vault

package module
v0.4.3 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 18, 2023 License: MPL-2.0 Imports: 31 Imported by: 51

README

vault-client-go

Go Reference Build

A simple HashiCorp Vault Go client library.

Note: This library is now available in BETA. Please try it out and give us feedback! Please do not use it in production.

Note: We take Vault's security and our users' trust very seriously. If you believe you have found a security issue in Vault, please responsibly disclose by contacting us at security@hashicorp.com.

Contents

  1. Installation
  2. Examples
  3. Building the Library
  4. Under Development
  5. Documentation for API Endpoints

Installation

go get -u github.com/hashicorp/vault-client-go

Examples

Getting Started

Here is a simple example of using the library to read and write your first secret. For the sake of simplicity, we are authenticating with a root token. This example works with a Vault server running in -dev mode:

vault server -dev -dev-root-token-id="my-token"

package main

import (
	"context"
	"log"
	"time"

	"github.com/hashicorp/vault-client-go"
	"github.com/hashicorp/vault-client-go/schema"
)

func main() {
	ctx := context.Background()

	// prepare a client with the given base address
	client, err := vault.New(
		vault.WithAddress("http://127.0.0.1:8200"),
		vault.WithRequestTimeout(30*time.Second),
	)
	if err != nil {
		log.Fatal(err)
	}

	// authenticate with a root token (insecure)
	if err := client.SetToken("my-token"); err != nil {
		log.Fatal(err)
	}

	// write a secret
	_, err = client.Secrets.KvV2Write(ctx, "foo", schema.KvV2WriteRequest{
		Data: map[string]any{
			"password1": "abc123",
			"password2": "correct horse battery staple",
		}},
		vault.WithMountPath("secret"),
	)
	if err != nil {
		log.Fatal(err)
	}
	log.Println("secret written successfully")

	// read the secret
	s, err := client.Secrets.KvV2Read(ctx, "foo", vault.WithMountPath("secret"))
	if err != nil {
		log.Fatal(err)
	}
	log.Println("secret retrieved:", s.Data.Data)
}
Authentication

In the previous example we used an insecure (root token) authentication method. For production applications, it is recommended to use approle or one of the platform-specific authentication methods instead (e.g. Kubernetes, AWS, Azure, etc.). The functions to access these authentication methods are automatically generated under client.Auth. Below is an example of how to authenticate using approle authentication method. Please refer to the approle documentation for more details.

resp, err := client.Auth.AppRoleLogin(
	ctx,
	schema.AppRoleLoginRequest{
		RoleId:   os.Getenv("MY_APPROLE_ROLE_ID"),
		SecretId: os.Getenv("MY_APPROLE_SECRET_ID"),
	},
	vault.WithMountPath("my/approle/path"), // optional, defaults to "approle"
)
if err != nil {
	log.Fatal(err)
}

if err := client.SetToken(resp.Auth.ClientToken); err != nil {
	log.Fatal(err)
}

The secret identifier is often delivered as a wrapped token. In this case, you should unwrap it first as demonstrated here.

Using Generic Methods

The library provides the following generic methods which let you read, modify, list, and delete an arbitrary path within Vault:

client.Read(...)
client.ReadRaw(...)

client.Write(...)
client.WriteFromBytes(...)
client.WriteFromReader(...)

client.List(...)

client.Delete(...)

For example, client.Secrets.KvV2Write(...) from the Getting Started section could be rewritten using a generic client.Write(...) like so:

_, err = client.Write(ctx, "/secret/data/foo", map[string]any{
	"data": map[string]any{
		"password1": "abc123",
		"password2": "correct horse battery staple",
	},
})
Using Generated Methods

The library has a number of generated methods corresponding to the known Vault API endpoints. They are organized in four categories:

client.Auth     // methods related to authentication
client.Secrets  // methods related to various secrets engines
client.Identity // methods related to identities, entities, and aliases
client.System   // various system-wide methods

Below is an example of accessing the generated MountsListSecretsEngines method (equivalent to vault secrets list or GET /v1/sys/mounts):

resp, err := client.System.MountsListSecretsEngines(ctx)
if err != nil {
	log.Fatal(err)
}

for engine := range resp.Data {
	log.Println(engine)
}
Modifying Requests

You can modify the requests in one of two ways, either at the client level or by decorating individual requests. In case both client-level and request-specific modifiers are present, the following rules will apply:

  • For scalar values (such as vault.WithToken example below), the request-specific decorators will take precedence over the client-level settings.
  • For slices (e.g. vault.WithResponseCallbacks), the request-specific decorators will be appended to the client-level settings for the given request.
  • For maps (e.g. vault.WithCustomHeaders), the request-specific decorators will be merged into the client-level settings using maps.Copy semantics (appended, overwriting the existing keys) for the given request.
// all subsequent requests will use the given token & namespace
_ = client.SetToken("my-token")
_ = client.SetNamespace("my-namespace")

// for scalar settings, request-specific decorators take precedence
resp, err := client.Secrets.KvV2Read(
	ctx,
	"my-secret",
	vault.WithToken("request-specific-token"),
	vault.WithNamespace("request-specific-namespace"),
)
Overriding Default Mount Path

Vault plugins can be mounted at arbitrary mount paths using -path command-line argument:

vault secrets enable -path=my/mount/path kv-v2

To accommodate this behavior, the requests defined under client.Auth and client.Secrets can be offset with mount path overrides using the following syntax:

// Equivalent to client.Read(ctx, "my/mount/path/data/my-secret")
secret, err := client.Secrets.KvV2Read(
	ctx,
	"my-secret",
	vault.WithMountPath("my/mount/path"),
)
Adding Custom Headers and Appending Query Parameters

The library allows adding custom headers and appending query parameters to all requests. vault.WithQueryParameters is primarily intended for the generic client.Read, client.ReadRaw, client.List, and client.Delete:

resp, err := client.Read(
    ctx,
    "/path/to/my/secret",
    vault.WithCustomHeaders(http.Header{
        "x-test-header1": {"a", "b"},
        "x-test-header2": {"c", "d"},
    }),
    vault.WithQueryParameters(url.Values{
        "param1": {"a"},
        "param2": {"b"},
    }),
)
Response Wrapping & Unwrapping

Please refer to the response-wrapping documentation for more background information.

// wrap the response with a 5 minute TTL
resp, err := client.Secrets.KvV2Read(
	ctx,
	"my-secret",
	vault.WithResponseWrapping(5*time.Minute),
)
wrapped := resp.WrapInfo.Token

// unwrap the response (usually done elsewhere)
unwrapped, err := vault.Unwrap[schema.KvV2ReadResponse](ctx, client, wrapped)
Error Handling

There are a couple specialized error types that the client can return:

  • ResponseError is the error returned when Vault responds with a status code outside of the 200 - 399 range.
  • RedirectError is the error returned when the client fails to process a redirect response.

The client also provides a convenience function vault.IsErrorStatus(...) to simplify error handling:

s, err := client.Secrets.KvV2Read(ctx, "my-secret")
if err != nil {
	if vault.IsErrorStatus(err, http.StatusForbidden) {
		// special handling for 403 errors
	}
	if vault.IsErrorStatus(err, http.StatusNotFound) {
		// special handling for 404 errors
	}
	return err
}
Using TLS

To enable TLS, simply specify the location of the Vault server's CA certificate file in the configuration:

tls := vault.TLSConfiguration{}
tls.ServerCertificate.FromFile = "/tmp/vault-ca.pem"

client, err := vault.New(
	vault.WithAddress("https://localhost:8200"),
	vault.WithTLS(tls),
)
if err != nil {
	log.Fatal(err)
}
...

You can test this with a -dev-tls Vault server:

vault server -dev-tls -dev-root-token-id="my-token"
Using TLS with Client-side Certificate Authentication
tls := vault.TLSConfiguration{}
tls.ServerCertificate.FromFile = "/tmp/vault-ca.pem"
tls.ClientCertificate.FromFile = "/tmp/client-cert.pem"
tls.ClientCertificateKey.FromFile = "/tmp/client-cert-key.pem"

client, err := vault.New(
	vault.WithAddress("https://localhost:8200"),
	vault.WithTLS(tls),
)
if err != nil {
	log.Fatal(err)
}

resp, err := client.Auth.CertLogin(ctx, schema.CertLoginRequest{
	Name: "my-cert",
})
if err != nil {
	log.Fatal(err)
}

if err := client.SetToken(resp.Auth.ClientToken); err != nil {
	log.Fatal(err)
}

Note: this is a temporary solution using a generated method. The user experience will be improved with the introduction of auth wrappers.

Loading Configuration from Environment Variables
client, err := vault.New(
	vault.WithEnvironment(),
)
if err != nil {
	log.Fatal(err)
}

export VAULT_ADDR=http://localhost:8200
export VAULT_TOKEN=my-token
go run main.go
Logging Requests & Responses with Request/Response Callbacks
client.SetRequestCallbacks(func(req *http.Request) {
	log.Println("request:", *req)
})
client.SetResponseCallbacks(func(req *http.Request, resp *http.Response) {
	log.Println("response:", *resp)
})

Additionally, vault.WithRequestCallbacks(..) / vault.WithResponseCallbacks(..) can be used to inject callbacks for individual requests. These request-level callbacks will be appended to the list of the respective client-level callbacks for the given request.

resp, err := client.Secrets.KvV2Read(
	ctx,
	"my-secret",
	vault.WithRequestCallbacks(func(req *http.Request) {
		log.Println("request:", *req)
	}),
	vault.WithResponseCallbacks(func(req *http.Request, resp *http.Response) {
		log.Println("response:", *resp)
	}),
)
Enforcing Read-your-writes Replication Semantics

Detailed background information of the read-after-write consistency problem can be found in the consistency and replication documentation pages.

You can enforce read-your-writes semantics for individual requests through callbacks:

var state string

// write
_, err := client.Secrets.KvV2Write(
	ctx,
	"my-secret",
	schema.KvV2WriteRequest{
		Data: map[string]any{
			"password1": "abc123",
			"password2": "correct horse battery staple",
		},
	}
	vault.WithResponseCallbacks(
		vault.RecordReplicationState(
			&state,
		),
	),
)

// read
secret, err := client.Secrets.KvV2Read(
	ctx,
	"my-secret",
	vault.WithRequestCallbacks(
		vault.RequireReplicationStates(
			&state,
		),
	),
)

Alternatively, enforce read-your-writes semantics for all requests using the following setting:

client, err := vault.New(
	vault.WithAddress("https://localhost:8200"),
	vault.WithEnforceReadYourWritesConsistency(),
)

Note: careful consideration should be made prior to enabling this setting since there will be a performance penalty paid upon each request.

Building the Library

The vast majority of the code (including the client's endpoint-related methods, request structures, and response structures) is generated from the openapi.json using openapi-generator. If you make any changes to the underlying templates (generate/templates/*), please make sure to regenerate the files by running the following:

make regen && go build ./... && go test ./...

Warning: Vault does not yet provide an official OpenAPI specification. The openapi.json file included in this repository may change in non-backwards compatible ways.

Under Development

This library is currently under active development. Below is a list of high-level features that have been implemented:

  • TLS
  • Read/Write/Delete/List base accessors
  • Automatic retries on errors (using go-retryablehttp)
  • Custom redirect logic
  • Client-side rate limiting
  • Vault-specific headers (X-Vault-Token, X-Vault-Namespace, etc.) and custom headers
  • Request/Response callbacks
  • Environment variables for configuration
  • Read-your-writes semantics
  • Thread-safe cloning and client modifications
  • Response wrapping & unwrapping
  • CI/CD pipelines
  • Structured responses for core requests

The following features are coming soon:

  • Testing framework
  • Authentication wrappers
  • Automatic renewal of tokens and leases
  • More structured responses

Documentation for API Endpoints

Documentation

Index

Constants

View Source 
const ClientVersion = "0.4.3"

Variables

This section is empty.

Functions

func DefaultRetryPolicy 

func DefaultRetryPolicy(ctx context.Context, resp *http.Response, err error) (bool, error)

DefaultRetryPolicy provides a default callback for RetryConfiguration.CheckRetry. In addition to retryablehttp.DefaultRetryPolicy, it retries on 412 responses, which are returned by Vault when a X-Vault-Index header isn't satisfied.

func IsErrorStatus 

func IsErrorStatus(err error, status int) bool

IsErrorStatus returns true if the given error is either a ResponseError or a RedirectError with the given status code.

func MergeReplicationStates 

func MergeReplicationStates(old []string, new string) []string

MergeReplicationStates returns a merged array of replication states by iterating through all states in the `old` slice. An iterated state is merged into the result before the `new` based on the result of compareReplicationStates

Types

type Auth 

type Auth struct {
	// contains filtered or unexported fields
}

Auth is a simple wrapper around the client for Auth requests

func (*Auth) AliCloudDeleteAuthRole 

func (a *Auth) AliCloudDeleteAuthRole(ctx context.Context, role string, options ...RequestOption) (*Response[map[string]interface{}], error)

AliCloudDeleteAuthRole Create a role and associate policies to it. role: The name of the role as it should appear in Vault.

func (*Auth) AliCloudListAuthRoles 

func (a *Auth) AliCloudListAuthRoles(ctx context.Context, options ...RequestOption) (*Response[schema.StandardListResponse], error)

AliCloudListAuthRoles Lists all the roles that are registered with Vault.

func (*Auth) AliCloudLogin 

func (a *Auth) AliCloudLogin(ctx context.Context, request schema.AliCloudLoginRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

AliCloudLogin Authenticates an RAM entity with Vault.

func (*Auth) AliCloudReadAuthRole 

func (a *Auth) AliCloudReadAuthRole(ctx context.Context, role string, options ...RequestOption) (*Response[map[string]interface{}], error)

AliCloudReadAuthRole Create a role and associate policies to it. role: The name of the role as it should appear in Vault.

func (*Auth) AliCloudWriteAuthRole 

func (a *Auth) AliCloudWriteAuthRole(ctx context.Context, role string, request schema.AliCloudWriteAuthRoleRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

AliCloudWriteAuthRole Create a role and associate policies to it. role: The name of the role as it should appear in Vault.

func (*Auth) AppRoleDeleteBindSecretId added in v0.3.0 

func (a *Auth) AppRoleDeleteBindSecretId(ctx context.Context, roleName string, options ...RequestOption) (*Response[map[string]interface{}], error)

AppRoleDeleteBindSecretId roleName: Name of the role. Must be less than 4096 bytes.

func (*Auth) AppRoleDeleteBoundCidrList added in v0.3.0 

func (a *Auth) AppRoleDeleteBoundCidrList(ctx context.Context, roleName string, options ...RequestOption) (*Response[map[string]interface{}], error)

AppRoleDeleteBoundCidrList roleName: Name of the role. Must be less than 4096 bytes.

func (*Auth) AppRoleDeletePeriod 

func (a *Auth) AppRoleDeletePeriod(ctx context.Context, roleName string, options ...RequestOption) (*Response[map[string]interface{}], error)

AppRoleDeletePeriod roleName: Name of the role. Must be less than 4096 bytes.

func (*Auth) AppRoleDeletePolicies 

func (a *Auth) AppRoleDeletePolicies(ctx context.Context, roleName string, options ...RequestOption) (*Response[map[string]interface{}], error)

AppRoleDeletePolicies roleName: Name of the role. Must be less than 4096 bytes.

func (*Auth) AppRoleDeleteRole 

func (a *Auth) AppRoleDeleteRole(ctx context.Context, roleName string, options ...RequestOption) (*Response[map[string]interface{}], error)

AppRoleDeleteRole roleName: Name of the role. Must be less than 4096 bytes.

func (*Auth) AppRoleDeleteSecretIdBoundCidrs added in v0.3.0 

func (a *Auth) AppRoleDeleteSecretIdBoundCidrs(ctx context.Context, roleName string, options ...RequestOption) (*Response[map[string]interface{}], error)

AppRoleDeleteSecretIdBoundCidrs roleName: Name of the role. Must be less than 4096 bytes.

func (*Auth) AppRoleDeleteSecretIdNumUses added in v0.3.0 

func (a *Auth) AppRoleDeleteSecretIdNumUses(ctx context.Context, roleName string, options ...RequestOption) (*Response[map[string]interface{}], error)

AppRoleDeleteSecretIdNumUses roleName: Name of the role. Must be less than 4096 bytes.

func (*Auth) AppRoleDeleteSecretIdTtl added in v0.3.0 

func (a *Auth) AppRoleDeleteSecretIdTtl(ctx context.Context, roleName string, options ...RequestOption) (*Response[map[string]interface{}], error)

AppRoleDeleteSecretIdTtl roleName: Name of the role. Must be less than 4096 bytes.

func (*Auth) AppRoleDeleteTokenBoundCidrs added in v0.3.0 

func (a *Auth) AppRoleDeleteTokenBoundCidrs(ctx context.Context, roleName string, options ...RequestOption) (*Response[map[string]interface{}], error)

AppRoleDeleteTokenBoundCidrs roleName: Name of the role. Must be less than 4096 bytes.

func (*Auth) AppRoleDeleteTokenMaxTtl added in v0.3.0 

func (a *Auth) AppRoleDeleteTokenMaxTtl(ctx context.Context, roleName string, options ...RequestOption) (*Response[map[string]interface{}], error)

AppRoleDeleteTokenMaxTtl roleName: Name of the role. Must be less than 4096 bytes.

func (*Auth) AppRoleDeleteTokenNumUses 

func (a *Auth) AppRoleDeleteTokenNumUses(ctx context.Context, roleName string, options ...RequestOption) (*Response[map[string]interface{}], error)

AppRoleDeleteTokenNumUses roleName: Name of the role. Must be less than 4096 bytes.

func (*Auth) AppRoleDeleteTokenTtl added in v0.3.0 

func (a *Auth) AppRoleDeleteTokenTtl(ctx context.Context, roleName string, options ...RequestOption) (*Response[map[string]interface{}], error)

AppRoleDeleteTokenTtl roleName: Name of the role. Must be less than 4096 bytes.

func (*Auth) AppRoleDestroySecretId added in v0.3.0 

func (a *Auth) AppRoleDestroySecretId(ctx context.Context, roleName string, request schema.AppRoleDestroySecretIdRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

AppRoleDestroySecretId roleName: Name of the role. Must be less than 4096 bytes.

func (*Auth) AppRoleDestroySecretIdByAccessor added in v0.3.0 

func (a *Auth) AppRoleDestroySecretIdByAccessor(ctx context.Context, roleName string, request schema.AppRoleDestroySecretIdByAccessorRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

AppRoleDestroySecretIdByAccessor roleName: Name of the role. Must be less than 4096 bytes.

func (*Auth) AppRoleListRoles 

func (a *Auth) AppRoleListRoles(ctx context.Context, options ...RequestOption) (*Response[schema.StandardListResponse], error)

AppRoleListRoles

func (*Auth) AppRoleListSecretIds added in v0.3.0 

func (a *Auth) AppRoleListSecretIds(ctx context.Context, roleName string, options ...RequestOption) (*Response[schema.StandardListResponse], error)

AppRoleListSecretIds roleName: Name of the role. Must be less than 4096 bytes.

func (*Auth) AppRoleLogin 

func (a *Auth) AppRoleLogin(ctx context.Context, request schema.AppRoleLoginRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

AppRoleLogin

func (*Auth) AppRoleLookUpSecretId added in v0.3.0 

func (a *Auth) AppRoleLookUpSecretId(ctx context.Context, roleName string, request schema.AppRoleLookUpSecretIdRequest, options ...RequestOption) (*Response[schema.AppRoleLookUpSecretIdResponse], error)

AppRoleLookUpSecretId roleName: Name of the role. Must be less than 4096 bytes.

func (*Auth) AppRoleLookUpSecretIdByAccessor added in v0.3.0 

func (a *Auth) AppRoleLookUpSecretIdByAccessor(ctx context.Context, roleName string, request schema.AppRoleLookUpSecretIdByAccessorRequest, options ...RequestOption) (*Response[schema.AppRoleLookUpSecretIdByAccessorResponse], error)

AppRoleLookUpSecretIdByAccessor roleName: Name of the role. Must be less than 4096 bytes.

func (*Auth) AppRoleReadBindSecretId added in v0.3.0 

func (a *Auth) AppRoleReadBindSecretId(ctx context.Context, roleName string, options ...RequestOption) (*Response[schema.AppRoleReadBindSecretIdResponse], error)

AppRoleReadBindSecretId roleName: Name of the role. Must be less than 4096 bytes.

func (*Auth) AppRoleReadBoundCidrList added in v0.3.0 

func (a *Auth) AppRoleReadBoundCidrList(ctx context.Context, roleName string, options ...RequestOption) (*Response[schema.AppRoleReadBoundCidrListResponse], error)

AppRoleReadBoundCidrList roleName: Name of the role. Must be less than 4096 bytes.

func (*Auth) AppRoleReadLocalSecretIds added in v0.3.0 

func (a *Auth) AppRoleReadLocalSecretIds(ctx context.Context, roleName string, options ...RequestOption) (*Response[schema.AppRoleReadLocalSecretIdsResponse], error)

AppRoleReadLocalSecretIds roleName: Name of the role. Must be less than 4096 bytes.

func (*Auth) AppRoleReadPeriod 

func (a *Auth) AppRoleReadPeriod(ctx context.Context, roleName string, options ...RequestOption) (*Response[schema.AppRoleReadPeriodResponse], error)

AppRoleReadPeriod roleName: Name of the role. Must be less than 4096 bytes.

func (*Auth) AppRoleReadPolicies 

func (a *Auth) AppRoleReadPolicies(ctx context.Context, roleName string, options ...RequestOption) (*Response[schema.AppRoleReadPoliciesResponse], error)

AppRoleReadPolicies roleName: Name of the role. Must be less than 4096 bytes.

