`
	MaxTTL           int    `hcl:"max_ttl,optional"`
}

type LDAPDynamicSecretTest added in v0.2.0 

type LDAPDynamicSecretTest struct {
	// contains filtered or unexported fields
}

func (*LDAPDynamicSecretTest) Cleanup added in v0.2.0 

func (r *LDAPDynamicSecretTest) Cleanup(client *api.Client) error

func (*LDAPDynamicSecretTest) Flags added in v0.2.0 

func (m *LDAPDynamicSecretTest) Flags(fs *flag.FlagSet)

func (*LDAPDynamicSecretTest) GetTargetInfo added in v0.2.0 

func (r *LDAPDynamicSecretTest) GetTargetInfo() TargetInfo

func (*LDAPDynamicSecretTest) ParseConfig added in v0.2.0 

func (r *LDAPDynamicSecretTest) ParseConfig(body hcl.Body) error

func (*LDAPDynamicSecretTest) Setup added in v0.2.0 

func (r *LDAPDynamicSecretTest) Setup(client *api.Client, mountName string, topLevelConfig *TopLevelTargetConfig) (BenchmarkBuilder, error)

func (*LDAPDynamicSecretTest) Target added in v0.2.0 

func (r *LDAPDynamicSecretTest) Target(client *api.Client) vegeta.Target

type LDAPDynamicSecretTestConfig added in v0.2.0 

type LDAPDynamicSecretTestConfig struct {
	LDAPDynamicConfig     *LDAPDynamicConfig     `hcl:"secret,block"`
	LDAPDynamicRoleConfig *LDAPDynamicRoleConfig `hcl:"role,block"`
}

Main Config Struct

type LDAPStaticConfig added in v0.2.0 

type LDAPStaticConfig struct {
	BindDN            string `hcl:"binddn"`
	BindPass          string `hcl:"bindpass,optional"`
	URL               string `hcl:"url,optional"`
	PasswordPolicy    string `hcl:"password_policy,optional"`
	Schema            string `hcl:"schema,optional"`
	UserDN            string `hcl:"userdn,optional"`
	UserAttr          string `hcl:"userattr,optional"`
	UPNDomain         string `hcl:"upndomain,optional"`
	ConnectionTimeout int    `hcl:"connection_timeout,optional"`
	RequestTimeout    int    `hcl:"request_timeout,optional"`
	StartTLS          bool   `hcl:"starttls,optional"`
	InsecureTLS       bool   `hcl:"insecure_tls,optional"`
	Certificate       string `hcl:"certificate,optional"`
	ClientTLSCert     string `hcl:"client_tls_cert,optional"`
	ClientTLSKey      string `hcl:"client_tls_key,optional"`
}

type LDAPStaticRoleConfig added in v0.2.0 

type LDAPStaticRoleConfig struct {
	Username       string `hcl:"username"`
	DN             string `hcl:"dn,optional"`
	RotationPeriod string `hcl:"rotation_period"`
}

type LDAPStaticSecretTest added in v0.2.0 

type LDAPStaticSecretTest struct {
	// contains filtered or unexported fields
}

func (*LDAPStaticSecretTest) Cleanup added in v0.2.0 

func (r *LDAPStaticSecretTest) Cleanup(client *api.Client) error

func (*LDAPStaticSecretTest) Flags added in v0.2.0 

func (m *LDAPStaticSecretTest) Flags(fs *flag.FlagSet)

func (*LDAPStaticSecretTest) GetTargetInfo added in v0.2.0 

func (r *LDAPStaticSecretTest) GetTargetInfo() TargetInfo

func (*LDAPStaticSecretTest) ParseConfig added in v0.2.0 

func (r *LDAPStaticSecretTest) ParseConfig(body hcl.Body) error

func (*LDAPStaticSecretTest) Setup added in v0.2.0 

func (r *LDAPStaticSecretTest) Setup(client *api.Client, mountName string, topLevelConfig *TopLevelTargetConfig) (BenchmarkBuilder, error)

func (*LDAPStaticSecretTest) Target added in v0.2.0 

func (r *LDAPStaticSecretTest) Target(client *api.Client) vegeta.Target

type LDAPStaticSecretTestConfig added in v0.2.0 

type LDAPStaticSecretTestConfig struct {
	LDAPStaticConfig     *LDAPStaticConfig     `hcl:"secret,block"`
	LDAPStaticRoleConfig *LDAPStaticRoleConfig `hcl:"role,block"`
}

Main Config Struct

type LDAPTestUserConfig 

type LDAPTestUserConfig struct {
	Username string `hcl:"username,optional"`
	Password string `hcl:"password,optional"`
}

type MSSQLDBConfig 

type MSSQLDBConfig struct {
	Name                   string   `hcl:"name,optional"`
	PluginName             string   `hcl:"plugin_name,optional"`
	PluginVersion          string   `hcl:"plugin_version,optional"`
	VerifyConnection       *bool    `hcl:"verify_connection,optional"`
	AllowedRoles           []string `hcl:"allowed_roles,optional"`
	RootRotationStatements []string `hcl:"root_rotation_statements,optional"`
	PasswordPolicy         string   `hcl:"password_policy,optional"`
	ConnectionURL          string   `hcl:"connection_url"`
	Username               string   `hcl:"username,optional"`
	Password               string   `hcl:"password,optional"`
	DisableEscaping        bool     `hcl:"disable_escaping,optional"`
	MaxOpenConnections     int      `hcl:"max_open_connections,optional"`
	MaxIdleConnections     int      `hcl:"max_idle_connections,optional"`
	MaxConnectionLifetime  string   `hcl:"max_connection_lifetime,optional"`
	UsernameTemplate       string   `hcl:"username_template,optional"`
	ContainedDB            bool     `hcl:"contained_db,optional"`
}

MSSQL DB Config

type MSSQLRoleConfig 

type MSSQLRoleConfig struct {
	Name                 string `hcl:"name,optional"`
	DBName               string `hcl:"db_name,optional"`
	DefaultTTL           string `hcl:"default_ttl,optional"`
	MaxTTL               string `hcl:"max_ttl,optional"`
	CreationStatements   string `hcl:"creation_statements"`
	RevocationStatements string `hcl:"revocation_statements,optional"`
}

MSSQL Role Config

type MSSQLSecret 

type MSSQLSecret struct {
	// contains filtered or unexported fields
}

Postgres Secret Test Struct

func (*MSSQLSecret) Cleanup 

func (m *MSSQLSecret) Cleanup(client *api.Client) error

func (*MSSQLSecret) Flags 

func (m *MSSQLSecret) Flags(fs *flag.FlagSet)

func (*MSSQLSecret) GetTargetInfo 

func (m *MSSQLSecret) GetTargetInfo() TargetInfo

func (*MSSQLSecret) ParseConfig 

func (m *MSSQLSecret) ParseConfig(body hcl.Body) error

ParseConfig parses the passed in hcl.Body into Configuration structs for use during test configuration in Vault. Any default configuration definitions for required parameters will be set here.

func (*MSSQLSecret) Setup 

func (m *MSSQLSecret) Setup(client *api.Client, mountName string, topLevelConfig *TopLevelTargetConfig) (BenchmarkBuilder, error)

func (*MSSQLSecret) Target 

func (m *MSSQLSecret) Target(client *api.Client) vegeta.Target

type MSSQLSecretTestConfig 

type MSSQLSecretTestConfig struct {
	MSSQLDBConfig   *MSSQLDBConfig   `hcl:"db_connection,block"`
	MSSQLRoleConfig *MSSQLRoleConfig `hcl:"role,block"`
}