func (*Auth) AppRoleReadRole 

func (a *Auth) AppRoleReadRole(ctx context.Context, roleName string, options ...RequestOption) (*Response[schema.AppRoleReadRoleResponse], error)

AppRoleReadRole roleName: Name of the role. Must be less than 4096 bytes.

func (*Auth) AppRoleReadRoleId added in v0.3.0 

func (a *Auth) AppRoleReadRoleId(ctx context.Context, roleName string, options ...RequestOption) (*Response[schema.AppRoleReadRoleIdResponse], error)

AppRoleReadRoleId roleName: Name of the role. Must be less than 4096 bytes.

func (*Auth) AppRoleReadSecretIdBoundCidrs added in v0.3.0 

func (a *Auth) AppRoleReadSecretIdBoundCidrs(ctx context.Context, roleName string, options ...RequestOption) (*Response[schema.AppRoleReadSecretIdBoundCidrsResponse], error)

AppRoleReadSecretIdBoundCidrs roleName: Name of the role. Must be less than 4096 bytes.

func (*Auth) AppRoleReadSecretIdNumUses added in v0.3.0 

func (a *Auth) AppRoleReadSecretIdNumUses(ctx context.Context, roleName string, options ...RequestOption) (*Response[schema.AppRoleReadSecretIdNumUsesResponse], error)

AppRoleReadSecretIdNumUses roleName: Name of the role. Must be less than 4096 bytes.

func (*Auth) AppRoleReadSecretIdTtl added in v0.3.0 

func (a *Auth) AppRoleReadSecretIdTtl(ctx context.Context, roleName string, options ...RequestOption) (*Response[schema.AppRoleReadSecretIdTtlResponse], error)

AppRoleReadSecretIdTtl roleName: Name of the role. Must be less than 4096 bytes.

func (*Auth) AppRoleReadTokenBoundCidrs added in v0.3.0 

func (a *Auth) AppRoleReadTokenBoundCidrs(ctx context.Context, roleName string, options ...RequestOption) (*Response[schema.AppRoleReadTokenBoundCidrsResponse], error)

AppRoleReadTokenBoundCidrs roleName: Name of the role. Must be less than 4096 bytes.

func (*Auth) AppRoleReadTokenMaxTtl added in v0.3.0 

func (a *Auth) AppRoleReadTokenMaxTtl(ctx context.Context, roleName string, options ...RequestOption) (*Response[schema.AppRoleReadTokenMaxTtlResponse], error)

AppRoleReadTokenMaxTtl roleName: Name of the role. Must be less than 4096 bytes.

func (*Auth) AppRoleReadTokenNumUses 

func (a *Auth) AppRoleReadTokenNumUses(ctx context.Context, roleName string, options ...RequestOption) (*Response[schema.AppRoleReadTokenNumUsesResponse], error)

AppRoleReadTokenNumUses roleName: Name of the role. Must be less than 4096 bytes.

func (*Auth) AppRoleReadTokenTtl added in v0.3.0 

func (a *Auth) AppRoleReadTokenTtl(ctx context.Context, roleName string, options ...RequestOption) (*Response[schema.AppRoleReadTokenTtlResponse], error)

AppRoleReadTokenTtl roleName: Name of the role. Must be less than 4096 bytes.

func (*Auth) AppRoleTidySecretId added in v0.3.0 

func (a *Auth) AppRoleTidySecretId(ctx context.Context, options ...RequestOption) (*Response[map[string]interface{}], error)

AppRoleTidySecretId

func (*Auth) AppRoleWriteBindSecretId added in v0.3.0 

func (a *Auth) AppRoleWriteBindSecretId(ctx context.Context, roleName string, request schema.AppRoleWriteBindSecretIdRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

AppRoleWriteBindSecretId roleName: Name of the role. Must be less than 4096 bytes.

func (*Auth) AppRoleWriteBoundCidrList added in v0.3.0 

func (a *Auth) AppRoleWriteBoundCidrList(ctx context.Context, roleName string, request schema.AppRoleWriteBoundCidrListRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

AppRoleWriteBoundCidrList roleName: Name of the role. Must be less than 4096 bytes.

func (*Auth) AppRoleWriteCustomSecretId added in v0.3.0 

func (a *Auth) AppRoleWriteCustomSecretId(ctx context.Context, roleName string, request schema.AppRoleWriteCustomSecretIdRequest, options ...RequestOption) (*Response[schema.AppRoleWriteCustomSecretIdResponse], error)

AppRoleWriteCustomSecretId roleName: Name of the role. Must be less than 4096 bytes.

func (*Auth) AppRoleWritePeriod 

func (a *Auth) AppRoleWritePeriod(ctx context.Context, roleName string, request schema.AppRoleWritePeriodRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

AppRoleWritePeriod roleName: Name of the role. Must be less than 4096 bytes.

func (*Auth) AppRoleWritePolicies 

func (a *Auth) AppRoleWritePolicies(ctx context.Context, roleName string, request schema.AppRoleWritePoliciesRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

AppRoleWritePolicies roleName: Name of the role. Must be less than 4096 bytes.

func (*Auth) AppRoleWriteRole 

func (a *Auth) AppRoleWriteRole(ctx context.Context, roleName string, request schema.AppRoleWriteRoleRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

AppRoleWriteRole roleName: Name of the role. Must be less than 4096 bytes.

func (*Auth) AppRoleWriteRoleId added in v0.3.0 

func (a *Auth) AppRoleWriteRoleId(ctx context.Context, roleName string, request schema.AppRoleWriteRoleIdRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

AppRoleWriteRoleId roleName: Name of the role. Must be less than 4096 bytes.

func (*Auth) AppRoleWriteSecretId added in v0.3.0 

func (a *Auth) AppRoleWriteSecretId(ctx context.Context, roleName string, request schema.AppRoleWriteSecretIdRequest, options ...RequestOption) (*Response[schema.AppRoleWriteSecretIdResponse], error)

AppRoleWriteSecretId roleName: Name of the role. Must be less than 4096 bytes.

func (*Auth) AppRoleWriteSecretIdBoundCidrs added in v0.3.0 

func (a *Auth) AppRoleWriteSecretIdBoundCidrs(ctx context.Context, roleName string, request schema.AppRoleWriteSecretIdBoundCidrsRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

AppRoleWriteSecretIdBoundCidrs roleName: Name of the role. Must be less than 4096 bytes.

func (*Auth) AppRoleWriteSecretIdNumUses added in v0.3.0 

func (a *Auth) AppRoleWriteSecretIdNumUses(ctx context.Context, roleName string, request schema.AppRoleWriteSecretIdNumUsesRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

AppRoleWriteSecretIdNumUses roleName: Name of the role. Must be less than 4096 bytes.

func (*Auth) AppRoleWriteSecretIdTtl added in v0.3.0 

func (a *Auth) AppRoleWriteSecretIdTtl(ctx context.Context, roleName string, request schema.AppRoleWriteSecretIdTtlRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

AppRoleWriteSecretIdTtl roleName: Name of the role. Must be less than 4096 bytes.

func (*Auth) AppRoleWriteTokenBoundCidrs added in v0.3.0 

func (a *Auth) AppRoleWriteTokenBoundCidrs(ctx context.Context, roleName string, request schema.AppRoleWriteTokenBoundCidrsRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

AppRoleWriteTokenBoundCidrs roleName: Name of the role. Must be less than 4096 bytes.

func (*Auth) AppRoleWriteTokenMaxTtl added in v0.3.0 

func (a *Auth) AppRoleWriteTokenMaxTtl(ctx context.Context, roleName string, request schema.AppRoleWriteTokenMaxTtlRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

AppRoleWriteTokenMaxTtl roleName: Name of the role. Must be less than 4096 bytes.

func (*Auth) AppRoleWriteTokenNumUses 

func (a *Auth) AppRoleWriteTokenNumUses(ctx context.Context, roleName string, request schema.AppRoleWriteTokenNumUsesRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

AppRoleWriteTokenNumUses roleName: Name of the role. Must be less than 4096 bytes.

func (*Auth) AppRoleWriteTokenTtl added in v0.3.0 

func (a *Auth) AppRoleWriteTokenTtl(ctx context.Context, roleName string, request schema.AppRoleWriteTokenTtlRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

AppRoleWriteTokenTtl roleName: Name of the role. Must be less than 4096 bytes.

func (*Auth) AwsConfigureCertificate added in v0.3.0 

func (a *Auth) AwsConfigureCertificate(ctx context.Context, certName string, request schema.AwsConfigureCertificateRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

AwsConfigureCertificate certName: Name of the certificate.

func (*Auth) AwsConfigureClient added in v0.3.0 

func (a *Auth) AwsConfigureClient(ctx context.Context, request schema.AwsConfigureClientRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

AwsConfigureClient

func (*Auth) AwsConfigureIdentityAccessListTidyOperation added in v0.3.0 

func (a *Auth) AwsConfigureIdentityAccessListTidyOperation(ctx context.Context, request schema.AwsConfigureIdentityAccessListTidyOperationRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

AwsConfigureIdentityAccessListTidyOperation

func (*Auth) AwsConfigureIdentityIntegration added in v0.3.0 

func (a *Auth) AwsConfigureIdentityIntegration(ctx context.Context, request schema.AwsConfigureIdentityIntegrationRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

AwsConfigureIdentityIntegration

func (*Auth) AwsConfigureIdentityWhitelistTidyOperation added in v0.3.0 

func (a *Auth) AwsConfigureIdentityWhitelistTidyOperation(ctx context.Context, request schema.AwsConfigureIdentityWhitelistTidyOperationRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

AwsConfigureIdentityWhitelistTidyOperation

func (*Auth) AwsConfigureRoleTagBlacklistTidyOperation added in v0.3.0 

func (a *Auth) AwsConfigureRoleTagBlacklistTidyOperation(ctx context.Context, request schema.AwsConfigureRoleTagBlacklistTidyOperationRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

AwsConfigureRoleTagBlacklistTidyOperation

func (*Auth) AwsConfigureRoleTagDenyListTidyOperation added in v0.3.0 

func (a *Auth) AwsConfigureRoleTagDenyListTidyOperation(ctx context.Context, request schema.AwsConfigureRoleTagDenyListTidyOperationRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

AwsConfigureRoleTagDenyListTidyOperation

func (*Auth) AwsDeleteAuthRole added in v0.3.0 

func (a *Auth) AwsDeleteAuthRole(ctx context.Context, role string, options ...RequestOption) (*Response[map[string]interface{}], error)

AwsDeleteAuthRole role: Name of the role.

func (*Auth) AwsDeleteCertificateConfiguration added in v0.3.0 

func (a *Auth) AwsDeleteCertificateConfiguration(ctx context.Context, certName string, options ...RequestOption) (*Response[map[string]interface{}], error)

AwsDeleteCertificateConfiguration certName: Name of the certificate.

func (*Auth) AwsDeleteClientConfiguration added in v0.3.0 

func (a *Auth) AwsDeleteClientConfiguration(ctx context.Context, options ...RequestOption) (*Response[map[string]interface{}], error)

AwsDeleteClientConfiguration

func (*Auth) AwsDeleteIdentityAccessList added in v0.3.0 

func (a *Auth) AwsDeleteIdentityAccessList(ctx context.Context, instanceId string, options ...RequestOption) (*Response[map[string]interface{}], error)

AwsDeleteIdentityAccessList instanceId: EC2 instance ID. A successful login operation from an EC2 instance gets cached in this accesslist, keyed off of instance ID.

func (*Auth) AwsDeleteIdentityAccessListTidySettings added in v0.3.0 

func (a *Auth) AwsDeleteIdentityAccessListTidySettings(ctx context.Context, options ...RequestOption) (*Response[map[string]interface{}], error)

AwsDeleteIdentityAccessListTidySettings

func (*Auth) AwsDeleteIdentityWhitelist added in v0.3.0 

func (a *Auth) AwsDeleteIdentityWhitelist(ctx context.Context, instanceId string, options ...RequestOption) (*Response[map[string]interface{}], error)

AwsDeleteIdentityWhitelist instanceId: EC2 instance ID. A successful login operation from an EC2 instance gets cached in this accesslist, keyed off of instance ID.

func (*Auth) AwsDeleteIdentityWhitelistTidySettings added in v0.3.0 

func (a *Auth) AwsDeleteIdentityWhitelistTidySettings(ctx context.Context, options ...RequestOption) (*Response[map[string]interface{}], error)

AwsDeleteIdentityWhitelistTidySettings

func (*Auth) AwsDeleteRoleTagBlacklist added in v0.3.0 

func (a *Auth) AwsDeleteRoleTagBlacklist(ctx context.Context, roleTag string, options ...RequestOption) (*Response[map[string]interface{}], error)

AwsDeleteRoleTagBlacklist roleTag: Role tag to be deny listed. The tag can be supplied as-is. In order to avoid any encoding problems, it can be base64 encoded.

func (*Auth) AwsDeleteRoleTagBlacklistTidySettings added in v0.3.0 

func (a *Auth) AwsDeleteRoleTagBlacklistTidySettings(ctx context.Context, options ...RequestOption) (*Response[map[string]interface{}], error)

AwsDeleteRoleTagBlacklistTidySettings

func (*Auth) AwsDeleteRoleTagDenyList added in v0.3.0 

func (a *Auth) AwsDeleteRoleTagDenyList(ctx context.Context, roleTag string, options ...RequestOption) (*Response[map[string]interface{}], error)

AwsDeleteRoleTagDenyList roleTag: Role tag to be deny listed. The tag can be supplied as-is. In order to avoid any encoding problems, it can be base64 encoded.

func (*Auth) AwsDeleteRoleTagDenyListTidySettings added in v0.3.0 

func (a *Auth) AwsDeleteRoleTagDenyListTidySettings(ctx context.Context, options ...RequestOption) (*Response[map[string]interface{}], error)

AwsDeleteRoleTagDenyListTidySettings

func (*Auth) AwsDeleteStsRole added in v0.3.0 

func (a *Auth) AwsDeleteStsRole(ctx context.Context, accountId string, options ...RequestOption) (*Response[map[string]interface{}], error)

AwsDeleteStsRole accountId: AWS account ID to be associated with STS role. If set, Vault will use assumed credentials to verify any login attempts from EC2 instances in this account.

func (*Auth) AwsListAuthRoles added in v0.3.0 

func (a *Auth) AwsListAuthRoles(ctx context.Context, options ...RequestOption) (*Response[schema.StandardListResponse], error)

AwsListAuthRoles

func (*Auth) AwsListCertificateConfigurations added in v0.3.0 

func (a *Auth) AwsListCertificateConfigurations(ctx context.Context, options ...RequestOption) (*Response[schema.StandardListResponse], error)

AwsListCertificateConfigurations

func (*Auth) AwsListIdentityAccessList added in v0.3.0 

func (a *Auth) AwsListIdentityAccessList(ctx context.Context, options ...RequestOption) (*Response[schema.StandardListResponse], error)

AwsListIdentityAccessList

func (*Auth) AwsListIdentityWhitelist added in v0.3.0 

func (a *Auth) AwsListIdentityWhitelist(ctx context.Context, options ...RequestOption) (*Response[schema.StandardListResponse], error)

AwsListIdentityWhitelist

func (*Auth) AwsListRoleTagBlacklists added in v0.3.0 

func (a *Auth) AwsListRoleTagBlacklists(ctx context.Context, options ...RequestOption) (*Response[schema.StandardListResponse], error)

AwsListRoleTagBlacklists

func (*Auth) AwsListRoleTagDenyLists added in v0.3.0 

func (a *Auth) AwsListRoleTagDenyLists(ctx context.Context, options ...RequestOption) (*Response[schema.StandardListResponse], error)

AwsListRoleTagDenyLists

func (*Auth) AwsListStsRoleRelationships added in v0.3.0 

func (a *Auth) AwsListStsRoleRelationships(ctx context.Context, options ...RequestOption) (*Response[schema.StandardListResponse], error)

AwsListStsRoleRelationships

func (*Auth) AwsLogin added in v0.3.0 

func (a *Auth) AwsLogin(ctx context.Context, request schema.AwsLoginRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

AwsLogin

func (*Auth) AwsReadAuthRole added in v0.3.0 

func (a *Auth) AwsReadAuthRole(ctx context.Context, role string, options ...RequestOption) (*Response[map[string]interface{}], error)

AwsReadAuthRole role: Name of the role.

func (*Auth) AwsReadCertificateConfiguration added in v0.3.0 

func (a *Auth) AwsReadCertificateConfiguration(ctx context.Context, certName string, options ...RequestOption) (*Response[map[string]interface{}], error)

AwsReadCertificateConfiguration certName: Name of the certificate.

func (*Auth) AwsReadClientConfiguration added in v0.3.0 

func (a *Auth) AwsReadClientConfiguration(ctx context.Context, options ...RequestOption) (*Response[map[string]interface{}], error)

AwsReadClientConfiguration

func (*Auth) AwsReadIdentityAccessList added in v0.3.0 

func (a *Auth) AwsReadIdentityAccessList(ctx context.Context, instanceId string, options ...RequestOption) (*Response[map[string]interface{}], error)

AwsReadIdentityAccessList instanceId: EC2 instance ID. A successful login operation from an EC2 instance gets cached in this accesslist, keyed off of instance ID.

func (*Auth) AwsReadIdentityAccessListTidySettings added in v0.3.0 

func (a *Auth) AwsReadIdentityAccessListTidySettings(ctx context.Context, options ...RequestOption) (*Response[map[string]interface{}], error)

AwsReadIdentityAccessListTidySettings

func (*Auth) AwsReadIdentityIntegrationConfiguration added in v0.3.0 

func (a *Auth) AwsReadIdentityIntegrationConfiguration(ctx context.Context, options ...RequestOption) (*Response[map[string]interface{}], error)

AwsReadIdentityIntegrationConfiguration

func (*Auth) AwsReadIdentityWhitelist added in v0.3.0 

func (a *Auth) AwsReadIdentityWhitelist(ctx context.Context, instanceId string, options ...RequestOption) (*Response[map[string]interface{}], error)

AwsReadIdentityWhitelist instanceId: EC2 instance ID. A successful login operation from an EC2 instance gets cached in this accesslist, keyed off of instance ID.

func (*Auth) AwsReadIdentityWhitelistTidySettings added in v0.3.0 

func (a *Auth) AwsReadIdentityWhitelistTidySettings(ctx context.Context, options ...RequestOption) (*Response[map[string]interface{}], error)

AwsReadIdentityWhitelistTidySettings

func (*Auth) AwsReadRoleTagBlacklist added in v0.3.0 

func (a *Auth) AwsReadRoleTagBlacklist(ctx context.Context, roleTag string, options ...RequestOption) (*Response[map[string]interface{}], error)

AwsReadRoleTagBlacklist roleTag: Role tag to be deny listed. The tag can be supplied as-is. In order to avoid any encoding problems, it can be base64 encoded.

func (*Auth) AwsReadRoleTagBlacklistTidySettings added in v0.3.0 

func (a *Auth) AwsReadRoleTagBlacklistTidySettings(ctx context.Context, options ...RequestOption) (*Response[map[string]interface{}], error)

AwsReadRoleTagBlacklistTidySettings

func (*Auth) AwsReadRoleTagDenyList added in v0.3.0 

func (a *Auth) AwsReadRoleTagDenyList(ctx context.Context, roleTag string, options ...RequestOption) (*Response[map[string]interface{}], error)

AwsReadRoleTagDenyList roleTag: Role tag to be deny listed. The tag can be supplied as-is. In order to avoid any encoding problems, it can be base64 encoded.

func (*Auth) AwsReadRoleTagDenyListTidySettings added in v0.3.0 

func (a *Auth) AwsReadRoleTagDenyListTidySettings(ctx context.Context, options ...RequestOption) (*Response[map[string]interface{}], error)

AwsReadRoleTagDenyListTidySettings

func (*Auth) AwsReadStsRole added in v0.3.0 

func (a *Auth) AwsReadStsRole(ctx context.Context, accountId string, options ...RequestOption) (*Response[map[string]interface{}], error)

AwsReadStsRole accountId: AWS account ID to be associated with STS role. If set, Vault will use assumed credentials to verify any login attempts from EC2 instances in this account.

func (*Auth) AwsRotateRootCredentials added in v0.3.0 

func (a *Auth) AwsRotateRootCredentials(ctx context.Context, options ...RequestOption) (*Response[map[string]interface{}], error)

AwsRotateRootCredentials

func (*Auth) AwsTidyIdentityAccessList added in v0.3.0 

func (a *Auth) AwsTidyIdentityAccessList(ctx context.Context, request schema.AwsTidyIdentityAccessListRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

AwsTidyIdentityAccessList

func (*Auth) AwsTidyIdentityWhitelist added in v0.3.0 

func (a *Auth) AwsTidyIdentityWhitelist(ctx context.Context, request schema.AwsTidyIdentityWhitelistRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

AwsTidyIdentityWhitelist

func (*Auth) AwsTidyRoleTagBlacklist added in v0.3.0 

func (a *Auth) AwsTidyRoleTagBlacklist(ctx context.Context, request schema.AwsTidyRoleTagBlacklistRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

AwsTidyRoleTagBlacklist

func (*Auth) AwsTidyRoleTagDenyList added in v0.3.0 

func (a *Auth) AwsTidyRoleTagDenyList(ctx context.Context, request schema.AwsTidyRoleTagDenyListRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

AwsTidyRoleTagDenyList

func (*Auth) AwsWriteAuthRole added in v0.3.0 

func (a *Auth) AwsWriteAuthRole(ctx context.Context, role string, request schema.AwsWriteAuthRoleRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

AwsWriteAuthRole role: Name of the role.

func (*Auth) AwsWriteRoleTag added in v0.3.0 

func (a *Auth) AwsWriteRoleTag(ctx context.Context, role string, request schema.AwsWriteRoleTagRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

AwsWriteRoleTag role: Name of the role.

func (*Auth) AwsWriteRoleTagBlacklist added in v0.3.0 

func (a *Auth) AwsWriteRoleTagBlacklist(ctx context.Context, roleTag string, options ...RequestOption) (*Response[map[string]interface{}], error)

AwsWriteRoleTagBlacklist roleTag: Role tag to be deny listed. The tag can be supplied as-is. In order to avoid any encoding problems, it can be base64 encoded.

func (*Auth) AwsWriteRoleTagDenyList added in v0.3.0 

func (a *Auth) AwsWriteRoleTagDenyList(ctx context.Context, roleTag string, options ...RequestOption) (*Response[map[string]interface{}], error)

AwsWriteRoleTagDenyList roleTag: Role tag to be deny listed. The tag can be supplied as-is. In order to avoid any encoding problems, it can be base64 encoded.

func (*Auth) AwsWriteStsRole added in v0.3.0 

func (a *Auth) AwsWriteStsRole(ctx context.Context, accountId string, request schema.AwsWriteStsRoleRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

AwsWriteStsRole accountId: AWS account ID to be associated with STS role. If set, Vault will use assumed credentials to verify any login attempts from EC2 instances in this account.

func (*Auth) AzureConfigureAuth added in v0.3.0 

func (a *Auth) AzureConfigureAuth(ctx context.Context, request schema.AzureConfigureAuthRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

AzureConfigureAuth

func (*Auth) AzureDeleteAuthConfiguration added in v0.3.0 

func (a *Auth) AzureDeleteAuthConfiguration(ctx context.Context, options ...RequestOption) (*Response[map[string]interface{}], error)

AzureDeleteAuthConfiguration

func (*Auth) AzureDeleteAuthRole 

func (a *Auth) AzureDeleteAuthRole(ctx context.Context, name string, options ...RequestOption) (*Response[map[string]interface{}], error)

AzureDeleteAuthRole name: Name of the role.

func (*Auth) AzureListAuthRoles 

func (a *Auth) AzureListAuthRoles(ctx context.Context, options ...RequestOption) (*Response[schema.StandardListResponse], error)

AzureListAuthRoles

func (*Auth) AzureLogin 

func (a *Auth) AzureLogin(ctx context.Context, request schema.AzureLoginRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

AzureLogin

func (*Auth) AzureReadAuthConfiguration added in v0.3.0 

func (a *Auth) AzureReadAuthConfiguration(ctx context.Context, options ...RequestOption) (*Response[map[string]interface{}], error)

AzureReadAuthConfiguration

func (*Auth) AzureReadAuthRole 

func (a *Auth) AzureReadAuthRole(ctx context.Context, name string, options ...RequestOption) (*Response[map[string]interface{}], error)

AzureReadAuthRole name: Name of the role.

func (*Auth) AzureRotateRootCredentials added in v0.3.0 

func (a *Auth) AzureRotateRootCredentials(ctx context.Context, options ...RequestOption) (*Response[map[string]interface{}], error)

AzureRotateRootCredentials

func (*Auth) AzureWriteAuthRole 

func (a *Auth) AzureWriteAuthRole(ctx context.Context, name string, request schema.AzureWriteAuthRoleRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

AzureWriteAuthRole name: Name of the role.

func (*Auth) CentrifyConfigure added in v0.3.0 

func (a *Auth) CentrifyConfigure(ctx context.Context, request schema.CentrifyConfigureRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

CentrifyConfigure

func (*Auth) CentrifyLogin 

func (a *Auth) CentrifyLogin(ctx context.Context, request schema.CentrifyLoginRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

CentrifyLogin Log in with a username and password.

func (*Auth) CentrifyReadConfiguration added in v0.3.0 

func (a *Auth) CentrifyReadConfiguration(ctx context.Context, options ...RequestOption) (*Response[map[string]interface{}], error)

CentrifyReadConfiguration

func (*Auth) CertConfigure added in v0.3.0 

func (a *Auth) CertConfigure(ctx context.Context, request schema.CertConfigureRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

CertConfigure

func (*Auth) CertDeleteCertificate added in v0.3.0 

func (a *Auth) CertDeleteCertificate(ctx context.Context, name string, options ...RequestOption) (*Response[map[string]interface{}], error)

CertDeleteCertificate Manage trusted certificates used for authentication. name: The name of the certificate

func (*Auth) CertDeleteCrl added in v0.3.0 

func (a *Auth) CertDeleteCrl(ctx context.Context, name string, options ...RequestOption) (*Response[map[string]interface{}], error)

CertDeleteCrl Manage Certificate Revocation Lists checked during authentication. name: The name of the certificate

func (*Auth) CertListCertificates added in v0.3.0 

func (a *Auth) CertListCertificates(ctx context.Context, options ...RequestOption) (*Response[schema.StandardListResponse], error)

CertListCertificates Manage trusted certificates used for authentication.

func (*Auth) CertListCrls added in v0.3.0 

func (a *Auth) CertListCrls(ctx context.Context, options ...RequestOption) (*Response[schema.StandardListResponse], error)

CertListCrls

func (*Auth) CertLogin added in v0.3.0 

func (a *Auth) CertLogin(ctx context.Context, request schema.CertLoginRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

CertLogin

func (*Auth) CertReadCertificate added in v0.3.0 

func (a *Auth) CertReadCertificate(ctx context.Context, name string, options ...RequestOption) (*Response[map[string]interface{}], error)

CertReadCertificate Manage trusted certificates used for authentication. name: The name of the certificate

func (*Auth) CertReadConfiguration added in v0.3.0 

func (a *Auth) CertReadConfiguration(ctx context.Context, options ...RequestOption) (*Response[map[string]interface{}], error)

CertReadConfiguration

func (*Auth) CertReadCrl added in v0.3.0 

func (a *Auth) CertReadCrl(ctx context.Context, name string, options ...RequestOption) (*Response[map[string]interface{}], error)

CertReadCrl Manage Certificate Revocation Lists checked during authentication. name: The name of the certificate

func (*Auth) CertWriteCertificate added in v0.3.0 

func (a *Auth) CertWriteCertificate(ctx context.Context, name string, request schema.CertWriteCertificateRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

CertWriteCertificate Manage trusted certificates used for authentication. name: The name of the certificate

func (*Auth) CertWriteCrl added in v0.3.0 

func (a *Auth) CertWriteCrl(ctx context.Context, name string, request schema.CertWriteCrlRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

CertWriteCrl Manage Certificate Revocation Lists checked during authentication. name: The name of the certificate

func (*Auth) CloudFoundryConfigure added in v0.3.0 

func (a *Auth) CloudFoundryConfigure(ctx context.Context, request schema.CloudFoundryConfigureRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

CloudFoundryConfigure

func (*Auth) CloudFoundryDeleteConfiguration added in v0.3.0 

func (a *Auth) CloudFoundryDeleteConfiguration(ctx context.Context, options ...RequestOption) (*Response[map[string]interface{}], error)

CloudFoundryDeleteConfiguration

func (*Auth) CloudFoundryDeleteRole 

func (a *Auth) CloudFoundryDeleteRole(ctx context.Context, role string, options ...RequestOption) (*Response[map[string]interface{}], error)

CloudFoundryDeleteRole role: The name of the role.

func (*Auth) CloudFoundryListRoles 

func (a *Auth) CloudFoundryListRoles(ctx context.Context, options ...RequestOption) (*Response[schema.StandardListResponse], error)

CloudFoundryListRoles

func (*Auth) CloudFoundryLogin 

func (a *Auth) CloudFoundryLogin(ctx context.Context, request schema.CloudFoundryLoginRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

CloudFoundryLogin

func (*Auth) CloudFoundryReadConfiguration added in v0.3.0 

func (a *Auth) CloudFoundryReadConfiguration(ctx context.Context, options ...RequestOption) (*Response[map[string]interface{}], error)

CloudFoundryReadConfiguration

func (*Auth) CloudFoundryReadRole 

func (a *Auth) CloudFoundryReadRole(ctx context.Context, role string, options ...RequestOption) (*Response[map[string]interface{}], error)

CloudFoundryReadRole role: The name of the role.

func (*Auth) CloudFoundryWriteRole 

func (a *Auth) CloudFoundryWriteRole(ctx context.Context, role string, request schema.CloudFoundryWriteRoleRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

CloudFoundryWriteRole role: The name of the role.

func (*Auth) GithubConfigure added in v0.3.0 

func (a *Auth) GithubConfigure(ctx context.Context, request schema.GithubConfigureRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

GithubConfigure

func (*Auth) GithubDeleteTeamMapping added in v0.3.0 

func (a *Auth) GithubDeleteTeamMapping(ctx context.Context, key string, options ...RequestOption) (*Response[map[string]interface{}], error)

GithubDeleteTeamMapping Read/write/delete a single teams mapping key: Key for the teams mapping

func (*Auth) GithubDeleteUserMapping added in v0.3.0 

func (a *Auth) GithubDeleteUserMapping(ctx context.Context, key string, options ...RequestOption) (*Response[map[string]interface{}], error)

GithubDeleteUserMapping Read/write/delete a single users mapping key: Key for the users mapping

func (*Auth) GithubListTeams added in v0.4.0 

func (a *Auth) GithubListTeams(ctx context.Context, options ...RequestOption) (*Response[schema.StandardListResponse], error)

GithubListTeams Read mappings for teams

func (*Auth) GithubListUsers added in v0.4.0 

func (a *Auth) GithubListUsers(ctx context.Context, options ...RequestOption) (*Response[schema.StandardListResponse], error)

GithubListUsers Read mappings for users

func (*Auth) GithubLogin added in v0.3.0 

func (a *Auth) GithubLogin(ctx context.Context, request schema.GithubLoginRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

GithubLogin

func (*Auth) GithubReadConfiguration added in v0.3.0 

func (a *Auth) GithubReadConfiguration(ctx context.Context, options ...RequestOption) (*Response[map[string]interface{}], error)

GithubReadConfiguration

func (*Auth) GithubReadTeamMapping added in v0.3.0 

func (a *Auth) GithubReadTeamMapping(ctx context.Context, key string, options ...RequestOption) (*Response[map[string]interface{}], error)

GithubReadTeamMapping Read/write/delete a single teams mapping key: Key for the teams mapping

func (*Auth) GithubReadUserMapping added in v0.3.0 

func (a *Auth) GithubReadUserMapping(ctx context.Context, key string, options ...RequestOption) (*Response[map[string]interface{}], error)

GithubReadUserMapping Read/write/delete a single users mapping key: Key for the users mapping

func (*Auth) GithubWriteTeamMapping added in v0.3.0 

func (a *Auth) GithubWriteTeamMapping(ctx context.Context, key string, request schema.GithubWriteTeamMappingRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

GithubWriteTeamMapping Read/write/delete a single teams mapping key: Key for the teams mapping

func (*Auth) GithubWriteUserMapping added in v0.3.0 

func (a *Auth) GithubWriteUserMapping(ctx context.Context, key string, request schema.GithubWriteUserMappingRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

GithubWriteUserMapping Read/write/delete a single users mapping key: Key for the users mapping

func (*Auth) GoogleCloudConfigureAuth added in v0.3.0 

func (a *Auth) GoogleCloudConfigureAuth(ctx context.Context, request schema.GoogleCloudConfigureAuthRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

GoogleCloudConfigureAuth

func (*Auth) GoogleCloudDeleteRole 

func (a *Auth) GoogleCloudDeleteRole(ctx context.Context, name string, options ...RequestOption) (*Response[map[string]interface{}], error)

GoogleCloudDeleteRole Create a GCP role with associated policies and required attributes. name: Name of the role.

func (*Auth) GoogleCloudEditLabelsForRole added in v0.3.0 

func (a *Auth) GoogleCloudEditLabelsForRole(ctx context.Context, name string, request schema.GoogleCloudEditLabelsForRoleRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

GoogleCloudEditLabelsForRole Add or remove labels for an existing 'gce' role name: Name of the role.

func (*Auth) GoogleCloudEditServiceAccountsForRole added in v0.3.0 

func (a *Auth) GoogleCloudEditServiceAccountsForRole(ctx context.Context, name string, request schema.GoogleCloudEditServiceAccountsForRoleRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

GoogleCloudEditServiceAccountsForRole Add or remove service accounts for an existing `iam` role name: Name of the role.

func (*Auth) GoogleCloudListRoles 

func (a *Auth) GoogleCloudListRoles(ctx context.Context, options ...RequestOption) (*Response[schema.StandardListResponse], error)

GoogleCloudListRoles Lists all the roles that are registered with Vault.

func (*Auth) GoogleCloudLogin 

func (a *Auth) GoogleCloudLogin(ctx context.Context, request schema.GoogleCloudLoginRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

GoogleCloudLogin

func (*Auth) GoogleCloudReadAuthConfiguration added in v0.3.0 

func (a *Auth) GoogleCloudReadAuthConfiguration(ctx context.Context, options ...RequestOption) (*Response[map[string]interface{}], error)

GoogleCloudReadAuthConfiguration

func (*Auth) GoogleCloudReadRole 

func (a *Auth) GoogleCloudReadRole(ctx context.Context, name string, options ...RequestOption) (*Response[map[string]interface{}], error)

GoogleCloudReadRole Create a GCP role with associated policies and required attributes. name: Name of the role.

func (*Auth) GoogleCloudWriteRole 

func (a *Auth) GoogleCloudWriteRole(ctx context.Context, name string, request schema.GoogleCloudWriteRoleRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

GoogleCloudWriteRole Create a GCP role with associated policies and required attributes. name: Name of the role.

func (*Auth) JwtConfigure added in v0.3.0 

func (a *Auth) JwtConfigure(ctx context.Context, request schema.JwtConfigureRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

JwtConfigure Configure the JWT authentication backend. The JWT authentication backend validates JWTs (or OIDC) using the configured credentials. If using OIDC Discovery, the URL must be provided, along with (optionally) the CA cert to use for the connection. If performing JWT validation locally, a set of public keys must be provided.

func (*Auth) JwtDeleteRole added in v0.3.0 

func (a *Auth) JwtDeleteRole(ctx context.Context, name string, options ...RequestOption) (*Response[map[string]interface{}], error)

JwtDeleteRole Delete an existing role. name: Name of the role.

func (*Auth) JwtListRoles added in v0.3.0 

func (a *Auth) JwtListRoles(ctx context.Context, options ...RequestOption) (*Response[schema.StandardListResponse], error)

JwtListRoles Lists all the roles registered with the backend. The list will contain the names of the roles.

func (*Auth) JwtLogin added in v0.3.0 

func (a *Auth) JwtLogin(ctx context.Context, request schema.JwtLoginRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

JwtLogin Authenticates to Vault using a JWT (or OIDC) token.

func (*Auth) JwtOidcCallback added in v0.3.0 

func (a *Auth) JwtOidcCallback(ctx context.Context, clientNonce string, code string, state string, options ...RequestOption) (*Response[map[string]interface{}], error)

JwtOidcCallback Callback endpoint to complete an OIDC login.

func (*Auth) JwtOidcCallbackFormPost added in v0.4.0 

func (a *Auth) JwtOidcCallbackFormPost(ctx context.Context, request schema.JwtOidcCallbackFormPostRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

JwtOidcCallbackFormPost Callback endpoint to handle form_posts.

func (*Auth) JwtOidcRequestAuthorizationUrl added in v0.3.0 

func (a *Auth) JwtOidcRequestAuthorizationUrl(ctx context.Context, request schema.JwtOidcRequestAuthorizationUrlRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

JwtOidcRequestAuthorizationUrl Request an authorization URL to start an OIDC login flow.

func (*Auth) JwtReadConfiguration added in v0.3.0 

func (a *Auth) JwtReadConfiguration(ctx context.Context, options ...RequestOption) (*Response[map[string]interface{}], error)

JwtReadConfiguration Read the current JWT authentication backend configuration.

func (*Auth) JwtReadRole added in v0.3.0 

func (a *Auth) JwtReadRole(ctx context.Context, name string, options ...RequestOption) (*Response[map[string]interface{}], error)

JwtReadRole Read an existing role. name: Name of the role.

func (*Auth) JwtWriteRole added in v0.3.0 

func (a *Auth) JwtWriteRole(ctx context.Context, name string, request schema.JwtWriteRoleRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

JwtWriteRole Register an role with the backend. A role is required to authenticate with this backend. The role binds JWT token information with token policies and settings. The bindings, token polices and token settings can all be configured using this endpoint name: Name of the role.

func (*Auth) KerberosConfigure added in v0.3.0 

func (a *Auth) KerberosConfigure(ctx context.Context, request schema.KerberosConfigureRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

KerberosConfigure

func (*Auth) KerberosConfigureLdap added in v0.3.0 

func (a *Auth) KerberosConfigureLdap(ctx context.Context, request schema.KerberosConfigureLdapRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

KerberosConfigureLdap

func (*Auth) KerberosDeleteGroup 

func (a *Auth) KerberosDeleteGroup(ctx context.Context, name string, options ...RequestOption) (*Response[map[string]interface{}], error)

KerberosDeleteGroup name: Name of the LDAP group.

func (*Auth) KerberosListGroups 

func (a *Auth) KerberosListGroups(ctx context.Context, options ...RequestOption) (*Response[schema.StandardListResponse], error)

KerberosListGroups

func (*Auth) KerberosLogin 

func (a *Auth) KerberosLogin(ctx context.Context, request schema.KerberosLoginRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

KerberosLogin

func (*Auth) KerberosReadConfiguration added in v0.3.0 

func (a *Auth) KerberosReadConfiguration(ctx context.Context, options ...RequestOption) (*Response[map[string]interface{}], error)

KerberosReadConfiguration

func (*Auth) KerberosReadGroup 

func (a *Auth) KerberosReadGroup(ctx context.Context, name string, options ...RequestOption) (*Response[map[string]interface{}], error)

KerberosReadGroup name: Name of the LDAP group.

func (*Auth) KerberosReadLdapConfiguration added in v0.3.0 

func (a *Auth) KerberosReadLdapConfiguration(ctx context.Context, options ...RequestOption) (*Response[map[string]interface{}], error)

KerberosReadLdapConfiguration

func (*Auth) KerberosWriteGroup 

func (a *Auth) KerberosWriteGroup(ctx context.Context, name string, request schema.KerberosWriteGroupRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

KerberosWriteGroup name: Name of the LDAP group.

func (*Auth) KubernetesConfigureAuth added in v0.3.0 

func (a *Auth) KubernetesConfigureAuth(ctx context.Context, request schema.KubernetesConfigureAuthRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

KubernetesConfigureAuth

func (*Auth) KubernetesDeleteAuthRole 

func (a *Auth) KubernetesDeleteAuthRole(ctx context.Context, name string, options ...RequestOption) (*Response[map[string]interface{}], error)

KubernetesDeleteAuthRole Register an role with the backend. name: Name of the role.

func (*Auth) KubernetesListAuthRoles 

func (a *Auth) KubernetesListAuthRoles(ctx context.Context, options ...RequestOption) (*Response[schema.StandardListResponse], error)

KubernetesListAuthRoles Lists all the roles registered with the backend.

func (*Auth) KubernetesLogin 

func (a *Auth) KubernetesLogin(ctx context.Context, request schema.KubernetesLoginRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

KubernetesLogin Authenticates Kubernetes service accounts with Vault.

func (*Auth) KubernetesReadAuthConfiguration added in v0.3.0 

func (a *Auth) KubernetesReadAuthConfiguration(ctx context.Context, options ...RequestOption) (*Response[map[string]interface{}], error)

KubernetesReadAuthConfiguration

func (*Auth) KubernetesReadAuthRole 

func (a *Auth) KubernetesReadAuthRole(ctx context.Context, name string, options ...RequestOption) (*Response[map[string]interface{}], error)

KubernetesReadAuthRole Register an role with the backend. name: Name of the role.

func (*Auth) KubernetesWriteAuthRole 

func (a *Auth) KubernetesWriteAuthRole(ctx context.Context, name string, request schema.KubernetesWriteAuthRoleRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

KubernetesWriteAuthRole Register an role with the backend. name: Name of the role.

func (*Auth) LdapConfigureAuth added in v0.3.0 

func (a *Auth) LdapConfigureAuth(ctx context.Context, request schema.LdapConfigureAuthRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

LdapConfigureAuth

func (*Auth) LdapDeleteGroup added in v0.3.0 

func (a *Auth) LdapDeleteGroup(ctx context.Context, name string, options ...RequestOption) (*Response[map[string]interface{}], error)

LdapDeleteGroup Manage additional groups for users allowed to authenticate. name: Name of the LDAP group.

func (*Auth) LdapDeleteUser added in v0.3.0 

func (a *Auth) LdapDeleteUser(ctx context.Context, name string, options ...RequestOption) (*Response[map[string]interface{}], error)

LdapDeleteUser Manage users allowed to authenticate. name: Name of the LDAP user.

func (*Auth) LdapListGroups added in v0.3.0 

func (a *Auth) LdapListGroups(ctx context.Context, options ...RequestOption) (*Response[schema.StandardListResponse], error)

LdapListGroups Manage additional groups for users allowed to authenticate.

func (*Auth) LdapListUsers added in v0.3.0 

func (a *Auth) LdapListUsers(ctx context.Context, options ...RequestOption) (*Response[schema.StandardListResponse], error)

LdapListUsers Manage users allowed to authenticate.

func (*Auth) LdapLogin added in v0.3.0 

func (a *Auth) LdapLogin(ctx context.Context, username string, request schema.LdapLoginRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

LdapLogin Log in with a username and password. username: DN (distinguished name) to be used for login.