Main Config Struct

type MongoDBConfig 

type MongoDBConfig struct {
	Name              string   `hcl:"name,optional"`
	PluginName        string   `hcl:"plugin_name,optional"`
	PluginVersion     string   `hcl:"plugin_version,optional"`
	VerifyConnection  *bool    `hcl:"verify_connection"`
	AllowedRoles      []string `hcl:"allowed_roles,optional"`
	ConnectionURL     string   `hcl:"connection_url"`
	WriteConcern      string   `hcl:"write_concern,optional"`
	Username          string   `hcl:"username,optional"`
	Password          string   `hcl:"password,optional"`
	TLSCertificateKey string   `hcl:"tls_certificate_key,optional"`
	TLSCA             string   `hcl:"tls_ca,optional"`
	UsernameTemplate  string   `hcl:"username_template,optional"`
}

type MongoDBRoleConfig 

type MongoDBRoleConfig struct {
	Name                 string `hcl:"name,optional"`
	DBName               string `hcl:"db_name,optional"`
	DefaultTTL           string `hcl:"default_ttl,optional"`
	MaxTTL               string `hcl:"max_ttl,optional"`
	CreationStatements   string `hcl:"creation_statements,optional"`
	RevocationStatements string `hcl:"revocation_statements,optional"`
}

type MongoDBSecretTestConfig 

type MongoDBSecretTestConfig struct {
	MongoDBConfig     *MongoDBConfig     `hcl:"db_connection,block"`
	MongoDBRoleConfig *MongoDBRoleConfig `hcl:"role,block"`
}

type MongoDBTest 

type MongoDBTest struct {
	// contains filtered or unexported fields
}

func (*MongoDBTest) Cleanup 

func (m *MongoDBTest) Cleanup(client *api.Client) error

func (*MongoDBTest) Flags 

func (m *MongoDBTest) Flags(fs *flag.FlagSet)

func (*MongoDBTest) GetTargetInfo 

func (m *MongoDBTest) GetTargetInfo() TargetInfo

func (*MongoDBTest) ParseConfig 

func (m *MongoDBTest) ParseConfig(body hcl.Body) error

func (*MongoDBTest) Setup 

func (m *MongoDBTest) Setup(client *api.Client, mountName string, topLevelConfig *TopLevelTargetConfig) (BenchmarkBuilder, error)

func (*MongoDBTest) Target 

func (m *MongoDBTest) Target(client *api.Client) vegeta.Target

type MySQLDBConfig added in v0.2.0 

type MySQLDBConfig struct {
	Name                   string   `hcl:"name,optional"`
	PluginName             string   `hcl:"plugin_name,optional"`
	PluginVersion          string   `hcl:"plugin_version,optional"`
	VerifyConnection       *bool    `hcl:"verify_connection,optional"`
	AllowedRoles           []string `hcl:"allowed_roles,optional"`
	RootRotationStatements []string `hcl:"root_rotation_statements,optional"`
	PasswordPolicy         string   `hcl:"password_policy,optional"`
	ConnectionURL          string   `hcl:"connection_url"`
	Username               string   `hcl:"username,optional"`
	Password               string   `hcl:"password,optional"`
	DisableEscaping        bool     `hcl:"disable_escaping,optional"`
	MaxOpenConnections     int      `hcl:"max_open_connections,optional"`
	MaxIdleConnections     int      `hcl:"max_idle_connections,optional"`
	MaxConnectionLifetime  string   `hcl:"max_connection_lifetime,optional"`
	UsernameTemplate       string   `hcl:"username_template,optional"`
	TLSCertificateKey      string   `hcl:"tls_certificate_key,optional"`
	TLSCACertificate       string   `hcl:"tls_ca_certificate,optional"`
	TLSServerName          string   `hcl:"tls_server_name,optional"`
	TLSSkipVerify          bool     `hcl:"tls_skip_verify,optional"`
}

MySQL DB Config

type MySQLRoleConfig added in v0.2.0 

type MySQLRoleConfig struct {
	Name                 string `hcl:"name,optional"`
	DBName               string `hcl:"db_name,optional"`
	DefaultTTL           string `hcl:"default_ttl,optional"`
	MaxTTL               string `hcl:"max_ttl,optional"`
	CreationStatements   string `hcl:"creation_statements"`
	RevocationStatements string `hcl:"revocation_statements,optional"`
}

MySQL Role Config

type MySQLSecret added in v0.2.0 

type MySQLSecret struct {
	// contains filtered or unexported fields
}

Postgres Secret Test Struct

func (*MySQLSecret) Cleanup added in v0.2.0 

func (m *MySQLSecret) Cleanup(client *api.Client) error

func (*MySQLSecret) Flags added in v0.2.0 

func (m *MySQLSecret) Flags(fs *flag.FlagSet)

func (*MySQLSecret) GetTargetInfo added in v0.2.0 

func (m *MySQLSecret) GetTargetInfo() TargetInfo

func (*MySQLSecret) ParseConfig added in v0.2.0 

func (m *MySQLSecret) ParseConfig(body hcl.Body) error

ParseConfig parses the passed in hcl.Body into Configuration structs for use during test configuration in Vault. Any default configuration definitions for required parameters will be set here.

func (*MySQLSecret) Setup added in v0.2.0 

func (m *MySQLSecret) Setup(client *api.Client, mountName string, topLevelConfig *TopLevelTargetConfig) (BenchmarkBuilder, error)

func (*MySQLSecret) Target added in v0.2.0 

func (m *MySQLSecret) Target(client *api.Client) vegeta.Target

type MySQLSecretTestConfig added in v0.2.0 

type MySQLSecretTestConfig struct {
	MySQLDBConfig   *MySQLDBConfig   `hcl:"db_connection,block"`
	MySQLRoleConfig *MySQLRoleConfig `hcl:"role,block"`
}

Main Config Struct

type NomadConfig added in v0.2.0 

type NomadConfig struct {
	Address            string `hcl:"address"`
	Token              string `hcl:"token,optional"`
	MaxTokenNameLength int    `hcl:"max_token_name_length,optional"`
	CaCert             string `hcl:"ca_cert,optional"`
	ClientCert         string `hcl:"client_cert,optional"`
	ClientKey          string `hcl:"client_key,optional"`
}

type NomadRoleConfig added in v0.2.0 

type NomadRoleConfig struct {
	Name     string   `hcl:"name,optional"`
	Policies []string `hcl:"policies,optional"`
	Global   bool     `hcl:"global,optional"`
	Type     string   `hcl:"type,optional"`
}

type NomadSecretTestConfig added in v0.2.0 

type NomadSecretTestConfig struct {
	NomadConfig     *NomadConfig     `hcl:"nomad,block"`
	NomadRoleConfig *NomadRoleConfig `hcl:"role,block"`
}

type NomadTest added in v0.2.0 

type NomadTest struct {
	// contains filtered or unexported fields
}

func (*NomadTest) Cleanup added in v0.2.0 

func (c *NomadTest) Cleanup(client *api.Client) error

func (*NomadTest) Flags added in v0.2.0 

func (c *NomadTest) Flags(fs *flag.FlagSet)

func (*NomadTest) GetTargetInfo added in v0.2.0 

func (c *NomadTest) GetTargetInfo() TargetInfo

func (*NomadTest) ParseConfig added in v0.2.0 

func (c *NomadTest) ParseConfig(body hcl.Body) error

func (*NomadTest) Setup added in v0.2.0 

func (c *NomadTest) Setup(client *api.Client, mountName string, topLevelConfig *TopLevelTargetConfig) (BenchmarkBuilder, error)

func (*NomadTest) Target added in v0.2.0 

func (c *NomadTest) Target(client *api.Client) vegeta.Target

type PKIIssueCertConfig 

type PKIIssueCertConfig struct {
	Name              string `hcl:"name,optional"`
	CommonName        string `hcl:"common_name,optional"`
	AltNames          string `hcl:"alt_names,optional"`
	IPSANS            string `hcl:"ip_sans,optional"`
	URISANS           string `hcl:"uri_sans,optional"`
	OtherSANS         string `hcli:"other_sans,optional"`
	TTL               string `hcl:"ttl,optional"`
	Format            string `hcl:"format,optional"`
	PrivateKeyFormat  string `hcl:"private_key_format,optional"`
	ExcludeCNFromSANS bool   `hcl:"exclude_cn_from_sans,optional"`
	NotAfter          string `hcl:"not_after,optional"`
	UserIDs           string `hcl:"user_ids,optional"`
}