func (*Auth) LdapReadAuthConfiguration added in v0.3.0 

func (a *Auth) LdapReadAuthConfiguration(ctx context.Context, options ...RequestOption) (*Response[map[string]interface{}], error)

LdapReadAuthConfiguration

func (*Auth) LdapReadGroup added in v0.3.0 

func (a *Auth) LdapReadGroup(ctx context.Context, name string, options ...RequestOption) (*Response[map[string]interface{}], error)

LdapReadGroup Manage additional groups for users allowed to authenticate. name: Name of the LDAP group.

func (*Auth) LdapReadUser added in v0.3.0 

func (a *Auth) LdapReadUser(ctx context.Context, name string, options ...RequestOption) (*Response[map[string]interface{}], error)

LdapReadUser Manage users allowed to authenticate. name: Name of the LDAP user.

func (*Auth) LdapWriteGroup added in v0.3.0 

func (a *Auth) LdapWriteGroup(ctx context.Context, name string, request schema.LdapWriteGroupRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

LdapWriteGroup Manage additional groups for users allowed to authenticate. name: Name of the LDAP group.

func (*Auth) LdapWriteUser added in v0.3.0 

func (a *Auth) LdapWriteUser(ctx context.Context, name string, request schema.LdapWriteUserRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

LdapWriteUser Manage users allowed to authenticate. name: Name of the LDAP user.

func (*Auth) OciConfigure added in v0.3.0 

func (a *Auth) OciConfigure(ctx context.Context, request schema.OciConfigureRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

OciConfigure

func (*Auth) OciDeleteConfiguration added in v0.3.0 

func (a *Auth) OciDeleteConfiguration(ctx context.Context, options ...RequestOption) (*Response[map[string]interface{}], error)

OciDeleteConfiguration

func (*Auth) OciDeleteRole added in v0.3.0 

func (a *Auth) OciDeleteRole(ctx context.Context, role string, options ...RequestOption) (*Response[map[string]interface{}], error)

OciDeleteRole Create a role and associate policies to it. role: Name of the role.

func (*Auth) OciListRoles added in v0.3.0 

func (a *Auth) OciListRoles(ctx context.Context, options ...RequestOption) (*Response[schema.StandardListResponse], error)

OciListRoles Lists all the roles that are registered with Vault.

func (*Auth) OciLogin added in v0.3.0 

func (a *Auth) OciLogin(ctx context.Context, role string, request schema.OciLoginRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

OciLogin Authenticates to Vault using OCI credentials role: Name of the role.

func (*Auth) OciReadConfiguration added in v0.3.0 

func (a *Auth) OciReadConfiguration(ctx context.Context, options ...RequestOption) (*Response[map[string]interface{}], error)

OciReadConfiguration

func (*Auth) OciReadRole added in v0.3.0 

func (a *Auth) OciReadRole(ctx context.Context, role string, options ...RequestOption) (*Response[map[string]interface{}], error)

OciReadRole Create a role and associate policies to it. role: Name of the role.

func (*Auth) OciWriteRole added in v0.3.0 

func (a *Auth) OciWriteRole(ctx context.Context, role string, request schema.OciWriteRoleRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

OciWriteRole Create a role and associate policies to it. role: Name of the role.

func (*Auth) OktaConfigure added in v0.3.0 

func (a *Auth) OktaConfigure(ctx context.Context, request schema.OktaConfigureRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

OktaConfigure

func (*Auth) OktaDeleteGroup 

func (a *Auth) OktaDeleteGroup(ctx context.Context, name string, options ...RequestOption) (*Response[map[string]interface{}], error)

OktaDeleteGroup Manage users allowed to authenticate. name: Name of the Okta group.

func (*Auth) OktaDeleteUser 

func (a *Auth) OktaDeleteUser(ctx context.Context, name string, options ...RequestOption) (*Response[map[string]interface{}], error)

OktaDeleteUser Manage additional groups for users allowed to authenticate. name: Name of the user.

func (*Auth) OktaListGroups 

func (a *Auth) OktaListGroups(ctx context.Context, options ...RequestOption) (*Response[schema.StandardListResponse], error)

OktaListGroups Manage users allowed to authenticate.

func (*Auth) OktaListUsers 

func (a *Auth) OktaListUsers(ctx context.Context, options ...RequestOption) (*Response[schema.StandardListResponse], error)

OktaListUsers Manage additional groups for users allowed to authenticate.

func (*Auth) OktaLogin 

func (a *Auth) OktaLogin(ctx context.Context, username string, request schema.OktaLoginRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

OktaLogin Log in with a username and password. username: Username to be used for login.

func (*Auth) OktaReadConfiguration added in v0.3.0 

func (a *Auth) OktaReadConfiguration(ctx context.Context, options ...RequestOption) (*Response[map[string]interface{}], error)

OktaReadConfiguration

func (*Auth) OktaReadGroup 

func (a *Auth) OktaReadGroup(ctx context.Context, name string, options ...RequestOption) (*Response[map[string]interface{}], error)

OktaReadGroup Manage users allowed to authenticate. name: Name of the Okta group.

func (*Auth) OktaReadUser 

func (a *Auth) OktaReadUser(ctx context.Context, name string, options ...RequestOption) (*Response[map[string]interface{}], error)

OktaReadUser Manage additional groups for users allowed to authenticate. name: Name of the user.

func (*Auth) OktaVerify 

func (a *Auth) OktaVerify(ctx context.Context, nonce string, options ...RequestOption) (*Response[map[string]interface{}], error)

OktaVerify nonce: Nonce provided during a login request to retrieve the number verification challenge for the matching request.

func (*Auth) OktaWriteGroup 

func (a *Auth) OktaWriteGroup(ctx context.Context, name string, request schema.OktaWriteGroupRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

OktaWriteGroup Manage users allowed to authenticate. name: Name of the Okta group.

func (*Auth) OktaWriteUser 

func (a *Auth) OktaWriteUser(ctx context.Context, name string, request schema.OktaWriteUserRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

OktaWriteUser Manage additional groups for users allowed to authenticate. name: Name of the user.

func (*Auth) RadiusConfigure added in v0.3.0 

func (a *Auth) RadiusConfigure(ctx context.Context, request schema.RadiusConfigureRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

RadiusConfigure

func (*Auth) RadiusDeleteUser 

func (a *Auth) RadiusDeleteUser(ctx context.Context, name string, options ...RequestOption) (*Response[map[string]interface{}], error)

RadiusDeleteUser Manage users allowed to authenticate. name: Name of the RADIUS user.

func (*Auth) RadiusListUsers 

func (a *Auth) RadiusListUsers(ctx context.Context, options ...RequestOption) (*Response[schema.StandardListResponse], error)

RadiusListUsers Manage users allowed to authenticate.

func (*Auth) RadiusLogin 

func (a *Auth) RadiusLogin(ctx context.Context, request schema.RadiusLoginRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

RadiusLogin Log in with a username and password.

func (*Auth) RadiusLoginWithUsername 

func (a *Auth) RadiusLoginWithUsername(ctx context.Context, urlusername string, request schema.RadiusLoginWithUsernameRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

RadiusLoginWithUsername Log in with a username and password. urlusername: Username to be used for login. (URL parameter)

func (*Auth) RadiusReadConfiguration added in v0.3.0 

func (a *Auth) RadiusReadConfiguration(ctx context.Context, options ...RequestOption) (*Response[map[string]interface{}], error)

RadiusReadConfiguration

func (*Auth) RadiusReadUser 

func (a *Auth) RadiusReadUser(ctx context.Context, name string, options ...RequestOption) (*Response[map[string]interface{}], error)

RadiusReadUser Manage users allowed to authenticate. name: Name of the RADIUS user.

func (*Auth) RadiusWriteUser 

func (a *Auth) RadiusWriteUser(ctx context.Context, name string, request schema.RadiusWriteUserRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

RadiusWriteUser Manage users allowed to authenticate. name: Name of the RADIUS user.

func (*Auth) TokenCreate added in v0.3.0 

func (a *Auth) TokenCreate(ctx context.Context, request schema.TokenCreateRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

TokenCreate The token create path is used to create new tokens.

func (*Auth) TokenCreateAgainstRole added in v0.3.0 

func (a *Auth) TokenCreateAgainstRole(ctx context.Context, roleName string, request schema.TokenCreateAgainstRoleRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

TokenCreateAgainstRole This token create path is used to create new tokens adhering to the given role. roleName: Name of the role

func (*Auth) TokenCreateOrphan added in v0.3.0 

func (a *Auth) TokenCreateOrphan(ctx context.Context, request schema.TokenCreateOrphanRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

TokenCreateOrphan The token create path is used to create new orphan tokens.

func (*Auth) TokenDeleteRole 

func (a *Auth) TokenDeleteRole(ctx context.Context, roleName string, options ...RequestOption) (*Response[map[string]interface{}], error)

TokenDeleteRole roleName: Name of the role

func (*Auth) TokenListAccessors 

func (a *Auth) TokenListAccessors(ctx context.Context, options ...RequestOption) (*Response[schema.StandardListResponse], error)

TokenListAccessors List token accessors, which can then be be used to iterate and discover their properties or revoke them. Because this can be used to cause a denial of service, this endpoint requires 'sudo' capability in addition to 'list'.

func (*Auth) TokenListRoles 

func (a *Auth) TokenListRoles(ctx context.Context, options ...RequestOption) (*Response[schema.StandardListResponse], error)

TokenListRoles This endpoint lists configured roles.

func (*Auth) TokenLookUp added in v0.3.0 

func (a *Auth) TokenLookUp(ctx context.Context, request schema.TokenLookUpRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

TokenLookUp

func (*Auth) TokenLookUpAccessor added in v0.3.0 

func (a *Auth) TokenLookUpAccessor(ctx context.Context, request schema.TokenLookUpAccessorRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

TokenLookUpAccessor This endpoint will lookup a token associated with the given accessor and its properties. Response will not contain the token ID.

func (*Auth) TokenLookUpSelf added in v0.3.0 

func (a *Auth) TokenLookUpSelf(ctx context.Context, options ...RequestOption) (*Response[map[string]interface{}], error)

TokenLookUpSelf

func (*Auth) TokenReadRole 

func (a *Auth) TokenReadRole(ctx context.Context, roleName string, options ...RequestOption) (*Response[map[string]interface{}], error)

TokenReadRole roleName: Name of the role

func (*Auth) TokenRenew 

func (a *Auth) TokenRenew(ctx context.Context, request schema.TokenRenewRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

TokenRenew This endpoint will renew the given token and prevent expiration.

func (*Auth) TokenRenewAccessor 

func (a *Auth) TokenRenewAccessor(ctx context.Context, request schema.TokenRenewAccessorRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

TokenRenewAccessor This endpoint will renew a token associated with the given accessor and its properties. Response will not contain the token ID.

func (*Auth) TokenRenewSelf 

func (a *Auth) TokenRenewSelf(ctx context.Context, request schema.TokenRenewSelfRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

TokenRenewSelf This endpoint will renew the token used to call it and prevent expiration.

func (*Auth) TokenRevoke 

func (a *Auth) TokenRevoke(ctx context.Context, request schema.TokenRevokeRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

TokenRevoke This endpoint will delete the given token and all of its child tokens.

func (*Auth) TokenRevokeAccessor 

func (a *Auth) TokenRevokeAccessor(ctx context.Context, request schema.TokenRevokeAccessorRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

TokenRevokeAccessor This endpoint will delete the token associated with the accessor and all of its child tokens.

func (*Auth) TokenRevokeOrphan 

func (a *Auth) TokenRevokeOrphan(ctx context.Context, request schema.TokenRevokeOrphanRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

TokenRevokeOrphan This endpoint will delete the token and orphan its child tokens.

func (*Auth) TokenRevokeSelf 

func (a *Auth) TokenRevokeSelf(ctx context.Context, options ...RequestOption) (*Response[map[string]interface{}], error)

TokenRevokeSelf This endpoint will delete the token used to call it and all of its child tokens.

func (*Auth) TokenTidy 

func (a *Auth) TokenTidy(ctx context.Context, options ...RequestOption) (*Response[map[string]interface{}], error)

TokenTidy This endpoint performs cleanup tasks that can be run if certain error conditions have occurred.

func (*Auth) TokenWriteRole 

func (a *Auth) TokenWriteRole(ctx context.Context, roleName string, request schema.TokenWriteRoleRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

TokenWriteRole roleName: Name of the role

func (*Auth) UserpassDeleteUser 

func (a *Auth) UserpassDeleteUser(ctx context.Context, username string, options ...RequestOption) (*Response[map[string]interface{}], error)

UserpassDeleteUser Manage users allowed to authenticate. username: Username for this user.

func (*Auth) UserpassListUsers 

func (a *Auth) UserpassListUsers(ctx context.Context, options ...RequestOption) (*Response[schema.StandardListResponse], error)

UserpassListUsers Manage users allowed to authenticate.

func (*Auth) UserpassLogin 

func (a *Auth) UserpassLogin(ctx context.Context, username string, request schema.UserpassLoginRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

UserpassLogin Log in with a username and password. username: Username of the user.

func (*Auth) UserpassReadUser 

func (a *Auth) UserpassReadUser(ctx context.Context, username string, options ...RequestOption) (*Response[map[string]interface{}], error)

UserpassReadUser Manage users allowed to authenticate. username: Username for this user.

func (*Auth) UserpassResetPassword added in v0.3.0 

func (a *Auth) UserpassResetPassword(ctx context.Context, username string, request schema.UserpassResetPasswordRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

UserpassResetPassword Reset user's password. username: Username for this user.

func (*Auth) UserpassUpdatePolicies added in v0.3.0 

func (a *Auth) UserpassUpdatePolicies(ctx context.Context, username string, request schema.UserpassUpdatePoliciesRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

UserpassUpdatePolicies Update the policies associated with the username. username: Username for this user.

func (*Auth) UserpassWriteUser 

func (a *Auth) UserpassWriteUser(ctx context.Context, username string, request schema.UserpassWriteUserRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

UserpassWriteUser Manage users allowed to authenticate. username: Username for this user.

type Client 

type Client struct {

	// generated request methods
	Auth     Auth
	Identity Identity
	Secrets  Secrets
	System   System
	// contains filtered or unexported fields
}

Client manages communication with Vault, initialize it with vault.New(...)

func New 

func New(options ...ClientOption) (*Client, error)

New returns a new client decorated with the given configuration options

func (*Client) ClearCustomHeaders 

func (c *Client) ClearCustomHeaders()

ClearsCustomHeaders clears all custom headers from the subsequent requests.

func (*Client) ClearMFACredentials 

func (c *Client) ClearMFACredentials()

ClearMFACredentials clears multi-factor authentication credentials from all subsequent requests.

See https://learn.hashicorp.com/tutorials/vault/multi-factor-authentication for more information on multi-factor authentication.

func (*Client) ClearNamespace 

func (c *Client) ClearNamespace()

ClearNamespace clears the namespace from all subsequent requests.

See https://developer.hashicorp.com/vault/docs/enterprise/namespaces for more info on namespaces.

func (*Client) ClearReplicationForwardingMode 

func (c *Client) ClearReplicationForwardingMode()

ReplicationForwardingMode clears the X-Vault-Forward / X-Vault-Inconsistent headers from all subsequent requests.

See https://developer.hashicorp.com/vault/docs/enterprise/consistency#vault-1-7-mitigations

func (*Client) ClearRequestCallbacks 

func (c *Client) ClearRequestCallbacks()

ClearRequestCallbacks clears all request callbacks.

func (*Client) ClearResponseCallbacks 

func (c *Client) ClearResponseCallbacks()

ClearResponseCallbacks clears all response callbacks.

func (*Client) ClearResponseWrapping 

func (c *Client) ClearResponseWrapping()

ClearResponseWrapping clears the response-wrapping header from all subsequent requests.

See https://developer.hashicorp.com/vault/docs/concepts/response-wrapping for more information on response wrapping.

func (*Client) ClearToken 

func (c *Client) ClearToken()

ClearToken clears the token for all subsequent requests.

See https://developer.hashicorp.com/vault/docs/concepts/tokens for more info on tokens.

func (*Client) Clone 

func (c *Client) Clone() *Client

Clone creates a new client with the same configuration, request modifiers, and replication states as the original client. Note that the cloned client will point to the same base http.Client and retryablehttp.Client objects.

func (*Client) Configuration 

func (c *Client) Configuration() ClientConfiguration

Configuration returns a copy of the configuration object used to initialize this client

func (*Client) Delete 

func (c *Client) Delete(ctx context.Context, path string, options ...RequestOption) (*Response[map[string]interface{}], error)

Delete attempts to delete the value stored at the given Vault path.

func (*Client) List 

func (c *Client) List(ctx context.Context, path string, options ...RequestOption) (*Response[map[string]interface{}], error)

List attempts to list the keys stored at the given Vault path.

func (*Client) Read 

func (c *Client) Read(ctx context.Context, path string, options ...RequestOption) (*Response[map[string]interface{}], error)

Read attempts to read the value stored at the given Vault path.

func (*Client) ReadRaw 

func (c *Client) ReadRaw(ctx context.Context, path string, options ...RequestOption) (*http.Response, error)

ReadRaw attempts to read the value stored at the given Vault path and returns a raw *http.Response. Compared with `Read`, this function:

  • does not parse the response
  • does not check the response for errors
  • does not apply the client-level request timeout

func (*Client) SetCustomHeaders 

func (c *Client) SetCustomHeaders(headers http.Header) error

SetCustomHeaders sets custom headers to be used in all subsequent requests. The internal prefix 'X-Vault-' is not permitted for the header keys.

func (*Client) SetMFACredentials 

func (c *Client) SetMFACredentials(credentials ...string) error

SetMFACredentials sets multi-factor authentication credentials to be used with all subsequent requests.

See https://learn.hashicorp.com/tutorials/vault/multi-factor-authentication for more information on multi-factor authentication.

func (*Client) SetNamespace 

func (c *Client) SetNamespace(namespace string) error

SetNamespace sets the namespace to be used with all subsequent requests. Use an empty string to clear the namespace.

See https://developer.hashicorp.com/vault/docs/enterprise/namespaces for more info on namespaces.

func (*Client) SetReplicationForwardingMode 

func (c *Client) SetReplicationForwardingMode(mode ReplicationForwardingMode)

SetReplicationForwardingMode sets a replication forwarding header for all subsequent requests: 

ReplicationForwardNone         - no forwarding header
ReplicationForwardAlways       - 'X-Vault-Forward'
ReplicationForwardInconsistent - 'X-Vault-Inconsistent'

Note: this feature must be enabled in Vault's configuration.

See https://developer.hashicorp.com/vault/docs/enterprise/consistency#vault-1-7-mitigations

func (*Client) SetRequestCallbacks 

func (c *Client) SetRequestCallbacks(callbacks ...RequestCallback) error

SetRequestCallbacks sets callbacks which will be invoked before each request.

func (*Client) SetResponseCallbacks 

func (c *Client) SetResponseCallbacks(callbacks ...ResponseCallback) error

SetResponseCallbacks sets callbacks which will be invoked after each successful response.

func (*Client) SetResponseWrapping 

func (c *Client) SetResponseWrapping(ttl time.Duration) error

SetResponseWrapping sets the response-wrapping TTL to the given duration for all subsequent requests, telling Vault to wrap responses and return response-wrapping tokens instead.

See https://developer.hashicorp.com/vault/docs/concepts/response-wrapping for more information on response wrapping.

func (*Client) SetToken 

func (c *Client) SetToken(token string) error

SetToken sets the token to be used with all subsequent requests.

See https://developer.hashicorp.com/vault/docs/concepts/tokens for more info on tokens.

func (*Client) Write 

func (c *Client) Write(ctx context.Context, path string, body map[string]interface{}, options ...RequestOption) (*Response[map[string]interface{}], error)

Write attempts to write the given map to the given Vault path.

func (*Client) WriteFromBytes 

func (c *Client) WriteFromBytes(ctx context.Context, path string, body []byte, options ...RequestOption) (*Response[map[string]interface{}], error)

WriteFromBytes attempts to write the given byte slice to the given Vault path.

func (*Client) WriteFromReader 

func (c *Client) WriteFromReader(ctx context.Context, path string, body io.Reader, options ...RequestOption) (*Response[map[string]interface{}], error)

WriteFromReader attempts to write the given io.Reader data to the given Vault path.

type ClientCertificateEntry 

type ClientCertificateEntry struct {
	// FromFile is the path to a PEM-encoded client certificate file.
	// Default: "", takes precedence over 'FromBytes'
	FromFile string `env:"VAULT_CLIENT_CERT"`

	// FromBytes is PEM-encoded certificate data.
	// Default: nil
	FromBytes []byte
}

type ClientCertificateKeyEntry 

type ClientCertificateKeyEntry struct {
	// FromFile is the path to a PEM-encoded private key file.
	// Default: "", takes precedence over 'FromBytes'
	FromFile string `env:"VAULT_CLIENT_KEY"`

	// FromBytes is PEM-encoded private key data.
	// Default: nil
	FromBytes []byte
}

type ClientConfiguration 

type ClientConfiguration struct {
	// Address specifies the Vault server's base address in the form of
	// scheme://host:port
	// Default: https://127.0.0.1:8200
	Address string `env:"VAULT_ADDR,VAULT_AGENT_ADDR"`

	// HTTPClient is the HTTP client to use for all API requests.
	// DefaultConfiguration() sets reasonable defaults for the HTTPClient and
	// its associated http.Transport. If you must modify Vault's defaults, it
	// is suggested that you start with that client and modify it as needed
	// rather than starting with an empty client or http.DefaultClient.
	HTTPClient *http.Client

	// RequestTimeout, given a non-negative value, will apply the timeout to
	// each request function unless an earlier deadline is passed to the
	// request function through context.Context. Note that this timeout is
	// not applicable to client.ReadRaw or client.ReadRawWithParameters.
	// Default: 60s
	RequestTimeout time.Duration `env:"VAULT_CLIENT_TIMEOUT"`

	// TLS is a collection of TLS settings used to configure the internal
	// http.Client.
	TLS TLSConfiguration

	// RetryConfiguration is a collection of settings used to configure the
	// internal go-retryablehttp client.
	RetryConfiguration RetryConfiguration

	// RateLimiter controls how frequently requests are allowed to happen.
	// If this pointer is nil, then there will be no limit set. Note that an
	// empty struct rate.Limiter is equivalent to blocking all requests.
	// Default: nil
	RateLimiter *rate.Limiter `env:"VAULT_RATE_LIMIT"`

	// EnforceReadYourWritesConsistency ensures isolated read-after-write
	// semantics by providing discovered cluster replication states in each
	// request.
	//
	// Background: when running in a cluster, Vault has an eventual consistency
	// model. Only one node (the leader) can write to Vault's storage. Users
	// generally expect read-after-write consistency: in other words, after
	// writing foo=1, a subsequent read of foo should return 1.
	//
	// Setting this to true will enable "Conditional Forwarding" as described in
	// https://developer.hashicorp.com/vault/docs/enterprise/consistency#vault-1-7-mitigations
	//
	// Note: careful consideration should be made prior to enabling this setting
	// since there will be a performance penalty paid upon each request.
	// This feature requires enterprise server-side.
	EnforceReadYourWritesConsistency bool

	// DisableRedirects prevents the client from automatically following
	// redirects. Any redirect responses will result in `RedirectError` instead.
	//
	// Background: by default, the client follows a single redirect; disabling
	// redirects could cause issues with certain requests, e.g. raft-related
	// calls will fail to redirect to the primary node.
	DisableRedirects bool `env:"VAULT_DISABLE_REDIRECTS"`
	// contains filtered or unexported fields
}

ClientConfiguration is used to configure the creation of the client

func DefaultConfiguration 

func DefaultConfiguration() ClientConfiguration

DefaultConfiguration returns the default configuration for the client. It is recommended to start with this configuration and modify it as needed.

type ClientOption 

type ClientOption func(*ClientConfiguration) error

ClientOption is a configuration option to initialize a client.

func WithAddress added in v0.2.0 

func WithAddress(address string) ClientOption

WithAddress specifies the Vault server base address in the form of scheme://host:port

Default: https://127.0.0.1:8200

func WithConfiguration 

func WithConfiguration(configuration ClientConfiguration) ClientOption

WithConfiguration overwrites the default configuration object with the given one. It is recommended to start with DefaultConfiguration() and modify it as necessary. If only an individual configuration field needs to be modified, consider using other ClientOption functions.

func WithDisableRedirects 

func WithDisableRedirects() ClientOption

WithDisableRedirects prevents the client from automatically following redirects. Any redirect responses will result in `RedirectError` instead.

Background: by default, the client follows a single redirect; disabling redirects could cause issues with certain requests, e.g. raft-related calls will fail to redirect to the primary node.

func WithEnforceReadYourWritesConsistency 

func WithEnforceReadYourWritesConsistency() ClientOption

WithEnforceReadYourWritesConsistency ensures isolated read-after-write semantics by providing discovered cluster replication states in each request.

Background: when running in a cluster, Vault has an eventual consistency model. Only one node (the leader) can write to Vault's storage. Users generally expect read-after-write consistency: in other words, after writing foo=1, a subsequent read of foo should return 1.

Setting this to true will enable "Conditional Forwarding" as described in https://developer.hashicorp.com/vault/docs/enterprise/consistency#vault-1-7-mitigations

Note: careful consideration should be made prior to enabling this setting since there will be a performance penalty paid upon each request. This feature requires enterprise server-side.

func WithEnvironment 

func WithEnvironment() ClientOption

WithEnvironment populates the client's configuration object with values from environment values. The following environment variables are currently supported: 

VAULT_ADDR, VAULT_AGENT_ADDR (vault's address, e.g. https://127.0.0.1:8200/)
VAULT_CLIENT_TIMEOUT         (request timeout)
VAULT_RATE_LIMIT             (rate[:burst] in operations per second)
VAULT_DISABLE_REDIRECTS      (prevents vault client from following redirects)
VAULT_TOKEN                  (the initial authentication token)
VAULT_NAMESPACE              (the initial namespace to use)
VAULT_SKIP_VERIFY            (do not veirfy vault's presented certificate)
VAULT_CACERT                 (PEM-encoded CA certificate file path)
VAULT_CACERT_BYTES           (PEM-encoded CA certificate bytes)
VAULT_CAPATH                 (PEM-encoded CA certificate directory path)
VAULT_CLIENT_CERT            (PEM-encoded client certificate file path)
VAULT_CLIENT_KEY             (PEM-encoded client certificate key file path)
VAULT_TLS_SERVER_NAME        (used to verify the hostname on returned certificates)
VAULT_RETRY_WAIT_MIN         (minimum time to wait before retrying)
VAULT_RETRY_WAIT_MAX         (maximum time to wait before retrying)
VAULT_MAX_RETRIES            (maximum number of retries for certain error codes)

func WithHTTPClient added in v0.2.0 

func WithHTTPClient(client *http.Client) ClientOption

WithHTTPClient sets the HTTP client to use for all API requests. The library sets reasonable defaults for the HTTPClient and its associated http.Transport. If you must modify Vault's defaults, it is suggested that you start with DefaultConfiguration().HTTPClient and modify it as needed rather than starting with an empty client or http.DefaultClient.

func WithRateLimiter 

func WithRateLimiter(limiter *rate.Limiter) ClientOption

WithRateLimiter configures how frequently requests are allowed to happen. If this pointer is nil, then there will be no limit set. Note that an empty struct rate.Limiter is equivalent to blocking all requests.

Default: nil

func WithRequestTimeout 

func WithRequestTimeout(timeout time.Duration) ClientOption

WithRequestTimeout, given a non-negative value, will apply the timeout to each request function unless an earlier deadline is passed to the request function through context.Context. Note that this timeout is not applicable to client.ReadRaw(...) or client.ReadRawWithParameters(...).

Default: 60s

func WithRetryConfiguration 

func WithRetryConfiguration(retry RetryConfiguration) ClientOption

WithRetryConfiguration configures the internal go-retryablehttp client. The library sets reasonable defaults for this setting.

func WithTLS 

func WithTLS(tls TLSConfiguration) ClientOption

WithTLS configures the TLS settings in the base http.Client.

type Identity 

type Identity struct {
	// contains filtered or unexported fields
}

Identity is a simple wrapper around the client for Identity requests

func (*Identity) AliasCreate added in v0.3.0 

func (i *Identity) AliasCreate(ctx context.Context, request schema.AliasCreateRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

AliasCreate Create a new alias.

func (*Identity) AliasDeleteById added in v0.3.0 

func (i *Identity) AliasDeleteById(ctx context.Context, id string, options ...RequestOption) (*Response[map[string]interface{}], error)

AliasDeleteById id: ID of the alias

func (*Identity) AliasListById added in v0.3.0 

func (i *Identity) AliasListById(ctx context.Context, options ...RequestOption) (*Response[schema.StandardListResponse], error)

AliasListById List all the alias IDs.

func (*Identity) AliasReadById added in v0.3.0 

func (i *Identity) AliasReadById(ctx context.Context, id string, options ...RequestOption) (*Response[map[string]interface{}], error)

AliasReadById id: ID of the alias

func (*Identity) AliasUpdateById added in v0.3.0 

func (i *Identity) AliasUpdateById(ctx context.Context, id string, request schema.AliasUpdateByIdRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

AliasUpdateById id: ID of the alias

func (*Identity) EntityBatchDelete 

func (i *Identity) EntityBatchDelete(ctx context.Context, request schema.EntityBatchDeleteRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

EntityBatchDelete Delete all of the entities provided

func (*Identity) EntityCreate added in v0.3.0 

func (i *Identity) EntityCreate(ctx context.Context, request schema.EntityCreateRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

EntityCreate Create a new entity

func (*Identity) EntityCreateAlias added in v0.3.0 

func (i *Identity) EntityCreateAlias(ctx context.Context, request schema.EntityCreateAliasRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

EntityCreateAlias Create a new alias.

func (*Identity) EntityDeleteAliasById added in v0.3.0 

func (i *Identity) EntityDeleteAliasById(ctx context.Context, id string, options ...RequestOption) (*Response[map[string]interface{}], error)

EntityDeleteAliasById id: ID of the alias

func (*Identity) EntityDeleteById added in v0.3.0 

func (i *Identity) EntityDeleteById(ctx context.Context, id string, options ...RequestOption) (*Response[map[string]interface{}], error)

EntityDeleteById id: ID of the entity. If set, updates the corresponding existing entity.

func (*Identity) EntityDeleteByName 

func (i *Identity) EntityDeleteByName(ctx context.Context, name string, options ...RequestOption) (*Response[map[string]interface{}], error)

EntityDeleteByName name: Name of the entity

func (*Identity) EntityListAliasesById added in v0.3.0 

func (i *Identity) EntityListAliasesById(ctx context.Context, options ...RequestOption) (*Response[schema.StandardListResponse], error)

EntityListAliasesById List all the alias IDs.

func (*Identity) EntityListById added in v0.3.0 

func (i *Identity) EntityListById(ctx context.Context, options ...RequestOption) (*Response[schema.StandardListResponse], error)

EntityListById List all the entity IDs

func (*Identity) EntityListByName 

func (i *Identity) EntityListByName(ctx context.Context, options ...RequestOption) (*Response[schema.StandardListResponse], error)

EntityListByName List all the entity names

func (*Identity) EntityLookUp added in v0.3.0 

func (i *Identity) EntityLookUp(ctx context.Context, request schema.EntityLookUpRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

EntityLookUp Query entities based on various properties.

func (*Identity) EntityMerge 

func (i *Identity) EntityMerge(ctx context.Context, request schema.EntityMergeRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

EntityMerge Merge two or more entities together

func (*Identity) EntityReadAliasById added in v0.3.0 

func (i *Identity) EntityReadAliasById(ctx context.Context, id string, options ...RequestOption) (*Response[map[string]interface{}], error)

EntityReadAliasById id: ID of the alias

func (*Identity) EntityReadById added in v0.3.0 

func (i *Identity) EntityReadById(ctx context.Context, id string, options ...RequestOption) (*Response[map[string]interface{}], error)

EntityReadById id: ID of the entity. If set, updates the corresponding existing entity.

func (*Identity) EntityReadByName 

func (i *Identity) EntityReadByName(ctx context.Context, name string, options ...RequestOption) (*Response[map[string]interface{}], error)

EntityReadByName name: Name of the entity

func (*Identity) EntityUpdateAliasById added in v0.3.0 

func (i *Identity) EntityUpdateAliasById(ctx context.Context, id string, request schema.EntityUpdateAliasByIdRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

EntityUpdateAliasById id: ID of the alias

func (*Identity) EntityUpdateById added in v0.3.0 

func (i *Identity) EntityUpdateById(ctx context.Context, id string, request schema.EntityUpdateByIdRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

EntityUpdateById id: ID of the entity. If set, updates the corresponding existing entity.

func (*Identity) EntityUpdateByName added in v0.3.0 

func (i *Identity) EntityUpdateByName(ctx context.Context, name string, request schema.EntityUpdateByNameRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

EntityUpdateByName name: Name of the entity

func (*Identity) GroupCreate added in v0.3.0 

func (i *Identity) GroupCreate(ctx context.Context, request schema.GroupCreateRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

GroupCreate

func (*Identity) GroupCreateAlias added in v0.3.0 

func (i *Identity) GroupCreateAlias(ctx context.Context, request schema.GroupCreateAliasRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

GroupCreateAlias Creates a new group alias, or updates an existing one.

func (*Identity) GroupDeleteAliasById added in v0.3.0 

func (i *Identity) GroupDeleteAliasById(ctx context.Context, id string, options ...RequestOption) (*Response[map[string]interface{}], error)

GroupDeleteAliasById id: ID of the group alias.

func (*Identity) GroupDeleteById added in v0.3.0 

func (i *Identity) GroupDeleteById(ctx context.Context, id string, options ...RequestOption) (*Response[map[string]interface{}], error)

GroupDeleteById id: ID of the group. If set, updates the corresponding existing group.

func (*Identity) GroupDeleteByName 

func (i *Identity) GroupDeleteByName(ctx context.Context, name string, options ...RequestOption) (*Response[map[string]interface{}], error)

GroupDeleteByName name: Name of the group.

func (*Identity) GroupListAliasesById added in v0.3.0 

func (i *Identity) GroupListAliasesById(ctx context.Context, options ...RequestOption) (*Response[schema.StandardListResponse], error)

GroupListAliasesById List all the group alias IDs.

func (*Identity) GroupListById added in v0.3.0 

func (i *Identity) GroupListById(ctx context.Context, options ...RequestOption) (*Response[schema.StandardListResponse], error)

GroupListById List all the group IDs.

func (*Identity) GroupListByName 

func (i *Identity) GroupListByName(ctx context.Context, options ...RequestOption) (*Response[schema.StandardListResponse], error)

GroupListByName

func (*Identity) GroupLookUp added in v0.3.0 

func (i *Identity) GroupLookUp(ctx context.Context, request schema.GroupLookUpRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

GroupLookUp Query groups based on various properties.

func (*Identity) GroupReadAliasById added in v0.3.0 

func (i *Identity) GroupReadAliasById(ctx context.Context, id string, options ...RequestOption) (*Response[map[string]interface{}], error)

GroupReadAliasById id: ID of the group alias.

func (*Identity) GroupReadById added in v0.3.0 

func (i *Identity) GroupReadById(ctx context.Context, id string, options ...RequestOption) (*Response[map[string]interface{}], error)

GroupReadById id: ID of the group. If set, updates the corresponding existing group.

func (*Identity) GroupReadByName 

func (i *Identity) GroupReadByName(ctx context.Context, name string, options ...RequestOption) (*Response[map[string]interface{}], error)

GroupReadByName name: Name of the group.

func (*Identity) GroupUpdateAliasById added in v0.3.0 

func (i *Identity) GroupUpdateAliasById(ctx context.Context, id string, request schema.GroupUpdateAliasByIdRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

GroupUpdateAliasById id: ID of the group alias.

func (*Identity) GroupUpdateById added in v0.3.0 

func (i *Identity) GroupUpdateById(ctx context.Context, id string, request schema.GroupUpdateByIdRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

GroupUpdateById id: ID of the group. If set, updates the corresponding existing group.

func (*Identity) GroupUpdateByName added in v0.3.0 

func (i *Identity) GroupUpdateByName(ctx context.Context, name string, request schema.GroupUpdateByNameRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

GroupUpdateByName name: Name of the group.

func (*Identity) MfaAdminDestroyTotpSecret added in v0.3.0 

func (i *Identity) MfaAdminDestroyTotpSecret(ctx context.Context, request schema.MfaAdminDestroyTotpSecretRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

MfaAdminDestroyTotpSecret Destroys a TOTP secret for the given MFA method ID on the given entity

func (*Identity) MfaAdminGenerateTotpSecret added in v0.3.0 

func (i *Identity) MfaAdminGenerateTotpSecret(ctx context.Context, request schema.MfaAdminGenerateTotpSecretRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

MfaAdminGenerateTotpSecret Update or create TOTP secret for the given method ID on the given entity.

func (*Identity) MfaCreateDuoMethod added in v0.4.0 

func (i *Identity) MfaCreateDuoMethod(ctx context.Context, request schema.MfaCreateDuoMethodRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

MfaCreateDuoMethod Create the given MFA method

func (*Identity) MfaCreateOktaMethod added in v0.4.0 

func (i *Identity) MfaCreateOktaMethod(ctx context.Context, request schema.MfaCreateOktaMethodRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

MfaCreateOktaMethod Create the given MFA method

func (*Identity) MfaCreatePingIdMethod added in v0.4.0 

func (i *Identity) MfaCreatePingIdMethod(ctx context.Context, request schema.MfaCreatePingIdMethodRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

MfaCreatePingIdMethod Create the given MFA method

func (*Identity) MfaCreateTotpMethod added in v0.4.0 

func (i *Identity) MfaCreateTotpMethod(ctx context.Context, request schema.MfaCreateTotpMethodRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

MfaCreateTotpMethod Create the given MFA method

func (*Identity) MfaDeleteDuoMethod added in v0.3.0 

func (i *Identity) MfaDeleteDuoMethod(ctx context.Context, methodId string, options ...RequestOption) (*Response[map[string]interface{}], error)

MfaDeleteDuoMethod Delete the given MFA method methodId: The unique identifier for this MFA method.

func (*Identity) MfaDeleteLoginEnforcement added in v0.3.0 

func (i *Identity) MfaDeleteLoginEnforcement(ctx context.Context, name string, options ...RequestOption) (*Response[map[string]interface{}], error)

MfaDeleteLoginEnforcement Delete a login enforcement name: Name for this login enforcement configuration

func (*Identity) MfaDeleteOktaMethod added in v0.3.0 

func (i *Identity) MfaDeleteOktaMethod(ctx context.Context, methodId string, options ...RequestOption) (*Response[map[string]interface{}], error)

MfaDeleteOktaMethod Delete the given MFA method methodId: The unique identifier for this MFA method.

func (*Identity) MfaDeletePingIdMethod added in v0.3.0 

func (i *Identity) MfaDeletePingIdMethod(ctx context.Context, methodId string, options ...RequestOption) (*Response[map[string]interface{}], error)

MfaDeletePingIdMethod Delete the given MFA method methodId: The unique identifier for this MFA method.

func (*Identity) MfaDeleteTotpMethod added in v0.3.0 

func (i *Identity) MfaDeleteTotpMethod(ctx context.Context, methodId string, options ...RequestOption) (*Response[map[string]interface{}], error)

MfaDeleteTotpMethod Delete the given MFA method methodId: The unique identifier for this MFA method.

func (*Identity) MfaGenerateTotpSecret added in v0.3.0 

func (i *Identity) MfaGenerateTotpSecret(ctx context.Context, request schema.MfaGenerateTotpSecretRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

MfaGenerateTotpSecret Update or create TOTP secret for the given method ID on the given entity.

func (*Identity) MfaListDuoMethods added in v0.3.0 

func (i *Identity) MfaListDuoMethods(ctx context.Context, options ...RequestOption) (*Response[schema.StandardListResponse], error)

MfaListDuoMethods List MFA method configurations for the given MFA method

func (*Identity) MfaListLoginEnforcements added in v0.3.0 

func (i *Identity) MfaListLoginEnforcements(ctx context.Context, options ...RequestOption) (*Response[schema.StandardListResponse], error)

MfaListLoginEnforcements List login enforcements

func (*Identity) MfaListMethods added in v0.3.0 

func (i *Identity) MfaListMethods(ctx context.Context, options ...RequestOption) (*Response[schema.StandardListResponse], error)

MfaListMethods List MFA method configurations for all MFA methods

func (*Identity) MfaListOktaMethods added in v0.3.0 

func (i *Identity) MfaListOktaMethods(ctx context.Context, options ...RequestOption) (*Response[schema.StandardListResponse], error)

MfaListOktaMethods List MFA method configurations for the given MFA method

func (*Identity) MfaListPingIdMethods added in v0.3.0 

func (i *Identity) MfaListPingIdMethods(ctx context.Context, options ...RequestOption) (*Response[schema.StandardListResponse], error)

MfaListPingIdMethods List MFA method configurations for the given MFA method

func (*Identity) MfaListTotpMethods added in v0.3.0 

func (i *Identity) MfaListTotpMethods(ctx context.Context, options ...RequestOption) (*Response[schema.StandardListResponse], error)

MfaListTotpMethods List MFA method configurations for the given MFA method

func (*Identity) MfaReadDuoMethod added in v0.4.0 

func (i *Identity) MfaReadDuoMethod(ctx context.Context, methodId string, options ...RequestOption) (*Response[map[string]interface{}], error)

MfaReadDuoMethod Read the current configuration for the given MFA method methodId: The unique identifier for this MFA method.

func (*Identity) MfaReadLoginEnforcement added in v0.3.0 

func (i *Identity) MfaReadLoginEnforcement(ctx context.Context, name string, options ...RequestOption) (*Response[map[string]interface{}], error)

MfaReadLoginEnforcement Read the current login enforcement name: Name for this login enforcement configuration

func (*Identity) MfaReadMethod added in v0.4.0 

func (i *Identity) MfaReadMethod(ctx context.Context, methodId string, options ...RequestOption) (*Response[map[string]interface{}], error)

MfaReadMethod Read the current configuration for the given ID regardless of the MFA method type methodId: The unique identifier for this MFA method.

func (*Identity) MfaReadOktaMethod added in v0.4.0 

func (i *Identity) MfaReadOktaMethod(ctx context.Context, methodId string, options ...RequestOption) (*Response[map[string]interface{}], error)

MfaReadOktaMethod Read the current configuration for the given MFA method methodId: The unique identifier for this MFA method.

func (*Identity) MfaReadPingIdMethod added in v0.4.0 

func (i *Identity) MfaReadPingIdMethod(ctx context.Context, methodId string, options ...RequestOption) (*Response[map[string]interface{}], error)

MfaReadPingIdMethod Read the current configuration for the given MFA method methodId: The unique identifier for this MFA method.

func (*Identity) MfaReadTotpMethod added in v0.4.0 

func (i *Identity) MfaReadTotpMethod(ctx context.Context, methodId string, options ...RequestOption) (*Response[map[string]interface{}], error)

MfaReadTotpMethod Read the current configuration for the given MFA method methodId: The unique identifier for this MFA method.