PKIIssueCertConfig is the configuration for the cert to be issued

/pki/issue/:name

type PKIIssueIntCAConfig 

type PKIIssueIntCAConfig struct {
	CSR                 string `hcl:"csr,optional"`
	CommonName          string `hcl:"common_name,optional"`
	AltNames            string `hcl:"alt_names,optional"`
	IPSANS              string `hcl:"ip_sans,optional"`
	URISANS             string `hcl:"uri_sans,optional"`
	OtherSANS           string `hcl:"other_sans,optional"`
	TTL                 string `hcl:"ttl,optional"`
	Format              string `hcl:"format,optional"`
	MaxPathLength       int    `hcl:"max_path_length,optional"`
	UseCSRValues        bool   `hcl:"use_csr_values,optional"`
	PermittedDNSDomains string `hcl:"permitted_dns_domains,optional"`
	OU                  string `hcl:"ou,optional"`
	Organization        string `hcl:"organization,optional"`
	Country             string `hcl:"country,optional"`
	Locality            string `hcl:"locality,optional"`
	Province            string `hcl:"province,optional"`
	StreetAddress       string `hcl:"street_address,optional"`
	PostalCode          string `hcl:"postal_code,optional"`
	SerialNumber        string `hcl:"serial_number,optional"`
	NotBeforeDuration   string `hcl:"not_before_duration,optional"`
	NotAfter            string `hcl:"not_after,optional"`
	SignatureBits       int    `hcl:"signature_bits,optional"`
	SKID                string `hcl:"skid,optional"`
	UsePSS              bool   `hcl:"use_pss,optional"`
}

PKIIssueIntCAConfig is the configuration for the signing operation of the intermediate CA CSR.

/pki/root/sign-intermediate

type PKIIssueIntCSRConfig 

type PKIIssueIntCSRConfig struct {
	Type                string `hcl:"type,optional"`
	CommonName          string `hcl:"common_name,optional"`
	AltNames            string `hcl:"alt_names,optional"`
	IPSANS              string `hcl:"ip_sans,optional"`
	URISANS             string `hcl:"uri_sans,optional"`
	OtherSANS           string `hcl:"other_sans,optional"`
	Format              string `hcl:"format,optional"`
	PrivateKeyFormat    string `hcl:"private_key_format,optional"`
	KeyType             string `hcl:"key_type,optional"`
	KeyBits             int    `hcl:"key_bits,optional"`
	KeyName             string `hcl:"key_name,optional"`
	KeyRef              string `hcl:"key_ref,optional"`
	SignatureBits       int    `hcl:"signature_bits,optional"`
	ExcludeCNFromSANS   bool   `hcl:"exclude_cn_from_sans,optional"`
	OU                  string `hcl:"ou,optional"`
	Organization        string `hcl:"organization,optional"`
	Country             string `hcl:"country,optional"`
	Locality            string `hcl:"locality,optional"`
	Province            string `hcl:"province,optional"`
	StreetAddress       string `hcl:"street_address,optional"`
	PostalCode          string `hcl:"postal_code,optional"`
	SerialNumber        string `hcl:"serial_number,optional"`
	AddBasicConstraints bool   `hcl:"add_basic_constraints,optional"`
	ManagedKeyName      string `hcl:"managed_key_name,optional"`
	ManagedKeyID        string `hcl:"managed_key_id,optional"`
}

PKIIssueIntConfig is the configuratio for the intermediate CSR to be generated for the test

/pki/intermediate/generate/:type

type PKIIssueRoleConfig 

type PKIIssueRoleConfig struct {
	Name                         string   `hcl:"name,optional"`
	TTL                          string   `hcl:"ttl,optional"`
	MaxTTL                       string   `hcl:"max_ttl,optional"`
	AllowLocalhost               *bool    `hcl:"allow_localhost,optional"`
	AllowedDomains               []string `hcl:"allowed_domains,optional"`
	AllowedDomainsTemplate       bool     `hcl:"allowed_domain_template,optional"`
	AllowBareDomains             bool     `hcl:"allow_bare_domains,optional"`
	AllowSubdomains              bool     `hcl:"allow_subdomains,optional"`
	AllowGlobDomains             bool     `hcl:"allow_glob_domains,optional"`
	AllowWildcardCertificates    *bool    `hcl:"allow_wildcard_certificates,optional"`
	AllowAnyName                 bool     `hcl:"allow_any_name,optional"`
	EnforceHostnames             *bool    `hcl:"enforce_hostnames,optional"`
	AllowIPSANS                  *bool    `hcl:"allow_ip_sans,optional"`
	AllowedURISANS               string   `hcl:"allowed_uri_sans,optional"`
	AllowedURISANSTemplate       bool     `hcl:"allowed_uri_sans_template,optional"`
	AllowedOtherSANS             string   `hcl:"allowed_other_sans,optional"`
	AllowedSerialNumbers         string   `hcl:"allowed_serial_numbers,optional"`
	ServerFlag                   *bool    `hcl:"server_flag,optional"`
	ClientFlag                   *bool    `hcl:"client_flag,optional"`
	CodeSigningFlag              bool     `hcl:"code_signing_flag,optional"`
	EmailProtectionFlag          bool     `hcl:"email_protection_flag,optional"`
	KeyType                      string   `hcl:"key_type,optional"`
	KeyBits                      int      `hcl:"key_bits,optional"`
	SignatureBits                int      `hcl:"signature_bits,optional"`
	UsePSS                       bool     `hcl:"use_pss,optional"`
	KeyUsage                     []string `hcl:"key_usage,optional"`
	ExtKeyUsage                  []string `hcl:"ext_key_usage,optional"`
	ExtKeyUsageOIDS              string   `hcl:"ext_key_usage_oids,optional"`
	UseCSRCommonName             *bool    `hcl:"use_csr_common_name,optional"`
	UseCSRSANS                   *bool    `hcl:"use_csr_sans,optional"`
	OU                           string   `hcl:"ou,optional"`
	Organization                 string   `hcl:"organization,optional"`
	Country                      string   `hcl:"country,optional"`
	Locality                     string   `hcl:"locality,optional"`
	Province                     string   `hcl:"province,optional"`
	StreetAddress                string   `hcl:"street_address,optional"`
	PostalCode                   string   `hcl:"postal_code,optional"`
	GenerateLease                bool     `hcl:"generate_lease,optional"`
	NoStore                      bool     `hcl:"no_store,optional"`
	RequireCN                    *bool    `hcl:"require_cn,optional"`
	PolicyIdentifiers            []string `hcl:"policy_identifiers,optional"`
	BasicConstrainsValidForNonCA bool     `hcl:"basic_constraints_valid_for_non_ca,optional"`
	NotBeforeDuration            string   `hcl:"not_before_duration,optional"`
	NotAfter                     string   `hcl:"not_after,optional"`
	CNValidations                []string `hcl:"cn_validations,optional"`
	AllowedUserIDs               string   `hcl:"allowed_user_ids,optional"`
}