func (*Identity) MfaUpdateDuoMethod added in v0.4.0 

func (i *Identity) MfaUpdateDuoMethod(ctx context.Context, methodId string, request schema.MfaUpdateDuoMethodRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

MfaUpdateDuoMethod Update the configuration for the given MFA method methodId: The unique identifier for this MFA method.

func (*Identity) MfaUpdateOktaMethod added in v0.4.0 

func (i *Identity) MfaUpdateOktaMethod(ctx context.Context, methodId string, request schema.MfaUpdateOktaMethodRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

MfaUpdateOktaMethod Update the configuration for the given MFA method methodId: The unique identifier for this MFA method.

func (*Identity) MfaUpdatePingIdMethod added in v0.4.0 

func (i *Identity) MfaUpdatePingIdMethod(ctx context.Context, methodId string, request schema.MfaUpdatePingIdMethodRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

MfaUpdatePingIdMethod Update the configuration for the given MFA method methodId: The unique identifier for this MFA method.

func (*Identity) MfaUpdateTotpMethod added in v0.4.0 

func (i *Identity) MfaUpdateTotpMethod(ctx context.Context, methodId string, request schema.MfaUpdateTotpMethodRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

MfaUpdateTotpMethod Update the configuration for the given MFA method methodId: The unique identifier for this MFA method.

func (*Identity) MfaWriteLoginEnforcement added in v0.3.0 

func (i *Identity) MfaWriteLoginEnforcement(ctx context.Context, name string, request schema.MfaWriteLoginEnforcementRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

MfaWriteLoginEnforcement Create or update a login enforcement name: Name for this login enforcement configuration

func (*Identity) OidcConfigure added in v0.3.0 

func (i *Identity) OidcConfigure(ctx context.Context, request schema.OidcConfigureRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

OidcConfigure

func (*Identity) OidcDeleteAssignment added in v0.3.0 

func (i *Identity) OidcDeleteAssignment(ctx context.Context, name string, options ...RequestOption) (*Response[map[string]interface{}], error)

OidcDeleteAssignment name: Name of the assignment

func (*Identity) OidcDeleteClient added in v0.3.0 

func (i *Identity) OidcDeleteClient(ctx context.Context, name string, options ...RequestOption) (*Response[map[string]interface{}], error)

OidcDeleteClient name: Name of the client.

func (*Identity) OidcDeleteKey added in v0.3.0 

func (i *Identity) OidcDeleteKey(ctx context.Context, name string, options ...RequestOption) (*Response[map[string]interface{}], error)

OidcDeleteKey CRUD operations for OIDC keys. name: Name of the key

func (*Identity) OidcDeleteProvider added in v0.3.0 

func (i *Identity) OidcDeleteProvider(ctx context.Context, name string, options ...RequestOption) (*Response[map[string]interface{}], error)

OidcDeleteProvider name: Name of the provider

func (*Identity) OidcDeleteRole added in v0.3.0 

func (i *Identity) OidcDeleteRole(ctx context.Context, name string, options ...RequestOption) (*Response[map[string]interface{}], error)

OidcDeleteRole CRUD operations on OIDC Roles name: Name of the role

func (*Identity) OidcDeleteScope added in v0.3.0 

func (i *Identity) OidcDeleteScope(ctx context.Context, name string, options ...RequestOption) (*Response[map[string]interface{}], error)

OidcDeleteScope name: Name of the scope

func (*Identity) OidcGenerateToken added in v0.3.0 

func (i *Identity) OidcGenerateToken(ctx context.Context, name string, options ...RequestOption) (*Response[map[string]interface{}], error)

OidcGenerateToken Generate an OIDC token name: Name of the role

func (*Identity) OidcIntrospect added in v0.3.0 

func (i *Identity) OidcIntrospect(ctx context.Context, request schema.OidcIntrospectRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

OidcIntrospect Verify the authenticity of an OIDC token

func (*Identity) OidcListAssignments added in v0.3.0 

func (i *Identity) OidcListAssignments(ctx context.Context, options ...RequestOption) (*Response[schema.StandardListResponse], error)

OidcListAssignments

func (*Identity) OidcListClients added in v0.3.0 

func (i *Identity) OidcListClients(ctx context.Context, options ...RequestOption) (*Response[schema.StandardListResponse], error)

OidcListClients

func (*Identity) OidcListKeys added in v0.3.0 

func (i *Identity) OidcListKeys(ctx context.Context, options ...RequestOption) (*Response[schema.StandardListResponse], error)

OidcListKeys List OIDC keys

func (*Identity) OidcListProviders added in v0.3.0 

func (i *Identity) OidcListProviders(ctx context.Context, allowedClientId string, options ...RequestOption) (*Response[schema.StandardListResponse], error)

OidcListProviders allowedClientId: Filters the list of OIDC providers to those that allow the given client ID in their set of allowed_client_ids.

func (*Identity) OidcListRoles added in v0.3.0 

func (i *Identity) OidcListRoles(ctx context.Context, options ...RequestOption) (*Response[schema.StandardListResponse], error)

OidcListRoles List configured OIDC roles

func (*Identity) OidcListScopes added in v0.3.0 

func (i *Identity) OidcListScopes(ctx context.Context, options ...RequestOption) (*Response[schema.StandardListResponse], error)

OidcListScopes

func (*Identity) OidcProviderAuthorize added in v0.3.0 

func (i *Identity) OidcProviderAuthorize(ctx context.Context, name string, clientId string, codeChallenge string, codeChallengeMethod string, maxAge int32, nonce string, redirectUri string, responseType string, scope string, state string, options ...RequestOption) (*Response[map[string]interface{}], error)

OidcProviderAuthorize name: Name of the provider clientId: The ID of the requesting client. codeChallenge: The code challenge derived from the code verifier. codeChallengeMethod: The method that was used to derive the code challenge. The following methods are supported: 'S256', 'plain'. Defaults to 'plain'. maxAge: The allowable elapsed time in seconds since the last time the end-user was actively authenticated. nonce: The value that will be returned in the ID token nonce claim after a token exchange. redirectUri: The redirection URI to which the response will be sent. responseType: The OIDC authentication flow to be used. The following response types are supported: 'code' scope: A space-delimited, case-sensitive list of scopes to be requested. The 'openid' scope is required. state: The value used to maintain state between the authentication request and client.

func (*Identity) OidcProviderAuthorizeWithParameters added in v0.4.0 

func (i *Identity) OidcProviderAuthorizeWithParameters(ctx context.Context, name string, request schema.OidcProviderAuthorizeWithParametersRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

OidcProviderAuthorizeWithParameters name: Name of the provider

func (*Identity) OidcProviderToken added in v0.3.0 

func (i *Identity) OidcProviderToken(ctx context.Context, name string, request schema.OidcProviderTokenRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

OidcProviderToken name: Name of the provider

func (*Identity) OidcProviderUserInfo added in v0.3.0 

func (i *Identity) OidcProviderUserInfo(ctx context.Context, name string, options ...RequestOption) (*Response[map[string]interface{}], error)

OidcProviderUserInfo name: Name of the provider

func (*Identity) OidcReadAssignment added in v0.3.0 

func (i *Identity) OidcReadAssignment(ctx context.Context, name string, options ...RequestOption) (*Response[map[string]interface{}], error)

OidcReadAssignment name: Name of the assignment

func (*Identity) OidcReadClient added in v0.3.0 

func (i *Identity) OidcReadClient(ctx context.Context, name string, options ...RequestOption) (*Response[map[string]interface{}], error)

OidcReadClient name: Name of the client.

func (*Identity) OidcReadConfiguration added in v0.3.0 

func (i *Identity) OidcReadConfiguration(ctx context.Context, options ...RequestOption) (*Response[map[string]interface{}], error)

OidcReadConfiguration

func (*Identity) OidcReadKey added in v0.3.0 

func (i *Identity) OidcReadKey(ctx context.Context, name string, options ...RequestOption) (*Response[map[string]interface{}], error)

OidcReadKey CRUD operations for OIDC keys. name: Name of the key

func (*Identity) OidcReadOpenIdConfiguration added in v0.3.0 

func (i *Identity) OidcReadOpenIdConfiguration(ctx context.Context, options ...RequestOption) (*Response[map[string]interface{}], error)

OidcReadOpenIdConfiguration Query OIDC configurations

func (*Identity) OidcReadProvider added in v0.3.0 

func (i *Identity) OidcReadProvider(ctx context.Context, name string, options ...RequestOption) (*Response[map[string]interface{}], error)

OidcReadProvider name: Name of the provider

func (*Identity) OidcReadProviderOpenIdConfiguration added in v0.3.0 

func (i *Identity) OidcReadProviderOpenIdConfiguration(ctx context.Context, name string, options ...RequestOption) (*Response[map[string]interface{}], error)

OidcReadProviderOpenIdConfiguration name: Name of the provider

func (*Identity) OidcReadProviderPublicKeys added in v0.3.0 

func (i *Identity) OidcReadProviderPublicKeys(ctx context.Context, name string, options ...RequestOption) (*Response[map[string]interface{}], error)

OidcReadProviderPublicKeys name: Name of the provider

func (*Identity) OidcReadPublicKeys added in v0.3.0 

func (i *Identity) OidcReadPublicKeys(ctx context.Context, options ...RequestOption) (*Response[map[string]interface{}], error)

OidcReadPublicKeys Retrieve public keys

func (*Identity) OidcReadRole added in v0.3.0 

func (i *Identity) OidcReadRole(ctx context.Context, name string, options ...RequestOption) (*Response[map[string]interface{}], error)

OidcReadRole CRUD operations on OIDC Roles name: Name of the role

func (*Identity) OidcReadScope added in v0.3.0 

func (i *Identity) OidcReadScope(ctx context.Context, name string, options ...RequestOption) (*Response[map[string]interface{}], error)

OidcReadScope name: Name of the scope

func (*Identity) OidcRotateKey added in v0.3.0 

func (i *Identity) OidcRotateKey(ctx context.Context, name string, request schema.OidcRotateKeyRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

OidcRotateKey Rotate a named OIDC key. name: Name of the key

func (*Identity) OidcWriteAssignment added in v0.3.0 

func (i *Identity) OidcWriteAssignment(ctx context.Context, name string, request schema.OidcWriteAssignmentRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

OidcWriteAssignment name: Name of the assignment

func (*Identity) OidcWriteClient added in v0.3.0 

func (i *Identity) OidcWriteClient(ctx context.Context, name string, request schema.OidcWriteClientRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

OidcWriteClient name: Name of the client.

func (*Identity) OidcWriteKey added in v0.3.0 

func (i *Identity) OidcWriteKey(ctx context.Context, name string, request schema.OidcWriteKeyRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

OidcWriteKey CRUD operations for OIDC keys. name: Name of the key

func (*Identity) OidcWriteProvider added in v0.3.0 

func (i *Identity) OidcWriteProvider(ctx context.Context, name string, request schema.OidcWriteProviderRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

OidcWriteProvider name: Name of the provider

func (*Identity) OidcWriteRole added in v0.3.0 

func (i *Identity) OidcWriteRole(ctx context.Context, name string, request schema.OidcWriteRoleRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

OidcWriteRole CRUD operations on OIDC Roles name: Name of the role

func (*Identity) OidcWriteScope added in v0.3.0 

func (i *Identity) OidcWriteScope(ctx context.Context, name string, request schema.OidcWriteScopeRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

OidcWriteScope name: Name of the scope

func (*Identity) PersonaCreate added in v0.3.0 

func (i *Identity) PersonaCreate(ctx context.Context, request schema.PersonaCreateRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

PersonaCreate Create a new alias.

func (*Identity) PersonaDeleteById added in v0.3.0 

func (i *Identity) PersonaDeleteById(ctx context.Context, id string, options ...RequestOption) (*Response[map[string]interface{}], error)

PersonaDeleteById id: ID of the persona

func (*Identity) PersonaListById added in v0.3.0 

func (i *Identity) PersonaListById(ctx context.Context, options ...RequestOption) (*Response[schema.StandardListResponse], error)

PersonaListById List all the alias IDs.

func (*Identity) PersonaReadById added in v0.3.0 

func (i *Identity) PersonaReadById(ctx context.Context, id string, options ...RequestOption) (*Response[map[string]interface{}], error)

PersonaReadById id: ID of the persona

func (*Identity) PersonaUpdateById added in v0.3.0 

func (i *Identity) PersonaUpdateById(ctx context.Context, id string, request schema.PersonaUpdateByIdRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

PersonaUpdateById id: ID of the persona

type MFAConstraintAny 

type MFAConstraintAny struct {
	Any []MFAMethodID `json:"any"`
}

type MFAMethodID 

type MFAMethodID struct {
	Type         string `json:"type"`
	ID           string `json:"id"`
	UsesPasscode bool   `json:"uses_passcode"`
}

type MFARequirement 

type MFARequirement struct {
	MFARequestID   string                      `json:"mfa_request_id"`
	MFAConstraints map[string]MFAConstraintAny `json:"mfa_constraints"`
}

type RedirectError 

type RedirectError struct {
	// StatusCode is the HTTP status code returned in the response
	StatusCode int

	// Message is the error message
	Message string

	// RedirectLocation is populated with the "Location" header, if set
	RedirectLocation string

	// OriginalRequest is a pointer to the request that caused this error
	OriginalRequest *http.Request
}

RedirectError is the error returned when the client receives a redirect response and either

  1. the redirects are disabled in configuration
  2. more than one redirect was encountered
  3. the redirect response could not be properly parsed

func (*RedirectError) Error 

func (e *RedirectError) Error() string

type ReplicationForwardingMode 

type ReplicationForwardingMode uint8
const (
	// Setting this mode will clear all forwarding headers
	ReplicationForwardNone ReplicationForwardingMode = iota

	// Setting this mode will add 'X-Vault-Forward' header to all subsequent
	// requests, telling any performance standbys handling the requests to
	// forward them to the active node.
	//
	// https://developer.hashicorp.com/vault/docs/enterprise/consistency#unconditional-forwarding-performance-standbys-only
	ReplicationForwardAlways

	// Setting this mode will add 'X-Vault-Inconsistent' header to  all
	// subsequent requests; any performance standbys handling the requests will
	// conditionally forward them to the active node if the state required
	// isn't present on the node receiving this request. This should be used
	// in conjunction with RequireReplicationState(...).
	//
	// https://developer.hashicorp.com/vault/docs/enterprise/consistency#conditional-forwarding-performance-standbys-only
	ReplicationForwardInconsistent
)

type ReplicationState 

type ReplicationState struct {
	Cluster         string
	LocalIndex      uint64
	ReplicatedIndex uint64
}

ReplicationState is analogous to the WALState in github.com/vault/sdk

func ParseReplicationState 

func ParseReplicationState(raw string, hmacKey []byte) (ReplicationState, error)

ParseReplicationState will parse the raw base64-encoded replication state into its individual components. If an optional hmacKey is provided, it will used to verify the replication state contents. The format of the string (after decoding) is expected to be: 

v1:cluster-id-string:local-index:replicated-index:hmac

type RequestCallback 

type RequestCallback func(*http.Request)

func RequireReplicationStates 

func RequireReplicationStates(states ...string) RequestCallback

RequireReplicationStates returns a request callback that will add request headers to specify the replication states we require of Vault. These states were obtained from the previously-seen response headers captured with RecordReplicationState(...).

https://developer.hashicorp.com/vault/docs/enterprise/consistency#conditional-forwarding-performance-standbys-only

type RequestOption 

type RequestOption func(*requestModifiers) error

RequestOption is a functional parameter used to modify a request

func WithCustomHeaders 

func WithCustomHeaders(headers http.Header) RequestOption

WithCustomHeaders sets custom headers for the next request; these headers will be appended to any custom headers set at the client level. The internal prefix 'X-Vault-' is not permitted for the header keys.

func WithMFACredentials 

func WithMFACredentials(credentials ...string) RequestOption

WithMFACredentials sets the multi-factor authentication credentials for the next request, it takes precedence over the client-level MFA credentials.

See https://learn.hashicorp.com/tutorials/vault/multi-factor-authentication for more information on multi-factor authentication.

func WithMountPath 

func WithMountPath(path string) RequestOption

WithMountPath overwrites the default mount path in client.Auth and client.Secrets requests with the given mount path string.

func WithNamespace 

func WithNamespace(namespace string) RequestOption

WithNamespace sets the namespace for the next request; it takes precedence over the client-level namespace. Use an empty string to clear the namespace from the next request.

See https://developer.hashicorp.com/vault/docs/enterprise/namespaces for more info on namespaces.

func WithQueryParameters added in v0.4.0 

func WithQueryParameters(parameters url.Values) RequestOption

WithQueryParameters appends the given list of query parameters to the request. This is primarily intended to be used with client.Read, client.ReadRaw, client.List, and client.Delete methods.

func WithReplicationForwardingMode 

func WithReplicationForwardingMode(mode ReplicationForwardingMode) RequestOption

WithReplicationForwardingMode sets a replication forwarding header to the given value for the next request; it takes precedence over the client-level replication forwarding header. 

ReplicationForwardNone         - no forwarding headers
ReplicationForwardAlways       - 'X-Vault-Forward'
ReplicationForwardInconsistent - 'X-Vault-Inconsistent'

See https://developer.hashicorp.com/vault/docs/enterprise/consistency#vault-1-7-mitigations

func WithRequestCallbacks 

func WithRequestCallbacks(callbacks ...RequestCallback) RequestOption

WithRequestCallbacks sets callbacks which will be invoked before the next request; these callbacks will be appended to the list of the callbacks set at the client-level.

func WithResponseCallbacks 

func WithResponseCallbacks(callbacks ...ResponseCallback) RequestOption

WithResponseCallbacks sets callbacks which will be invoked after a successful response within the next request; these callbacks will be appended to the list of the callbacks set at the client-level.

func WithResponseWrapping 

func WithResponseWrapping(ttl time.Duration) RequestOption

WithResponseWrapping sets the response-wrapping TTL to the given duration for the next request; it takes precedence over the client-level response-wrapping TTL. A non-zero duration will tell Vault to wrap the response and return a response-wrapping token instead. Set `ttl` to zero to clear the response-wrapping header from the next request.

See https://developer.hashicorp.com/vault/docs/concepts/response-wrapping for more information on response wrapping.

func WithToken 

func WithToken(token string) RequestOption

WithToken sets the token for the next request; it takes precedence over the client-level token.

See https://developer.hashicorp.com/vault/docs/concepts/tokens for more info on tokens.

type Response 

type Response[T any] struct {
	// The request ID that generated this response
	RequestID string `json:"request_id"`

	LeaseID       string `json:"lease_id"`
	LeaseDuration int    `json:"lease_duration"`
	Renewable     bool   `json:"renewable"`

	// Data is the actual contents of the response. The format of the data
	// is arbitrary and is up to the secret backend.
	Data T `json:"data"`

	// Warnings contains any warnings related to the operation. These
	// are not issues that caused the command to fail, but things that the
	// client should be aware of.
	Warnings []string `json:"warnings"`

	// Auth, if non-nil, means that there was authentication information
	// attached to this response.
	Auth *ResponseAuth `json:"auth,omitempty"`

	// WrapInfo, if non-nil, means that the initial response was wrapped in the
	// cubbyhole of the given token (which has a TTL of the given number of
	// seconds)
	WrapInfo *ResponseWrapInfo `json:"wrap_info,omitempty"`
}

Response is the structure returned by the majority of the requests to Vault

func Unwrap 

func Unwrap[T any](ctx context.Context, client *Client, wrappingToken string, options ...RequestOption) (*Response[T], error)

Unwrap sends a request with the given wrapping token and returns the original wrapped response.

See https://developer.hashicorp.com/vault/docs/concepts/response-wrapping for more information on response wrapping

type ResponseAuth 

type ResponseAuth struct {
	ClientToken      string            `json:"client_token"`
	Accessor         string            `json:"accessor"`
	Policies         []string          `json:"policies"`
	TokenPolicies    []string          `json:"token_policies"`
	IdentityPolicies []string          `json:"identity_policies"`
	Metadata         map[string]string `json:"metadata"`
	Orphan           bool              `json:"orphan"`
	EntityID         string            `json:"entity_id"`

	LeaseDuration int  `json:"lease_duration"`
	Renewable     bool `json:"renewable"`

	MFARequirement *MFARequirement `json:"mfa_requirement,omitempty"`
}

ResponseAuth contains authentication information if we have it.

type ResponseCallback 

type ResponseCallback func(*http.Request, *http.Response)

func RecordReplicationState 

func RecordReplicationState(state *string) ResponseCallback

RecordReplicationState returns a response callback that will record the replication state returned by Vault in a response header.

https://developer.hashicorp.com/vault/docs/enterprise/consistency#conditional-forwarding-performance-standbys-only

type ResponseError 

type ResponseError struct {
	// StatusCode is the HTTP status code returned in the response
	StatusCode int

	// Errors are the underlying error messages returned in the response body
	Errors []string

	// RawResponseBytes is only popualted when error messages can't be parsed
	RawResponseBytes []byte

	// OriginalRequest is a pointer to the request that caused this error
	OriginalRequest *http.Request
}

ResponseError is the error returned when Vault responds with an HTTP status code outside of the 200 - 399 range. If a request to Vault fails due to a network error, a different error message will be returned.

func (*ResponseError) Error 

func (e *ResponseError) Error() string

type ResponseWrapInfo 

type ResponseWrapInfo struct {
	Token           string    `json:"token"`
	Accessor        string    `json:"accessor"`
	TTL             int       `json:"ttl"`
	CreationTime    time.Time `json:"creation_time"`
	CreationPath    string    `json:"creation_path"`
	WrappedAccessor string    `json:"wrapped_accessor"`
}

ResponseWrapInfo contains wrapping information if we have it. If what is contained is an authentication token, the accessor for the token will be available in WrappedAccessor.

type RetryConfiguration 

type RetryConfiguration struct {
	// RetryWaitMin controls the minimum time to wait before retrying when
	// a 5xx or 412 error occurs.
	// Default: 1000 milliseconds
	RetryWaitMin time.Duration `env:"VAULT_RETRY_WAIT_MIN"`

	// RetryWaitMax controls the maximum time to wait before retrying when
	// a 5xx or 412 error occurs.
	// Default: 1500 milliseconds
	RetryWaitMax time.Duration `env:"VAULT_RETRY_WAIT_MAX"`

	// RetryMax controls the maximum number of times to retry when a 5xx or 412
	// error occurs. Set to -1 to disable retrying.
	// Default: 2 (for a total of three tries)
	RetryMax int `env:"VAULT_MAX_RETRIES"`

	// CheckRetry specifies a policy for handling retries. It is called after
	// each request with the response and error values returned by the http.Client.
	// Default: retryablehttp.DefaultRetryPolicy + retry on 412 responses
	CheckRetry retryablehttp.CheckRetry

	// Backoff specifies a policy for how long to wait between retries.
	// Default: retryablehttp.LinearJitterBackoff
	Backoff retryablehttp.Backoff

	// ErrorHandler specifies the custom error handler to use if any.
	// Default: retryablehttp.PassthroughErrorHandler
	ErrorHandler retryablehttp.ErrorHandler

	// Logger is a custom retryablehttp.Logger or retryablehttp.LeveledLogger.
	// Default: nil
	Logger interface{}
}

RetryConfiguration is a collection of settings used to configure the internal go-retryablehttp client.

type Secrets 

type Secrets struct {
	// contains filtered or unexported fields
}

Secrets is a simple wrapper around the client for Secrets requests

func (*Secrets) AliCloudConfigure added in v0.3.0 

func (s *Secrets) AliCloudConfigure(ctx context.Context, request schema.AliCloudConfigureRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

AliCloudConfigure

func (*Secrets) AliCloudDeleteConfiguration added in v0.3.0 

func (s *Secrets) AliCloudDeleteConfiguration(ctx context.Context, options ...RequestOption) (*Response[map[string]interface{}], error)

AliCloudDeleteConfiguration

func (*Secrets) AliCloudDeleteRole 

func (s *Secrets) AliCloudDeleteRole(ctx context.Context, name string, options ...RequestOption) (*Response[map[string]interface{}], error)

AliCloudDeleteRole Read, write and reference policies and roles that API keys or STS credentials can be made for. name: The name of the role.

func (*Secrets) AliCloudGenerateCredentials added in v0.3.0 

func (s *Secrets) AliCloudGenerateCredentials(ctx context.Context, name string, options ...RequestOption) (*Response[map[string]interface{}], error)

AliCloudGenerateCredentials Generate an API key or STS credential using the given role's configuration.' name: The name of the role.

func (*Secrets) AliCloudListRoles 

func (s *Secrets) AliCloudListRoles(ctx context.Context, options ...RequestOption) (*Response[schema.StandardListResponse], error)

AliCloudListRoles List the existing roles in this backend.

func (*Secrets) AliCloudReadConfiguration added in v0.3.0 

func (s *Secrets) AliCloudReadConfiguration(ctx context.Context, options ...RequestOption) (*Response[map[string]interface{}], error)

AliCloudReadConfiguration

func (*Secrets) AliCloudReadRole 

func (s *Secrets) AliCloudReadRole(ctx context.Context, name string, options ...RequestOption) (*Response[map[string]interface{}], error)

AliCloudReadRole Read, write and reference policies and roles that API keys or STS credentials can be made for. name: The name of the role.

func (*Secrets) AliCloudWriteRole 

func (s *Secrets) AliCloudWriteRole(ctx context.Context, name string, request schema.AliCloudWriteRoleRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

AliCloudWriteRole Read, write and reference policies and roles that API keys or STS credentials can be made for. name: The name of the role.

func (*Secrets) AwsConfigureLease added in v0.3.0 

func (s *Secrets) AwsConfigureLease(ctx context.Context, request schema.AwsConfigureLeaseRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

AwsConfigureLease

func (*Secrets) AwsConfigureRootIamCredentials added in v0.3.0 

func (s *Secrets) AwsConfigureRootIamCredentials(ctx context.Context, request schema.AwsConfigureRootIamCredentialsRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

AwsConfigureRootIamCredentials

func (*Secrets) AwsDeleteRole added in v0.3.0 

func (s *Secrets) AwsDeleteRole(ctx context.Context, name string, options ...RequestOption) (*Response[map[string]interface{}], error)

AwsDeleteRole Read, write and reference IAM policies that access keys can be made for. name: Name of the role

func (*Secrets) AwsDeleteStaticRolesName added in v0.4.0 

func (s *Secrets) AwsDeleteStaticRolesName(ctx context.Context, name string, options ...RequestOption) (*Response[map[string]interface{}], error)

AwsDeleteStaticRolesName name: The name of this role.

func (*Secrets) AwsGenerateCredentials added in v0.3.0 

func (s *Secrets) AwsGenerateCredentials(ctx context.Context, name string, roleArn string, roleSessionName string, ttl string, options ...RequestOption) (*Response[map[string]interface{}], error)

AwsGenerateCredentials name: Name of the role roleArn: ARN of role to assume when credential_type is assumed_role roleSessionName: Session name to use when assuming role. Max chars: 64 ttl: Lifetime of the returned credentials in seconds

func (*Secrets) AwsGenerateCredentialsWithParameters added in v0.4.0 

func (s *Secrets) AwsGenerateCredentialsWithParameters(ctx context.Context, name string, request schema.AwsGenerateCredentialsWithParametersRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

AwsGenerateCredentialsWithParameters name: Name of the role

func (*Secrets) AwsGenerateStsCredentials added in v0.3.0 

func (s *Secrets) AwsGenerateStsCredentials(ctx context.Context, name string, roleArn string, roleSessionName string, ttl string, options ...RequestOption) (*Response[map[string]interface{}], error)

AwsGenerateStsCredentials name: Name of the role roleArn: ARN of role to assume when credential_type is assumed_role roleSessionName: Session name to use when assuming role. Max chars: 64 ttl: Lifetime of the returned credentials in seconds

func (*Secrets) AwsGenerateStsCredentialsWithParameters added in v0.4.0 

func (s *Secrets) AwsGenerateStsCredentialsWithParameters(ctx context.Context, name string, request schema.AwsGenerateStsCredentialsWithParametersRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

AwsGenerateStsCredentialsWithParameters name: Name of the role

func (*Secrets) AwsListRoles added in v0.3.0 

func (s *Secrets) AwsListRoles(ctx context.Context, options ...RequestOption) (*Response[schema.StandardListResponse], error)

AwsListRoles List the existing roles in this backend

func (*Secrets) AwsReadLeaseConfiguration added in v0.3.0 

func (s *Secrets) AwsReadLeaseConfiguration(ctx context.Context, options ...RequestOption) (*Response[map[string]interface{}], error)

AwsReadLeaseConfiguration

func (*Secrets) AwsReadRole added in v0.3.0 

func (s *Secrets) AwsReadRole(ctx context.Context, name string, options ...RequestOption) (*Response[map[string]interface{}], error)

AwsReadRole Read, write and reference IAM policies that access keys can be made for. name: Name of the role

func (*Secrets) AwsReadRootIamCredentialsConfiguration added in v0.3.0 

func (s *Secrets) AwsReadRootIamCredentialsConfiguration(ctx context.Context, options ...RequestOption) (*Response[map[string]interface{}], error)

AwsReadRootIamCredentialsConfiguration

func (*Secrets) AwsReadStaticCredsName added in v0.4.0 

func (s *Secrets) AwsReadStaticCredsName(ctx context.Context, name string, options ...RequestOption) (*Response[schema.AwsReadStaticCredsNameResponse], error)

AwsReadStaticCredsName name: The name of this role.

func (*Secrets) AwsReadStaticRolesName added in v0.4.0 

func (s *Secrets) AwsReadStaticRolesName(ctx context.Context, name string, options ...RequestOption) (*Response[schema.AwsReadStaticRolesNameResponse], error)

AwsReadStaticRolesName name: The name of this role.

func (*Secrets) AwsRotateRootIamCredentials added in v0.3.0 

func (s *Secrets) AwsRotateRootIamCredentials(ctx context.Context, options ...RequestOption) (*Response[map[string]interface{}], error)

AwsRotateRootIamCredentials

func (*Secrets) AwsWriteRole added in v0.3.0 

func (s *Secrets) AwsWriteRole(ctx context.Context, name string, request schema.AwsWriteRoleRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

AwsWriteRole Read, write and reference IAM policies that access keys can be made for. name: Name of the role

func (*Secrets) AwsWriteStaticRolesName added in v0.4.0 

func (s *Secrets) AwsWriteStaticRolesName(ctx context.Context, name string, request schema.AwsWriteStaticRolesNameRequest, options ...RequestOption) (*Response[schema.AwsWriteStaticRolesNameResponse], error)

AwsWriteStaticRolesName name: The name of this role.

func (*Secrets) AzureConfigure added in v0.3.0 

func (s *Secrets) AzureConfigure(ctx context.Context, request schema.AzureConfigureRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

AzureConfigure

func (*Secrets) AzureDeleteConfiguration added in v0.3.0 

func (s *Secrets) AzureDeleteConfiguration(ctx context.Context, options ...RequestOption) (*Response[map[string]interface{}], error)

AzureDeleteConfiguration

func (*Secrets) AzureDeleteRole 

func (s *Secrets) AzureDeleteRole(ctx context.Context, name string, options ...RequestOption) (*Response[map[string]interface{}], error)

AzureDeleteRole Manage the Vault roles used to generate Azure credentials. name: Name of the role.

func (*Secrets) AzureListRoles 

func (s *Secrets) AzureListRoles(ctx context.Context, options ...RequestOption) (*Response[schema.StandardListResponse], error)

AzureListRoles List existing roles.

func (*Secrets) AzureReadConfiguration added in v0.3.0 

func (s *Secrets) AzureReadConfiguration(ctx context.Context, options ...RequestOption) (*Response[map[string]interface{}], error)

AzureReadConfiguration

func (*Secrets) AzureReadRole 

func (s *Secrets) AzureReadRole(ctx context.Context, name string, options ...RequestOption) (*Response[map[string]interface{}], error)

AzureReadRole Manage the Vault roles used to generate Azure credentials. name: Name of the role.

func (*Secrets) AzureRequestServicePrincipalCredentials added in v0.3.0 

func (s *Secrets) AzureRequestServicePrincipalCredentials(ctx context.Context, role string, options ...RequestOption) (*Response[map[string]interface{}], error)

AzureRequestServicePrincipalCredentials role: Name of the Vault role

func (*Secrets) AzureRotateRoot 

func (s *Secrets) AzureRotateRoot(ctx context.Context, options ...RequestOption) (*Response[map[string]interface{}], error)

AzureRotateRoot

func (*Secrets) AzureWriteRole 

func (s *Secrets) AzureWriteRole(ctx context.Context, name string, request schema.AzureWriteRoleRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

AzureWriteRole Manage the Vault roles used to generate Azure credentials. name: Name of the role.

func (*Secrets) ConsulConfigureAccess added in v0.3.0 

func (s *Secrets) ConsulConfigureAccess(ctx context.Context, request schema.ConsulConfigureAccessRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

ConsulConfigureAccess

func (*Secrets) ConsulDeleteRole 

func (s *Secrets) ConsulDeleteRole(ctx context.Context, name string, options ...RequestOption) (*Response[map[string]interface{}], error)

ConsulDeleteRole name: Name of the role.

func (*Secrets) ConsulGenerateCredentials added in v0.3.0 

func (s *Secrets) ConsulGenerateCredentials(ctx context.Context, role string, options ...RequestOption) (*Response[map[string]interface{}], error)

ConsulGenerateCredentials role: Name of the role.

func (*Secrets) ConsulListRoles 

func (s *Secrets) ConsulListRoles(ctx context.Context, options ...RequestOption) (*Response[schema.StandardListResponse], error)

ConsulListRoles

func (*Secrets) ConsulReadAccessConfiguration added in v0.3.0 

func (s *Secrets) ConsulReadAccessConfiguration(ctx context.Context, options ...RequestOption) (*Response[map[string]interface{}], error)

ConsulReadAccessConfiguration

func (*Secrets) ConsulReadRole 

func (s *Secrets) ConsulReadRole(ctx context.Context, name string, options ...RequestOption) (*Response[map[string]interface{}], error)

ConsulReadRole name: Name of the role.

func (*Secrets) ConsulWriteRole 

func (s *Secrets) ConsulWriteRole(ctx context.Context, name string, request schema.ConsulWriteRoleRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

ConsulWriteRole name: Name of the role.

func (*Secrets) CubbyholeDelete 

func (s *Secrets) CubbyholeDelete(ctx context.Context, path string, options ...RequestOption) (*Response[map[string]interface{}], error)

CubbyholeDelete Deletes the secret at the specified location. path: Specifies the path of the secret.

func (*Secrets) CubbyholeList added in v0.4.0 

func (s *Secrets) CubbyholeList(ctx context.Context, path string, options ...RequestOption) (*Response[schema.StandardListResponse], error)

CubbyholeList List secret entries at the specified location. Folders are suffixed with /. The input must be a folder; list on a file will not return a value. The values themselves are not accessible via this command. path: Specifies the path of the secret.

func (*Secrets) CubbyholeRead 

func (s *Secrets) CubbyholeRead(ctx context.Context, path string, options ...RequestOption) (*Response[map[string]interface{}], error)

CubbyholeRead Retrieve the secret at the specified location. path: Specifies the path of the secret.

func (*Secrets) CubbyholeWrite 

func (s *Secrets) CubbyholeWrite(ctx context.Context, path string, request map[string]interface{}, options ...RequestOption) (*Response[map[string]interface{}], error)

CubbyholeWrite Store a secret at the specified location. path: Specifies the path of the secret.

func (*Secrets) DatabaseConfigureConnection added in v0.3.0 

func (s *Secrets) DatabaseConfigureConnection(ctx context.Context, name string, request schema.DatabaseConfigureConnectionRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

DatabaseConfigureConnection name: Name of this database connection

func (*Secrets) DatabaseDeleteConnectionConfiguration added in v0.3.0 

func (s *Secrets) DatabaseDeleteConnectionConfiguration(ctx context.Context, name string, options ...RequestOption) (*Response[map[string]interface{}], error)

DatabaseDeleteConnectionConfiguration name: Name of this database connection

func (*Secrets) DatabaseDeleteRole 

func (s *Secrets) DatabaseDeleteRole(ctx context.Context, name string, options ...RequestOption) (*Response[map[string]interface{}], error)

DatabaseDeleteRole Manage the roles that can be created with this backend. name: Name of the role.

func (*Secrets) DatabaseDeleteStaticRole 

func (s *Secrets) DatabaseDeleteStaticRole(ctx context.Context, name string, options ...RequestOption) (*Response[map[string]interface{}], error)

DatabaseDeleteStaticRole Manage the static roles that can be created with this backend. name: Name of the role.

func (*Secrets) DatabaseGenerateCredentials added in v0.3.0 

func (s *Secrets) DatabaseGenerateCredentials(ctx context.Context, name string, options ...RequestOption) (*Response[map[string]interface{}], error)

DatabaseGenerateCredentials Request database credentials for a certain role. name: Name of the role.

func (*Secrets) DatabaseListConnections added in v0.3.0 

func (s *Secrets) DatabaseListConnections(ctx context.Context, options ...RequestOption) (*Response[schema.StandardListResponse], error)

DatabaseListConnections Configure connection details to a database plugin.

func (*Secrets) DatabaseListRoles 

func (s *Secrets) DatabaseListRoles(ctx context.Context, options ...RequestOption) (*Response[schema.StandardListResponse], error)

DatabaseListRoles Manage the roles that can be created with this backend.

func (*Secrets) DatabaseListStaticRoles 

func (s *Secrets) DatabaseListStaticRoles(ctx context.Context, options ...RequestOption) (*Response[schema.StandardListResponse], error)

DatabaseListStaticRoles Manage the static roles that can be created with this backend.

func (*Secrets) DatabaseReadConnectionConfiguration added in v0.3.0 

func (s *Secrets) DatabaseReadConnectionConfiguration(ctx context.Context, name string, options ...RequestOption) (*Response[map[string]interface{}], error)

DatabaseReadConnectionConfiguration name: Name of this database connection

func (*Secrets) DatabaseReadRole 

func (s *Secrets) DatabaseReadRole(ctx context.Context, name string, options ...RequestOption) (*Response[map[string]interface{}], error)

DatabaseReadRole Manage the roles that can be created with this backend. name: Name of the role.

func (*Secrets) DatabaseReadStaticRole 

func (s *Secrets) DatabaseReadStaticRole(ctx context.Context, name string, options ...RequestOption) (*Response[map[string]interface{}], error)

DatabaseReadStaticRole Manage the static roles that can be created with this backend. name: Name of the role.

func (*Secrets) DatabaseReadStaticRoleCredentials added in v0.3.0 

func (s *Secrets) DatabaseReadStaticRoleCredentials(ctx context.Context, name string, options ...RequestOption) (*Response[map[string]interface{}], error)

DatabaseReadStaticRoleCredentials Request database credentials for a certain static role. These credentials are rotated periodically. name: Name of the static role.

func (*Secrets) DatabaseResetConnection added in v0.3.0 

func (s *Secrets) DatabaseResetConnection(ctx context.Context, name string, options ...RequestOption) (*Response[map[string]interface{}], error)

DatabaseResetConnection Resets a database plugin. name: Name of this database connection

func (*Secrets) DatabaseRotateRootCredentials added in v0.3.0 

func (s *Secrets) DatabaseRotateRootCredentials(ctx context.Context, name string, options ...RequestOption) (*Response[map[string]interface{}], error)

DatabaseRotateRootCredentials name: Name of this database connection

func (*Secrets) DatabaseRotateStaticRoleCredentials added in v0.3.0 

func (s *Secrets) DatabaseRotateStaticRoleCredentials(ctx context.Context, name string, options ...RequestOption) (*Response[map[string]interface{}], error)

DatabaseRotateStaticRoleCredentials name: Name of the static role

func (*Secrets) DatabaseWriteRole 

func (s *Secrets) DatabaseWriteRole(ctx context.Context, name string, request schema.DatabaseWriteRoleRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

DatabaseWriteRole Manage the roles that can be created with this backend. name: Name of the role.

func (*Secrets) DatabaseWriteStaticRole 

func (s *Secrets) DatabaseWriteStaticRole(ctx context.Context, name string, request schema.DatabaseWriteStaticRoleRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

DatabaseWriteStaticRole Manage the static roles that can be created with this backend. name: Name of the role.

func (*Secrets) GoogleCloudConfigure added in v0.3.0 

func (s *Secrets) GoogleCloudConfigure(ctx context.Context, request schema.GoogleCloudConfigureRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

GoogleCloudConfigure

func (*Secrets) GoogleCloudDeleteImpersonatedAccount added in v0.3.0 

func (s *Secrets) GoogleCloudDeleteImpersonatedAccount(ctx context.Context, name string, options ...RequestOption) (*Response[map[string]interface{}], error)

GoogleCloudDeleteImpersonatedAccount name: Required. Name to refer to this impersonated account in Vault. Cannot be updated.

func (*Secrets) GoogleCloudDeleteRoleset 

func (s *Secrets) GoogleCloudDeleteRoleset(ctx context.Context, name string, options ...RequestOption) (*Response[map[string]interface{}], error)

GoogleCloudDeleteRoleset name: Required. Name of the role.

func (*Secrets) GoogleCloudDeleteStaticAccount 

func (s *Secrets) GoogleCloudDeleteStaticAccount(ctx context.Context, name string, options ...RequestOption) (*Response[map[string]interface{}], error)

GoogleCloudDeleteStaticAccount name: Required. Name to refer to this static account in Vault. Cannot be updated.

func (*Secrets) GoogleCloudGenerateImpersonatedAccountAccessToken added in v0.3.0 

func (s *Secrets) GoogleCloudGenerateImpersonatedAccountAccessToken(ctx context.Context, name string, options ...RequestOption) (*Response[map[string]interface{}], error)

GoogleCloudGenerateImpersonatedAccountAccessToken name: Required. Name of the impersonated account.

func (*Secrets) GoogleCloudGenerateRolesetAccessToken added in v0.3.0 

func (s *Secrets) GoogleCloudGenerateRolesetAccessToken(ctx context.Context, roleset string, options ...RequestOption) (*Response[map[string]interface{}], error)

GoogleCloudGenerateRolesetAccessToken roleset: Required. Name of the role set.

func (*Secrets) GoogleCloudGenerateRolesetKey added in v0.3.0 

func (s *Secrets) GoogleCloudGenerateRolesetKey(ctx context.Context, roleset string, request schema.GoogleCloudGenerateRolesetKeyRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

GoogleCloudGenerateRolesetKey roleset: Required. Name of the role set.

func (*Secrets) GoogleCloudGenerateStaticAccountAccessToken added in v0.3.0 

func (s *Secrets) GoogleCloudGenerateStaticAccountAccessToken(ctx context.Context, name string, options ...RequestOption) (*Response[map[string]interface{}], error)

GoogleCloudGenerateStaticAccountAccessToken name: Required. Name of the static account.

func (*Secrets) GoogleCloudGenerateStaticAccountKey added in v0.3.0 

func (s *Secrets) GoogleCloudGenerateStaticAccountKey(ctx context.Context, name string, request schema.GoogleCloudGenerateStaticAccountKeyRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

GoogleCloudGenerateStaticAccountKey name: Required. Name of the static account.