PKI Role config defining how the issued cert should be configured

/pki/roles/:name

type PKIIssueRootConfig 

type PKIIssueRootConfig struct {
	Type                string `hcl:"type,optional"`
	IssuerName          string `hcl:"issuer_name,optional"`
	KeyName             string `hcl:"key_name,optional"`
	KeyRef              string `hcl:"key_ref,optional"`
	CommonName          string `hcl:"common_name,optional"`
	AltNames            string `hcl:"alt_names,optional"`
	IPSANS              string `hcl:"ip_sans,optional"`
	URISANS             string `hcl:"uri_sans,optional"`
	OtherSANS           string `hcl:"other_sans,optional"`
	TTL                 string `hcl:"ttl,optional"`
	Format              string `hcl:"format,optional"`
	PrivateKeyFormat    string `hcl:"private_key_format,optional"`
	KeyType             string `hcl:"key_type,optional"`
	KeyBits             int    `hcl:"key_bits,optional"`
	MaxPathLength       int    `hcl:"max_path_length,optional"`
	ExcludeCNFromSANS   bool   `hcl:"exclude_cn_from_sans,optional"`
	PermittedDNSDomains string `hcl:"permitted_dns_domains,optional"`
	OU                  string `hcl:"ou,optional"`
	Organization        string `hcl:"organization,optional"`
	Country             string `hcl:"country,optional"`
	Locality            string `hcl:"locality,optional"`
	Province            string `hcl:"province,optional"`
	StreetAddress       string `hcl:"street_address,optional"`
	PostalCode          string `hcl:"postal_code,optional"`
	SerialNumber        string `hcl:"serial_number,optional"`
	NotBeforeDuration   string `hcl:"not_before_duration,optional"`
	NotAfter            string `hcl:"not_after,optional"`
	ManagedKeyName      string `hcl:"managed_key_name,optional"`
	ManagedKeyID        string `hcl:"managed_key_id,optional"`
}

PKIIssueCAConfig is the configuration for the root CA cert to be generated for the test

/pki/root/generate/:type

type PKIIssueTest 

type PKIIssueTest struct {
	// contains filtered or unexported fields
}

func (*PKIIssueTest) Cleanup 

func (p *PKIIssueTest) Cleanup(client *api.Client) error

func (*PKIIssueTest) Flags 

func (p *PKIIssueTest) Flags(fs *flag.FlagSet)

func (*PKIIssueTest) GetTargetInfo 

func (p *PKIIssueTest) GetTargetInfo() TargetInfo

func (*PKIIssueTest) ParseConfig 

func (p *PKIIssueTest) ParseConfig(body hcl.Body) error

func (*PKIIssueTest) Setup 

func (p *PKIIssueTest) Setup(client *api.Client, mountName string, topLevelConfig *TopLevelTargetConfig) (BenchmarkBuilder, error)

func (*PKIIssueTest) Target 

func (p *PKIIssueTest) Target(client *api.Client) vegeta.Target

type PKISecretIssueTestConfig 

type PKISecretIssueTestConfig struct {
	SetupDelay            string                `hcl:"setup_delay,optional"`
	RootCAConfig          *PKIIssueRootConfig   `hcl:"root_ca,block"`
	IntermediateCSRConfig *PKIIssueIntCSRConfig `hcl:"intermediate_csr,block"`
	IntermediateCAConfig  *PKIIssueIntCAConfig  `hcl:"intermediate_ca,block"`
	RoleConfig            *PKIIssueRoleConfig   `hcl:"role,block"`
	IssueConfig           *PKIIssueCertConfig   `hcl:"issue,block"`
}

type PKISignTest 

type PKISignTest struct {
	// contains filtered or unexported fields
}

func (*PKISignTest) Cleanup 

func (p *PKISignTest) Cleanup(client *api.Client) error

func (*PKISignTest) Flags 

func (p *PKISignTest) Flags(fs *flag.FlagSet)

func (*PKISignTest) GetTargetInfo 

func (p *PKISignTest) GetTargetInfo() TargetInfo

func (*PKISignTest) ParseConfig 

func (p *PKISignTest) ParseConfig(body hcl.Body) error

func (*PKISignTest) Setup 

func (p *PKISignTest) Setup(client *api.Client, mountName string, topLevelConfig *TopLevelTargetConfig) (BenchmarkBuilder, error)

func (*PKISignTest) Target 

func (p *PKISignTest) Target(client *api.Client) vegeta.Target

type PostgreSQLDBConfig 

type PostgreSQLDBConfig struct {
	Name                   string   `hcl:"name,optional"`
	PluginName             string   `hcl:"plugin_name,optional"`
	PluginVersion          string   `hcl:"plugin_version,optional"`
	VerifyConnection       *bool    `hcl:"verify_connection,optional"`
	AllowedRoles           []string `hcl:"allowed_roles,optional"`
	RootRotationStatements []string `hcl:"root_rotation_statements,optional"`
	PasswordPolicy         string   `hcl:"password_policy,optional"`
	ConnectionURL          string   `hcl:"connection_url"`
	MaxOpenConnections     int      `hcl:"max_open_connections,optional"`
	MaxIdleConnections     int      `hcl:"max_idle_connections,optional"`
	MaxConnectionLifetime  string   `hcl:"max_connection_lifetime,optional"`
	Username               string   `hcl:"username,optional"`
	Password               string   `hcl:"password,optional"`
	UsernameTemplate       string   `hcl:"username_template,optional"`
	DisableEscaping        bool     `hcl:"disable_escaping,optional"`
}

PostgreSQL DB Config

type PostgreSQLRoleConfig 

type PostgreSQLRoleConfig struct {
	Name                 string `hcl:"name,optional"`
	DBName               string `hcl:"db_name,optional"`
	DefaultTTL           string `hcl:"default_ttl,optional"`
	MaxTTL               string `hcl:"max_ttl,optional"`
	CreationStatements   string `hcl:"creation_statements"`
	RevocationStatements string `hcl:"revocation_statements,optional"`
	RollbackStatements   string `hcl:"rollback_statements,optional"`
	RenewStatements      string `hcl:"renew_statements,optional"`
	RotationStatements   string `hcl:"rotation_statements,optional"`
}

PostgreSQL Role Config

type PostgreSQLSecret 

type PostgreSQLSecret struct {
	// contains filtered or unexported fields
}

Postgres Secret Test Struct

func (*PostgreSQLSecret) Cleanup 

func (s *PostgreSQLSecret) Cleanup(client *api.Client) error

func (*PostgreSQLSecret) Flags 

func (l *PostgreSQLSecret) Flags(fs *flag.FlagSet)

func (*PostgreSQLSecret) GetTargetInfo 

func (s *PostgreSQLSecret) GetTargetInfo() TargetInfo

func (*PostgreSQLSecret) ParseConfig 

func (s *PostgreSQLSecret) ParseConfig(body hcl.Body) error

ParseConfig parses the passed in hcl.Body into Configuration structs for use during test configuration in Vault. Any default configuration definitions for required parameters will be set here.

func (*PostgreSQLSecret) Setup 

func (s *PostgreSQLSecret) Setup(client *api.Client, mountName string, topLevelConfig *TopLevelTargetConfig) (BenchmarkBuilder, error)

func (*PostgreSQLSecret) Target 

func (s *PostgreSQLSecret) Target(client *api.Client) vegeta.Target

type PostgreSQLSecretTestConfig 

type PostgreSQLSecretTestConfig struct {
	PostgreSQLDBConfig   *PostgreSQLDBConfig   `hcl:"db_connection,block"`
	PostgreSQLRoleConfig *PostgreSQLRoleConfig `hcl:"role,block"`
}

Main Config Struct

type RabbitMQConnectionConfig 

type RabbitMQConnectionConfig struct {
	ConnectionURI    string `hcl:"connection_uri"`
	Username         string `hcl:"username,optional"`
	Password         string `hcl:"password,optional"`
	VerifyConnection *bool  `hcl:"verify_connection,optional"`
	PasswordPolicy   string `hcl:"password_policy,optional"`
	UsernameTemplate string `hcl:"username_template,optional"`
}

type RabbitMQRoleConfig 

type RabbitMQRoleConfig struct {
	Name        string `hcl:"name,optional"`
	Tags        string `hcl:"tags,optional"`
	Vhosts      string `hcl:"vhosts"`
	VhostTopics string `hcl:"vhost_topics,optional"`
}

type RabbitMQSecretTestConfig 

type RabbitMQSecretTestConfig struct {
	RabbitMQConnectionConfig *RabbitMQConnectionConfig `hcl:"connection,block"`
	RabbitMQRoleConfig       *RabbitMQRoleConfig       `hcl:"role,block"`
}

Main Config Struct

type RabbitMQTest 

type RabbitMQTest struct {
	// contains filtered or unexported fields
}

func (*RabbitMQTest) Cleanup 

func (r *RabbitMQTest) Cleanup(client *api.Client) error

func (*RabbitMQTest) Flags 

func (m *RabbitMQTest) Flags(fs *flag.FlagSet)

func (*RabbitMQTest) GetTargetInfo 

func (r *RabbitMQTest) GetTargetInfo() TargetInfo

func (*RabbitMQTest) ParseConfig 

func (r *RabbitMQTest) ParseConfig(body hcl.Body) error

func (*RabbitMQTest) Setup 

func (r *RabbitMQTest) Setup(client *api.Client, mountName string, topLevelConfig *TopLevelTargetConfig) (BenchmarkBuilder, error)

func (*RabbitMQTest) Target 

func (r *RabbitMQTest) Target(client *api.Client) vegeta.Target

type RedisDBConfig 

type RedisDBConfig struct {
	// Common
	Name             string   `hcl:"name,optional"`
	PluginName       string   `hcl:"plugin_name,optional"`
	PluginVersion    string   `hcl:"plugin_version,optional"`
	VerifyConnection *bool    `hcl:"verify_connection,optional"`
	AllowedRoles     []string `hcl:"allowed_roles,optional"`
	CACert           string   `hcl:"ca_cert,optional"`

	// Redis specific
	Host           string `hcl:"host"`
	Port           int    `hcl:"port"`
	Username       string `hcl:"username,optional"`
	Password       string `hcl:"password,optional"`
	PasswordPolicy string `hcl:"password_policy,optional"`
	TLS            bool   `hcl:"tls,optional"`
	InsecureTLS    bool   `hcl:"insecure_tls,optional"`
}

Redis DB Config

type RedisDynamicRoleConfig 

type RedisDynamicRoleConfig struct {
	Name               string `hcl:"name,optional"`
	DBName             string `hcl:"db_name,optional"`
	DefaultTTL         string `hcl:"default_ttl,optional"`
	MaxTTL             string `hcl:"max_ttl,optional"`
	CreationStatements string `hcl:"creation_statements"`
}

type RedisDynamicSecret 

type RedisDynamicSecret struct {
	// contains filtered or unexported fields
}

func (*RedisDynamicSecret) Cleanup 

func (r *RedisDynamicSecret) Cleanup(client *api.Client) error

func (*RedisDynamicSecret) Flags 

func (r *RedisDynamicSecret) Flags(fs *flag.FlagSet)

func (*RedisDynamicSecret) GetTargetInfo 

func (r *RedisDynamicSecret) GetTargetInfo() TargetInfo

func (*RedisDynamicSecret) ParseConfig 

func (r *RedisDynamicSecret) ParseConfig(body hcl.Body) error

ParseConfig parses the passed in hcl.Body into Configuration structs for use during test configuration in Vault. Any default configuration definitions for required parameters will be set here.

func (*RedisDynamicSecret) Setup 

func (r *RedisDynamicSecret) Setup(client *api.Client, mountName string, topLevelConfig *TopLevelTargetConfig) (BenchmarkBuilder, error)

func (*RedisDynamicSecret) Target 

func (r *RedisDynamicSecret) Target(client *api.Client) vegeta.Target

type RedisDynamicSecretTestConfig 

type RedisDynamicSecretTestConfig struct {
	DBConfig   *RedisDBConfig          `hcl:"db_connection,block"`
	RoleConfig *RedisDynamicRoleConfig `hcl:"role,block"`
}

type RedisStaticRoleConfig 

type RedisStaticRoleConfig struct {
	Name           string `hcl:"name,optional"`
	DBName         string `hcl:"db_name,optional"`
	RotationPeriod string `hcl:"rotation_period,optional"`
	Username       string `hcl:"username"`
	InsecureTLS    bool   `hcl:"insecure_tls,optional"`
}

type RedisStaticSecret 

type RedisStaticSecret struct {
	// contains filtered or unexported fields
}

func (*RedisStaticSecret) Cleanup 

func (r *RedisStaticSecret) Cleanup(client *api.Client) error

func (*RedisStaticSecret) Flags 

func (r *RedisStaticSecret) Flags(fs *flag.FlagSet)

func (*RedisStaticSecret) GetTargetInfo 

func (r *RedisStaticSecret) GetTargetInfo() TargetInfo

func (*RedisStaticSecret) ParseConfig 

func (r *RedisStaticSecret) ParseConfig(body hcl.Body) error

ParseConfig parses the passed in hcl.Body into Configuration structs for use during test configuration in Vault. Any default configuration definitions for required parameters will be set here.

func (*RedisStaticSecret) Setup 

func (r *RedisStaticSecret) Setup(client *api.Client, mountName string, topLevelConfig *TopLevelTargetConfig) (BenchmarkBuilder, error)

func (*RedisStaticSecret) Target 

func (r *RedisStaticSecret) Target(client *api.Client) vegeta.Target

type RedisStaticSecretTestConfig 

type RedisStaticSecretTestConfig struct {
	DBConfig   *RedisDBConfig         `hcl:"db_connection,block"`
	RoleConfig *RedisStaticRoleConfig `hcl:"role,block"`
}

type Reporter 

type Reporter struct {
	// contains filtered or unexported fields
}

func Attack 

func Attack(tm *TargetMulti, client *api.Client, duration time.Duration, rps int, workers int) (*Reporter, error)

func FromReader 

func FromReader(r io.Reader) (*Reporter, error)

func (*Reporter) Add 

func (r *Reporter) Add(result *vegeta.Result)

func (*Reporter) Close 

func (r *Reporter) Close()

func (*Reporter) ReportJSON 

func (r *Reporter) ReportJSON(w io.Writer) error

func (*Reporter) ReportTerse 

func (r *Reporter) ReportTerse(w io.Writer) error

func (*Reporter) ReportVerbose 

func (r *Reporter) ReportVerbose(w io.Writer) error

type RoleConfig 

type RoleConfig struct {
	Name                 string   `hcl:"role_name,optional"`
	BindSecretID         *bool    `hcl:"bind_secret_id,optional"`
	SecretIDBoundCIDRS   []string `hcl:"secret_id_bound_cidrs,optional"`
	SecredIDNumUses      int      `hcl:"secret_id_num_uses,optional"`
	SecretIDTTL          string   `hcl:"secret_id_ttl,optional"`
	LocalSecretIDs       bool     `hcl:"local_secret_ids,optional"`
	TokenTTL             string   `hcl:"token_ttl,optional"`
	TokenMaxTTL          string   `hcl:"token_max_ttl,optional"`
	TokenPolicies        []string `hcl:"token_policies,optional"`
	Policies             []string `hcl:"policies,optional"`
	TokenBoundCIDRs      []string `hcl:"token_bound_cidrs,optional"`
	TokenExplicitMaxTTL  string   `hcl:"token_explicit_max_ttl,optional"`
	TokenNoDefaultPolicy bool     `hcl:"token_no_default_policy,optional"`
	TokenNumUses         int      `hcl:"token_num_uses,optional"`
	TokenPeriod          string   `hcl:"token_period,optional"`
	TokenType            string   `hcl:"token_type,optional"`
}

AppRole Role Config

type SSHCAConfig 

type SSHCAConfig struct {
	PrivateKey         string `hcl:"private_key,optional"`
	PublicKey          string `hcl:"public_key,optional"`
	GenerateSigningKey *bool  `hcl:"generate_signing_key,optional"`
	KeyType            string `hcl:"key_type,optional"`
	KeyBits            int    `hcl:"key_bits,optional"`
}

type SSHIssueTest 

type SSHIssueTest struct {
	// contains filtered or unexported fields
}

func (*SSHIssueTest) Cleanup 

func (s *SSHIssueTest) Cleanup(client *api.Client) error

func (*SSHIssueTest) Flags 

func (s *SSHIssueTest) Flags(fs *flag.FlagSet)

func (*SSHIssueTest) GetTargetInfo 

func (s *SSHIssueTest) GetTargetInfo() TargetInfo

func (*SSHIssueTest) ParseConfig 

func (s *SSHIssueTest) ParseConfig(body hcl.Body) error

func (*SSHIssueTest) Setup 

func (s *SSHIssueTest) Setup(client *api.Client, mountName string, topLevelConfig *TopLevelTargetConfig) (BenchmarkBuilder, error)

func (*SSHIssueTest) Target 

func (s *SSHIssueTest) Target(client *api.Client) vegeta.Target

type SSHIssueTestConfig 

type SSHIssueTestConfig struct {
	CAConfig         *SSHCAConfig         `hcl:"ca,block"`
	RoleConfig       *SSHRoleConfig       `hcl:"role,block"`
	IssuedCertConfig *SSHIssuedCertConfig `hcl:"issued_cert,block"`
}

type SSHIssuedCertConfig 

type SSHIssuedCertConfig struct {
	Name            string                 `hcl:"name,optional"`
	KeyType         string                 `hcl:"key_type,optional"`
	KeyBits         int                    `hcl:"key_bits,optional"`
	TTL             string                 `hcl:"ttl,optional"`
	ValidPrincipals string                 `hcl:"valid_principals,optional"`
	CertType        string                 `hcl:"cert_type,optional"`
	KeyID           string                 `hcl:"key_id,optional"`
	CriticalOptions map[string]interface{} `hcl:"critical_options,optional"`
	Extensions      map[string]interface{} `hcl:"extensions,optional"`
}

type SSHKeySignCAConfig 

type SSHKeySignCAConfig struct {
	PrivateKey         string `hcl:"private_key,optional"`
	PublicKey          string `hcl:"public_key,optional"`
	GenerateSigningKey *bool  `hcl:"generate_signing_key,optional"`
	KeyType            string `hcl:"key_type,optional"`
	KeyBits            int    `hcl:"key_bits,optional"`
}

type SSHKeySignRoleConfig 

type SSHKeySignRoleConfig struct {
	// Vault >= 1.13.x
	AllowedDomainsTemplate bool `hcl:"allowed_domains_template,optional"`

	// Vault <= 1.12.x
	Key            string   `hcl:"key,optional"`
	AdminUser      string   `hcl:"admin_user,optional"`
	KeyBits        int      `hcl:"key_bits,optional"`
	InstallScript  string   `hcl:"install_script,optional"`
	KeyOptionSpecs []string `hcl:"key_option_specs,optional"`

	// Common
	Name                   string                 `hcl:"name,optional"`
	DefaultUser            string                 `hcl:"default_user,optional"`
	DefaultUserTemplate    bool                   `hcl:"default_user_template,optional"`
	CIDRList               []string               `hcl:"cidr_list,optional"`
	ExcludeCIDRList        []string               `hcl:"exclude_cidr_list,optional"`
	Port                   int                    `hcl:"port,optional"`
	KeyType                string                 `hcl:"key_type,optional"`
	AllowedUsers           []string               `hcl:"allowed_users,optional"`
	AllowedUsersTemplate   bool                   `hcl:"allowed_users_template,optional"`
	AllowedDomains         []string               `hcl:"allowed_domains,optional"`
	TTL                    string                 `hcl:"ttl,optional"`
	MaxTTL                 string                 `hcl:"max_ttl,optional"`
	AllowedCriticalOptions []string               `hcl:"allowed_critical_options,optional"`
	AllowedExtensions      []string               `hcl:"allowed_extensions,optional"`
	DefaultCriticalOptions map[string]string      `hcl:"default_critical_options,optional"`
	DefaultExtensions      map[string]string      `hcl:"default_extensions,optional"`
	AllowUserCertificates  bool                   `hcl:"allow_user_certificates,optional"`
	AllowHostCertificates  bool                   `hcl:"allow_host_certificates,optional"`
	AllowBareDomains       bool                   `hcl:"allow_bare_domains,optional"`
	AllowSubdomains        bool                   `hcl:"allow_subdomains,optional"`
	AllowUserKeyIDs        bool                   `hcl:"allow_user_key_ids,optional"`
	KeyIDFormat            string                 `hcl:"key_id_format,optional"`
	AllowedUserKeyLengths  map[string]interface{} `hcl:"allowed_user_key_lengths,optional"`
	AlgorithmSigner        string                 `hcl:"algorithm_signer,optional"`
	NotBeforeDuration      string                 `hcl:"not_before_duration,optional"`
}

type SSHKeySignTest 

type SSHKeySignTest struct {
	// contains filtered or unexported fields
}

func (*SSHKeySignTest) Cleanup 

func (s *SSHKeySignTest) Cleanup(client *api.Client) error

func (*SSHKeySignTest) Flags 

func (s *SSHKeySignTest) Flags(fs *flag.FlagSet)

func (*SSHKeySignTest) GetTargetInfo 

func (s *SSHKeySignTest) GetTargetInfo() TargetInfo

func (*SSHKeySignTest) ParseConfig 

func (s *SSHKeySignTest) ParseConfig(body hcl.Body) error

func (*SSHKeySignTest) Setup 

func (s *SSHKeySignTest) Setup(client *api.Client, mountName string, topLevelConfig *TopLevelTargetConfig) (BenchmarkBuilder, error)

func (*SSHKeySignTest) Target 

func (s *SSHKeySignTest) Target(client *api.Client) vegeta.Target

type SSHKeySignTestConfig 

type SSHKeySignTestConfig struct {
	CAConfig         *SSHKeySignCAConfig   `hcl:"ca,block"`
	RoleConfig       *SSHKeySignRoleConfig `hcl:"role,block"`
	KeySigningConfig *SSHKeySigningConfig  `hcl:"key_signing,block"`
}

type SSHKeySigningConfig 

type SSHKeySigningConfig struct {
	PublicKey       *string                `hcl:"public_key,optional"`
	TTL             string                 `hcl:"ttl,optional"`
	ValidPrincipals string                 `hcl:"valid_principals,optional"`
	CertType        string                 `hcl:"cert_type,optional"`
	KeyID           string                 `hcl:"key_id,optional"`
	CriticalOptions map[string]interface{} `hcl:"critical_options,optional"`
	Extensions      map[string]interface{} `hcl:"extensions,optional"`
}

type SSHRoleConfig 

type SSHRoleConfig struct {
	// Vault >= 1.13.x
	AllowedDomainsTemplate bool `hcl:"allowed_domains_template,optional"`

	// Vault <= 1.12.x
	Key            string   `hcl:"key,optional"`
	AdminUser      string   `hcl:"admin_user,optional"`
	KeyBits        int      `hcl:"key_bits,optional"`
	InstallScript  string   `hcl:"install_script,optional"`
	KeyOptionSpecs []string `hcl:"key_option_specs,optional"`

	// Common
	Name                   string                 `hcl:"name,optional"`
	DefaultUser            string                 `hcl:"default_user,optional"`
	DefaultUserTemplate    bool                   `hcl:"default_user_template,optional"`
	CIDRList               []string               `hcl:"cidr_list,optional"`
	ExcludeCIDRList        []string               `hcl:"exclude_cidr_list,optional"`
	Port                   int                    `hcl:"port,optional"`
	KeyType                string                 `hcl:"key_type,optional"`
	AllowedUsers           []string               `hcl:"allowed_users,optional"`
	AllowedUsersTemplate   bool                   `hcl:"allowed_users_template,optional"`
	AllowedDomains         []string               `hcl:"allowed_domains,optional"`
	TTL                    string                 `hcl:"ttl,optional"`
	MaxTTL                 string                 `hcl:"max_ttl,optional"`
	AllowedCriticalOptions []string               `hcl:"allowed_critical_options,optional"`
	AllowedExtensions      []string               `hcl:"allowed_extensions,optional"`
	DefaultCriticalOptions map[string]string      `hcl:"default_critical_options,optional"`
	DefaultExtensions      map[string]string      `hcl:"default_extensions,optional"`
	AllowUserCertificates  bool                   `hcl:"allow_user_certificates,optional"`
	AllowHostCertificates  bool                   `hcl:"allow_host_certificates,optional"`
	AllowBareDomains       bool                   `hcl:"allow_bare_domains,optional"`
	AllowSubdomains        bool                   `hcl:"allow_subdomains,optional"`
	AllowUserKeyIDs        bool                   `hcl:"allow_user_key_ids,optional"`
	KeyIDFormat            string                 `hcl:"key_id_format,optional"`
	AllowedUserKeyLengths  map[string]interface{} `hcl:"allowed_user_key_lengths,optional"`
	AlgorithmSigner        string                 `hcl:"algorithm_signer,optional"`
	NotBeforeDuration      string                 `hcl:"not_before_duration,optional"`
}

type SecretIDConfig 

type SecretIDConfig struct {
	Metadata        string   `hcl:"metadata,optional"`
	CIDRList        []string `hcl:"cidr_list,optional"`
	NumUses         int      `hcl:"num_uses,optional"`
	TTL             string   `hcl:"ttl,optional"`
	TokenBoundCIDRs []string `hcl:"token_bound_cidrs,optional"`
}

AppRole SecretID Config

type StatusCheck 

type StatusCheck struct {
	// contains filtered or unexported fields
}

func (*StatusCheck) Cleanup 

func (s *StatusCheck) Cleanup(client *api.Client) error

Cleanup is a no-op for this test

func (*StatusCheck) Flags 

func (s *StatusCheck) Flags(fs *flag.FlagSet)

func (*StatusCheck) GetTargetInfo 

func (s *StatusCheck) GetTargetInfo() TargetInfo

func (*StatusCheck) ParseConfig 

func (s *StatusCheck) ParseConfig(body hcl.Body) error

func (*StatusCheck) Setup 

func (s *StatusCheck) Setup(client *api.Client, mountName string, topLevelConfig *TopLevelTargetConfig) (BenchmarkBuilder, error)

func (*StatusCheck) Target 

func (s *StatusCheck) Target(client *api.Client) vegeta.Target

type TargetInfo 

type TargetInfo struct {
	// contains filtered or unexported fields
}

type TargetMulti 

type TargetMulti struct {
	// contains filtered or unexported fields
}

TargetMulti allows building a vegeta targetter that chooses between various operations randomly following a specified distribution.

func BuildTargets 

func BuildTargets(client *api.Client, tests []*BenchmarkTarget, logger *hclog.Logger, config *TopLevelTargetConfig) (*TargetMulti, error)

func (TargetMulti) Cleanup 

func (tm TargetMulti) Cleanup(client *api.Client) error

func (TargetMulti) DebugInfo 

func (tm TargetMulti) DebugInfo(client *api.Client)

func (TargetMulti) Targeter 

func (tm TargetMulti) Targeter(client *api.Client) (vegeta.Targeter, error)

type TopLevelTargetConfig added in v0.2.0 

type TopLevelTargetConfig struct {
	Duration     time.Duration
	RandomMounts bool
}

Configuration that applies to all individual tests

type TransformInputConfig 

type TransformInputConfig struct {
	Value          string        `hcl:"value,optional"`
	Transformation string        `hcl:"transformation,optional"`
	TTL            string        `hcl:"ttl,optional"`
	Metadata       string        `hcl:"metadata,optional"`
	Tweak          string        `hcl:"tweak,optional"`
	Reference      string        `hcl:"reference,optional"`
	BatchInput     []interface{} `hcl:"batch_input,optional"`
}

type TransformRoleConfig 

type TransformRoleConfig struct {
	Name            string   `hcl:"name,optional"`
	Transformations []string `hcl:"transformations,optional"`
}

type TransformStoreConfig 

type TransformStoreConfig struct {
	Name                     string   `hcl:"name"`
	Type                     string   `hcl:"type"`
	Driver                   string   `hcl:"driver"`
	ConnectionString         string   `hcl:"connection_string"`
	Username                 string   `hcl:"username"`
	Password                 string   `hcl:"password"`
	SupportedTransformations []string `hcl:"supported_transformations,optional"`
	Schema                   string   `hcl:"schema,optional"`
	MaxOpenConnections       int      `hcl:"max_open_connections,optional"`
	MaxIdleConnections       int      `hcl:"max_idle_connections,optional"`
	MaxConnectionLifetime    string   `hcl:"max_connection_lifetime,optional"`
}

type TransformStoreSchemaConfig 

type TransformStoreSchemaConfig struct {
	Name               string `hcl:"name,optional"`
	Username           string `hcl:"username,optional"`
	Password           string `hcl:"password,optional"`
	TransformationType string `hcl:"transformation_type,optional"`
}

type TransformTokenizationConfig 

type TransformTokenizationConfig struct {
	Name            string   `hcl:"name,optional"`
	MappingMode     string   `hcl:"mapping_mode,optional"`
	Convergent      bool     `hcl:"convergent,optional"`
	MaxTTL          string   `hcl:"max_ttl,optional"`
	AllowedRoles    []string `hcl:"allowed_roles,optional"`
	Stores          []string `hcl:"stores,optional"`
	DeletionAllowed bool     `hcl:"deletion_allowed,optional"`
}

type TransformTokenizationTest 

type TransformTokenizationTest struct {
	// contains filtered or unexported fields
}

func (*TransformTokenizationTest) Cleanup 

func (t *TransformTokenizationTest) Cleanup(client *api.Client) error

func (*TransformTokenizationTest) Flags 

func (t *TransformTokenizationTest) Flags(fs *flag.FlagSet)

func (*TransformTokenizationTest) GetTargetInfo 

func (t *TransformTokenizationTest) GetTargetInfo() TargetInfo

func (*TransformTokenizationTest) ParseConfig 

func (t *TransformTokenizationTest) ParseConfig(body hcl.Body) error

func (*TransformTokenizationTest) Setup 

func (t *TransformTokenizationTest) Setup(client *api.Client, mountName string, topLevelConfig *TopLevelTargetConfig) (BenchmarkBuilder, error)

func (*TransformTokenizationTest) Target 

func (t *TransformTokenizationTest) Target(client *api.Client) vegeta.Target

type TransformTokenizationTestConfig 

type TransformTokenizationTestConfig struct {
	StoreConfig        *TransformStoreConfig        `hcl:"store,block"`
	StoreSchemaConfig  *TransformStoreSchemaConfig  `hcl:"store_schema,block"`
	RoleConfig         *TransformRoleConfig         `hcl:"role,block"`
	TokenizationConfig *TransformTokenizationConfig `hcl:"tokenization,block"`
	InputConfig        *TransformInputConfig        `hcl:"input,block"`
}

type TransitConfigDecrypt 

type TransitConfigDecrypt struct {
	Name                       string        `hcl:"name,optional"`
	Ciphertext                 string        `hcl:"ciphertext,optional"`
	AssociatedData             string        `hcl:"associated_data,optional"`
	Context                    string        `hcl:"context,optional"`
	Nonce                      string        `hcl:"nonce,optional"`
	Reference                  string        `hcl:"reference,optional"`
	BatchInput                 []interface{} `hcl:"batch_input,optional"`
	PartialFailureResponseCode int           `hcl:"partial_failure_response_code,optional"`
}

/transit/decrypt/:name

type TransitConfigEncrypt 

type TransitConfigEncrypt struct {
	Name                       string        `hcl:"name,optional"`
	Plaintext                  string        `hcl:"plaintext,optional"`
	AssociatedData             string        `hcl:"associated_data,optional"`
	Context                    string        `hcl:"context,optional"`
	KeyVersion                 int           `hcl:"key_version,optional"`
	Nonce                      string        `hcl:"nonce,optional"`
	Reference                  string        `hcl:"reference,optional"`
	BatchInput                 []interface{} `hcl:"batch_input,optional"`
	Type                       string        `hcl:"type,optional"`
	ConvergentEncryption       bool          `hcl:"convergent_encryption,optional"`
	PartialFailureResponseCode int           `hcl:"partial_failure_response_code,optional"`
}

/transit/encrypt/:name

type TransitConfigKeys 

type TransitConfigKeys struct {
	Name                 string `hcl:"name,optional"`
	ConvergentEncryption bool   `hcl:"convergent_encryption,optional"`
	Derived              bool   `hcl:"derived,optional"`
	Exportable           bool   `hcl:"exportable,optional"`
	AllowPlaintextBackup bool   `hcl:"allow_plaintext_backup,optional"`
	Type                 string `hcl:"type,optional"`
	KeySize              int    `hcl:"key_size,optional"`
	AutoRotatePeriod     string `hcl:"auto_rotate_period,optional"`
	ManagedKeyName       string `hcl:"managed_key_name,optional"`
	ManagedKeyID         string `hcl:"managed_key_id,optional"`
}

/transit/keys/:name

type TransitConfigSign 

type TransitConfigSign struct {
	Name                string        `hcl:"name,optional"`
	KeyVersion          int           `hcl:"key_version,optional"`
	HashAlgorithm       string        `hcl:"hash_algorithm,optional"`
	Input               string        `hcl:"input,optional"`
	Reference           string        `hcl:"reference,optional"`
	BatchInput          []interface{} `hcl:"batch_input,optional"`
	Context             string        `hcl:"context,optional"`
	Prehashed           bool          `hcl:"prehashed,optional"`
	SignatureAlgorithm  string        `hcl:"signature_algorithm,optional"`
	MarshalingAlgorithm string        `hcl:"marshaling_algorithm,optional"`
	SaltLength          string        `hcl:"salt_length,optional"`
}

/transit/sign/:name

type TransitConfigVerify 

type TransitConfigVerify struct {
	Name                string        `hcl:"name,optional"`
	HashAlgorithm       string        `hcl:"hash_algorithm,optional"`
	Input               string        `hcl:"input,optional"`
	Signature           string        `hcl:"signature,optional"`
	HMAC                string        `hcl:"hmac,optional"`
	Reference           string        `hcl:"reference,optional"`
	BatchInput          []interface{} `hcl:"batch_input,optional"`
	Context             string        `hcl:"context,optional"`
	Prehashed           bool          `hcl:"prehashed,optional"`
	SignatureAlgorithm  string        `hcl:"signature_algorithm,optional"`
	MarshalingAlgorithm string        `hcl:"marshaling_algorithm,optional"`
	SaltLength          string        `hcl:"salt_length,optional"`
}

/transit/verify/:name(/:hash_algorithm)

type TransitTest 

type TransitTest struct {
	// contains filtered or unexported fields
}

func (*TransitTest) Cleanup 

func (t *TransitTest) Cleanup(client *api.Client) error

func (*TransitTest) Flags 

func (t *TransitTest) Flags(fs *flag.FlagSet)

func (*TransitTest) GetTargetInfo 

func (t *TransitTest) GetTargetInfo() TargetInfo

func (*TransitTest) ParseConfig 

func (t *TransitTest) ParseConfig(body hcl.Body) error

func (*TransitTest) Setup 

func (t *TransitTest) Setup(client *api.Client, mountName string, topLevelConfig *TopLevelTargetConfig) (BenchmarkBuilder, error)

func (*TransitTest) Target 

func (t *TransitTest) Target(client *api.Client) vegeta.Target

type TransitTestConfig 

type TransitTestConfig struct {
	PayloadLen           int                   `hcl:"payload_len,optional"`
	ContextLen           int                   `hcl:"context_len,optional"`
	TransitConfigKeys    *TransitConfigKeys    `hcl:"keys,block"`
	TransitConfigSign    *TransitConfigSign    `hcl:"sign,block"`
	TransitConfigVerify  *TransitConfigVerify  `hcl:"verify,block"`
	TransitConfigEncrypt *TransitConfigEncrypt `hcl:"encrypt,block"`
	TransitConfigDecrypt *TransitConfigDecrypt `hcl:"decrypt,block"`
}

type UserpassAuth 

type UserpassAuth struct {
	// contains filtered or unexported fields
}

func (*UserpassAuth) Cleanup 

func (u *UserpassAuth) Cleanup(client *api.Client) error

func (*UserpassAuth) Flags 

func (u *UserpassAuth) Flags(fs *flag.FlagSet)

func (*UserpassAuth) GetTargetInfo 

func (u *UserpassAuth) GetTargetInfo() TargetInfo

func (*UserpassAuth) ParseConfig 

func (u *UserpassAuth) ParseConfig(body hcl.Body) error

ParseConfig parses the passed in hcl.Body into Configuration structs for use during test configuration in Vault. Any default configuration definitions for required parameters will be set here.

func (*UserpassAuth) Setup 

func (u *UserpassAuth) Setup(client *api.Client, mountName string, topLevelConfig *TopLevelTargetConfig) (BenchmarkBuilder, error)

func (*UserpassAuth) Target 

func (u *UserpassAuth) Target(client *api.Client) vegeta.Target

type UserpassAuthConfig 

type UserpassAuthConfig struct {
	Username             string   `hcl:"username,optional"`
	Password             string   `hcl:"password,optional"`
	TokenTTL             string   `hcl:"token_ttl,optional"`
	TokenMaxTTL          string   `hcl:"token_max_ttl,optional"`
	TokenPolicies        []string `hcl:"token_policies,optional"`
	TokenBoundCidrs      []string `hcl:"token_bound_cidrs,optional"`
	TokenExplicitMaxTTL  string   `hcl:"token_explicit_max_ttl,optional"`
	TokenNoDefaultPolicy bool     `hcl:"token_no_default_policy,optional"`
	TokenNumUses         int      `hcl:"token_num_uses,optional"`
	TokenPeriod          string   `hcl:"token_period,optional"`
	TokenType            string   `hcl:"token_type,optional"`
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.