func (*Secrets) GoogleCloudKmsConfigure added in v0.3.0 

func (s *Secrets) GoogleCloudKmsConfigure(ctx context.Context, request schema.GoogleCloudKmsConfigureRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

GoogleCloudKmsConfigure

func (*Secrets) GoogleCloudKmsConfigureKey added in v0.3.0 

func (s *Secrets) GoogleCloudKmsConfigureKey(ctx context.Context, key string, request schema.GoogleCloudKmsConfigureKeyRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

GoogleCloudKmsConfigureKey key: Name of the key in Vault.

func (*Secrets) GoogleCloudKmsDecrypt added in v0.3.0 

func (s *Secrets) GoogleCloudKmsDecrypt(ctx context.Context, key string, request schema.GoogleCloudKmsDecryptRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

GoogleCloudKmsDecrypt Decrypt a ciphertext value using a named key key: Name of the key in Vault to use for decryption. This key must already exist in Vault and must map back to a Google Cloud KMS key.

func (*Secrets) GoogleCloudKmsDeleteConfiguration added in v0.3.0 

func (s *Secrets) GoogleCloudKmsDeleteConfiguration(ctx context.Context, options ...RequestOption) (*Response[map[string]interface{}], error)

GoogleCloudKmsDeleteConfiguration

func (*Secrets) GoogleCloudKmsDeleteKey added in v0.3.0 

func (s *Secrets) GoogleCloudKmsDeleteKey(ctx context.Context, key string, options ...RequestOption) (*Response[map[string]interface{}], error)

GoogleCloudKmsDeleteKey Interact with crypto keys in Vault and Google Cloud KMS key: Name of the key in Vault.

func (*Secrets) GoogleCloudKmsDeregisterKey added in v0.3.0 

func (s *Secrets) GoogleCloudKmsDeregisterKey(ctx context.Context, key string, options ...RequestOption) (*Response[map[string]interface{}], error)

GoogleCloudKmsDeregisterKey key: Name of the key to deregister in Vault. If the key exists in Google Cloud KMS, it will be left untouched.

func (*Secrets) GoogleCloudKmsEncrypt added in v0.3.0 

func (s *Secrets) GoogleCloudKmsEncrypt(ctx context.Context, key string, request schema.GoogleCloudKmsEncryptRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

GoogleCloudKmsEncrypt Encrypt a plaintext value using a named key key: Name of the key in Vault to use for encryption. This key must already exist in Vault and must map back to a Google Cloud KMS key.

func (*Secrets) GoogleCloudKmsListKeys added in v0.3.0 

func (s *Secrets) GoogleCloudKmsListKeys(ctx context.Context, options ...RequestOption) (*Response[schema.StandardListResponse], error)

GoogleCloudKmsListKeys List named keys

func (*Secrets) GoogleCloudKmsReadConfiguration added in v0.3.0 

func (s *Secrets) GoogleCloudKmsReadConfiguration(ctx context.Context, options ...RequestOption) (*Response[map[string]interface{}], error)

GoogleCloudKmsReadConfiguration

func (*Secrets) GoogleCloudKmsReadKey added in v0.3.0 

func (s *Secrets) GoogleCloudKmsReadKey(ctx context.Context, key string, options ...RequestOption) (*Response[map[string]interface{}], error)

GoogleCloudKmsReadKey Interact with crypto keys in Vault and Google Cloud KMS key: Name of the key in Vault.

func (*Secrets) GoogleCloudKmsReadKeyConfiguration added in v0.3.0 

func (s *Secrets) GoogleCloudKmsReadKeyConfiguration(ctx context.Context, key string, options ...RequestOption) (*Response[map[string]interface{}], error)

GoogleCloudKmsReadKeyConfiguration key: Name of the key in Vault.

func (*Secrets) GoogleCloudKmsReencrypt added in v0.3.0 

func (s *Secrets) GoogleCloudKmsReencrypt(ctx context.Context, key string, request schema.GoogleCloudKmsReencryptRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

GoogleCloudKmsReencrypt Re-encrypt existing ciphertext data to a new version key: Name of the key to use for encryption. This key must already exist in Vault and Google Cloud KMS.

func (*Secrets) GoogleCloudKmsRegisterKey added in v0.3.0 

func (s *Secrets) GoogleCloudKmsRegisterKey(ctx context.Context, key string, request schema.GoogleCloudKmsRegisterKeyRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

GoogleCloudKmsRegisterKey Register an existing crypto key in Google Cloud KMS key: Name of the key to register in Vault. This will be the named used to refer to the underlying crypto key when encrypting or decrypting data.

func (*Secrets) GoogleCloudKmsRetrievePublicKey added in v0.3.0 

func (s *Secrets) GoogleCloudKmsRetrievePublicKey(ctx context.Context, key string, options ...RequestOption) (*Response[map[string]interface{}], error)

GoogleCloudKmsRetrievePublicKey Retrieve the public key associated with the named key key: Name of the key for which to get the public key. This key must already exist in Vault and Google Cloud KMS.

func (*Secrets) GoogleCloudKmsRotateKey added in v0.3.0 

func (s *Secrets) GoogleCloudKmsRotateKey(ctx context.Context, key string, options ...RequestOption) (*Response[map[string]interface{}], error)

GoogleCloudKmsRotateKey Rotate a crypto key to a new primary version key: Name of the key to rotate. This key must already be registered with Vault and point to a valid Google Cloud KMS crypto key.

func (*Secrets) GoogleCloudKmsSign added in v0.3.0 

func (s *Secrets) GoogleCloudKmsSign(ctx context.Context, key string, request schema.GoogleCloudKmsSignRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

GoogleCloudKmsSign Signs a message or digest using a named key key: Name of the key in Vault to use for signing. This key must already exist in Vault and must map back to a Google Cloud KMS key.

func (*Secrets) GoogleCloudKmsTrimKeyVersions added in v0.3.0 

func (s *Secrets) GoogleCloudKmsTrimKeyVersions(ctx context.Context, key string, options ...RequestOption) (*Response[map[string]interface{}], error)

GoogleCloudKmsTrimKeyVersions key: Name of the key in Vault.

func (*Secrets) GoogleCloudKmsVerify added in v0.3.0 

func (s *Secrets) GoogleCloudKmsVerify(ctx context.Context, key string, request schema.GoogleCloudKmsVerifyRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

GoogleCloudKmsVerify Verify a signature using a named key key: Name of the key in Vault to use for verification. This key must already exist in Vault and must map back to a Google Cloud KMS key.

func (*Secrets) GoogleCloudKmsWriteKey added in v0.3.0 

func (s *Secrets) GoogleCloudKmsWriteKey(ctx context.Context, key string, request schema.GoogleCloudKmsWriteKeyRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

GoogleCloudKmsWriteKey Interact with crypto keys in Vault and Google Cloud KMS key: Name of the key in Vault.

func (*Secrets) GoogleCloudListImpersonatedAccounts added in v0.3.0 

func (s *Secrets) GoogleCloudListImpersonatedAccounts(ctx context.Context, options ...RequestOption) (*Response[schema.StandardListResponse], error)

GoogleCloudListImpersonatedAccounts

func (*Secrets) GoogleCloudListRolesets 

func (s *Secrets) GoogleCloudListRolesets(ctx context.Context, options ...RequestOption) (*Response[schema.StandardListResponse], error)

GoogleCloudListRolesets

func (*Secrets) GoogleCloudListStaticAccounts 

func (s *Secrets) GoogleCloudListStaticAccounts(ctx context.Context, options ...RequestOption) (*Response[schema.StandardListResponse], error)

GoogleCloudListStaticAccounts

func (*Secrets) GoogleCloudReadConfiguration added in v0.3.0 

func (s *Secrets) GoogleCloudReadConfiguration(ctx context.Context, options ...RequestOption) (*Response[map[string]interface{}], error)

GoogleCloudReadConfiguration

func (*Secrets) GoogleCloudReadImpersonatedAccount added in v0.3.0 

func (s *Secrets) GoogleCloudReadImpersonatedAccount(ctx context.Context, name string, options ...RequestOption) (*Response[map[string]interface{}], error)

GoogleCloudReadImpersonatedAccount name: Required. Name to refer to this impersonated account in Vault. Cannot be updated.

func (*Secrets) GoogleCloudReadRoleset 

func (s *Secrets) GoogleCloudReadRoleset(ctx context.Context, name string, options ...RequestOption) (*Response[map[string]interface{}], error)

GoogleCloudReadRoleset name: Required. Name of the role.

func (*Secrets) GoogleCloudReadStaticAccount 

func (s *Secrets) GoogleCloudReadStaticAccount(ctx context.Context, name string, options ...RequestOption) (*Response[map[string]interface{}], error)

GoogleCloudReadStaticAccount name: Required. Name to refer to this static account in Vault. Cannot be updated.

func (*Secrets) GoogleCloudRotateRoleset 

func (s *Secrets) GoogleCloudRotateRoleset(ctx context.Context, name string, options ...RequestOption) (*Response[map[string]interface{}], error)

GoogleCloudRotateRoleset name: Name of the role.

func (*Secrets) GoogleCloudRotateRolesetKey 

func (s *Secrets) GoogleCloudRotateRolesetKey(ctx context.Context, name string, options ...RequestOption) (*Response[map[string]interface{}], error)

GoogleCloudRotateRolesetKey name: Name of the role.

func (*Secrets) GoogleCloudRotateRootCredentials added in v0.3.0 

func (s *Secrets) GoogleCloudRotateRootCredentials(ctx context.Context, options ...RequestOption) (*Response[map[string]interface{}], error)

GoogleCloudRotateRootCredentials

func (*Secrets) GoogleCloudRotateStaticAccountKey 

func (s *Secrets) GoogleCloudRotateStaticAccountKey(ctx context.Context, name string, options ...RequestOption) (*Response[map[string]interface{}], error)

GoogleCloudRotateStaticAccountKey name: Name of the account.

func (*Secrets) GoogleCloudWriteImpersonatedAccount added in v0.3.0 

func (s *Secrets) GoogleCloudWriteImpersonatedAccount(ctx context.Context, name string, request schema.GoogleCloudWriteImpersonatedAccountRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

GoogleCloudWriteImpersonatedAccount name: Required. Name to refer to this impersonated account in Vault. Cannot be updated.

func (*Secrets) GoogleCloudWriteRoleset 

func (s *Secrets) GoogleCloudWriteRoleset(ctx context.Context, name string, request schema.GoogleCloudWriteRolesetRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

GoogleCloudWriteRoleset name: Required. Name of the role.

func (*Secrets) GoogleCloudWriteStaticAccount 

func (s *Secrets) GoogleCloudWriteStaticAccount(ctx context.Context, name string, request schema.GoogleCloudWriteStaticAccountRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

GoogleCloudWriteStaticAccount name: Required. Name to refer to this static account in Vault. Cannot be updated.

func (*Secrets) KubernetesCheckConfiguration added in v0.3.0 

func (s *Secrets) KubernetesCheckConfiguration(ctx context.Context, options ...RequestOption) (*Response[map[string]interface{}], error)

KubernetesCheckConfiguration

func (*Secrets) KubernetesConfigure added in v0.3.0 

func (s *Secrets) KubernetesConfigure(ctx context.Context, request schema.KubernetesConfigureRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

KubernetesConfigure

func (*Secrets) KubernetesDeleteConfiguration added in v0.3.0 

func (s *Secrets) KubernetesDeleteConfiguration(ctx context.Context, options ...RequestOption) (*Response[map[string]interface{}], error)

KubernetesDeleteConfiguration

func (*Secrets) KubernetesDeleteRole 

func (s *Secrets) KubernetesDeleteRole(ctx context.Context, name string, options ...RequestOption) (*Response[map[string]interface{}], error)

KubernetesDeleteRole name: Name of the role

func (*Secrets) KubernetesGenerateCredentials added in v0.3.0 

func (s *Secrets) KubernetesGenerateCredentials(ctx context.Context, name string, request schema.KubernetesGenerateCredentialsRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

KubernetesGenerateCredentials name: Name of the Vault role

func (*Secrets) KubernetesListRoles 

func (s *Secrets) KubernetesListRoles(ctx context.Context, options ...RequestOption) (*Response[schema.StandardListResponse], error)

KubernetesListRoles

func (*Secrets) KubernetesReadConfiguration added in v0.3.0 

func (s *Secrets) KubernetesReadConfiguration(ctx context.Context, options ...RequestOption) (*Response[map[string]interface{}], error)

KubernetesReadConfiguration

func (*Secrets) KubernetesReadRole 

func (s *Secrets) KubernetesReadRole(ctx context.Context, name string, options ...RequestOption) (*Response[map[string]interface{}], error)

KubernetesReadRole name: Name of the role

func (*Secrets) KubernetesWriteRole 

func (s *Secrets) KubernetesWriteRole(ctx context.Context, name string, request schema.KubernetesWriteRoleRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

KubernetesWriteRole name: Name of the role

func (*Secrets) KvV1Delete added in v0.3.0 

func (s *Secrets) KvV1Delete(ctx context.Context, path string, options ...RequestOption) (*Response[map[string]interface{}], error)

KvV1Delete path: Location of the secret.

func (*Secrets) KvV1List added in v0.4.0 

func (s *Secrets) KvV1List(ctx context.Context, path string, options ...RequestOption) (*Response[schema.StandardListResponse], error)

KvV1List path: Location of the secret.

func (*Secrets) KvV1Read added in v0.3.0 

func (s *Secrets) KvV1Read(ctx context.Context, path string, options ...RequestOption) (*Response[map[string]interface{}], error)

KvV1Read path: Location of the secret.

func (*Secrets) KvV1Write added in v0.3.0 

func (s *Secrets) KvV1Write(ctx context.Context, path string, request map[string]interface{}, options ...RequestOption) (*Response[map[string]interface{}], error)

KvV1Write path: Location of the secret.

func (*Secrets) KvV2Configure added in v0.3.0 

func (s *Secrets) KvV2Configure(ctx context.Context, request schema.KvV2ConfigureRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

KvV2Configure Configure backend level settings that are applied to every key in the key-value store.

func (*Secrets) KvV2Delete added in v0.3.0 

func (s *Secrets) KvV2Delete(ctx context.Context, path string, options ...RequestOption) (*Response[map[string]interface{}], error)

KvV2Delete path: Location of the secret.

func (*Secrets) KvV2DeleteMetadataAndAllVersions added in v0.4.0 

func (s *Secrets) KvV2DeleteMetadataAndAllVersions(ctx context.Context, path string, options ...RequestOption) (*Response[map[string]interface{}], error)

KvV2DeleteMetadataAndAllVersions path: Location of the secret.

func (*Secrets) KvV2DeleteVersions added in v0.3.0 

func (s *Secrets) KvV2DeleteVersions(ctx context.Context, path string, request schema.KvV2DeleteVersionsRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

KvV2DeleteVersions path: Location of the secret.

func (*Secrets) KvV2DestroyVersions added in v0.3.0 

func (s *Secrets) KvV2DestroyVersions(ctx context.Context, path string, request schema.KvV2DestroyVersionsRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

KvV2DestroyVersions path: Location of the secret.

func (*Secrets) KvV2List added in v0.4.0 

func (s *Secrets) KvV2List(ctx context.Context, path string, options ...RequestOption) (*Response[schema.StandardListResponse], error)

KvV2List path: Location of the secret.

func (*Secrets) KvV2Read added in v0.3.0 

func (s *Secrets) KvV2Read(ctx context.Context, path string, options ...RequestOption) (*Response[schema.KvV2ReadResponse], error)

KvV2Read path: Location of the secret.

func (*Secrets) KvV2ReadConfiguration added in v0.3.0 

func (s *Secrets) KvV2ReadConfiguration(ctx context.Context, options ...RequestOption) (*Response[schema.KvV2ReadConfigurationResponse], error)

KvV2ReadConfiguration Read the backend level settings.

func (*Secrets) KvV2ReadMetadata added in v0.3.0 

func (s *Secrets) KvV2ReadMetadata(ctx context.Context, path string, options ...RequestOption) (*Response[schema.KvV2ReadMetadataResponse], error)

KvV2ReadMetadata path: Location of the secret.

func (*Secrets) KvV2ReadSubkeys added in v0.3.0 

func (s *Secrets) KvV2ReadSubkeys(ctx context.Context, path string, options ...RequestOption) (*Response[schema.KvV2ReadSubkeysResponse], error)

KvV2ReadSubkeys path: Location of the secret.

func (*Secrets) KvV2UndeleteVersions added in v0.3.0 

func (s *Secrets) KvV2UndeleteVersions(ctx context.Context, path string, request schema.KvV2UndeleteVersionsRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

KvV2UndeleteVersions path: Location of the secret.

func (*Secrets) KvV2Write added in v0.3.0 

func (s *Secrets) KvV2Write(ctx context.Context, path string, request schema.KvV2WriteRequest, options ...RequestOption) (*Response[schema.KvV2WriteResponse], error)

KvV2Write path: Location of the secret.

func (*Secrets) KvV2WriteMetadata added in v0.3.0 

func (s *Secrets) KvV2WriteMetadata(ctx context.Context, path string, request schema.KvV2WriteMetadataRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

KvV2WriteMetadata path: Location of the secret.

func (*Secrets) LdapConfigure added in v0.3.0 

func (s *Secrets) LdapConfigure(ctx context.Context, request schema.LdapConfigureRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

LdapConfigure

func (*Secrets) LdapDeleteConfiguration added in v0.3.0 

func (s *Secrets) LdapDeleteConfiguration(ctx context.Context, options ...RequestOption) (*Response[map[string]interface{}], error)

LdapDeleteConfiguration

func (*Secrets) LdapDeleteDynamicRole added in v0.3.0 

func (s *Secrets) LdapDeleteDynamicRole(ctx context.Context, name string, options ...RequestOption) (*Response[map[string]interface{}], error)

LdapDeleteDynamicRole name: Name of the role (lowercase)

func (*Secrets) LdapDeleteStaticRole added in v0.3.0 

func (s *Secrets) LdapDeleteStaticRole(ctx context.Context, name string, options ...RequestOption) (*Response[map[string]interface{}], error)

LdapDeleteStaticRole name: Name of the role

func (*Secrets) LdapLibraryCheckIn added in v0.3.0 

func (s *Secrets) LdapLibraryCheckIn(ctx context.Context, name string, request schema.LdapLibraryCheckInRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

LdapLibraryCheckIn Check service accounts in to the library. name: Name of the set.

func (*Secrets) LdapLibraryCheckOut added in v0.3.0 

func (s *Secrets) LdapLibraryCheckOut(ctx context.Context, name string, request schema.LdapLibraryCheckOutRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

LdapLibraryCheckOut Check a service account out from the library. name: Name of the set

func (*Secrets) LdapLibraryCheckStatus added in v0.3.0 

func (s *Secrets) LdapLibraryCheckStatus(ctx context.Context, name string, options ...RequestOption) (*Response[map[string]interface{}], error)

LdapLibraryCheckStatus Check the status of the service accounts in a library set. name: Name of the set.

func (*Secrets) LdapLibraryConfigure added in v0.3.0 

func (s *Secrets) LdapLibraryConfigure(ctx context.Context, name string, request schema.LdapLibraryConfigureRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

LdapLibraryConfigure Update a library set. name: Name of the set.

func (*Secrets) LdapLibraryDelete added in v0.3.0 

func (s *Secrets) LdapLibraryDelete(ctx context.Context, name string, options ...RequestOption) (*Response[map[string]interface{}], error)

LdapLibraryDelete Delete a library set. name: Name of the set.

func (*Secrets) LdapLibraryForceCheckIn added in v0.3.0 

func (s *Secrets) LdapLibraryForceCheckIn(ctx context.Context, name string, request schema.LdapLibraryForceCheckInRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

LdapLibraryForceCheckIn Check service accounts in to the library. name: Name of the set.

func (*Secrets) LdapLibraryList added in v0.3.0 

func (s *Secrets) LdapLibraryList(ctx context.Context, options ...RequestOption) (*Response[schema.StandardListResponse], error)

LdapLibraryList

func (*Secrets) LdapLibraryRead added in v0.3.0 

func (s *Secrets) LdapLibraryRead(ctx context.Context, name string, options ...RequestOption) (*Response[map[string]interface{}], error)

LdapLibraryRead Read a library set. name: Name of the set.

func (*Secrets) LdapListDynamicRoles added in v0.3.0 

func (s *Secrets) LdapListDynamicRoles(ctx context.Context, options ...RequestOption) (*Response[schema.StandardListResponse], error)

LdapListDynamicRoles

func (*Secrets) LdapListStaticRoles added in v0.3.0 

func (s *Secrets) LdapListStaticRoles(ctx context.Context, options ...RequestOption) (*Response[schema.StandardListResponse], error)

LdapListStaticRoles

func (*Secrets) LdapReadConfiguration added in v0.3.0 

func (s *Secrets) LdapReadConfiguration(ctx context.Context, options ...RequestOption) (*Response[map[string]interface{}], error)

LdapReadConfiguration

func (*Secrets) LdapReadDynamicRole added in v0.3.0 

func (s *Secrets) LdapReadDynamicRole(ctx context.Context, name string, options ...RequestOption) (*Response[map[string]interface{}], error)

LdapReadDynamicRole name: Name of the role (lowercase)

func (*Secrets) LdapReadStaticRole added in v0.3.0 

func (s *Secrets) LdapReadStaticRole(ctx context.Context, name string, options ...RequestOption) (*Response[map[string]interface{}], error)

LdapReadStaticRole name: Name of the role

func (*Secrets) LdapRequestDynamicRoleCredentials added in v0.3.0 

func (s *Secrets) LdapRequestDynamicRoleCredentials(ctx context.Context, name string, options ...RequestOption) (*Response[map[string]interface{}], error)

LdapRequestDynamicRoleCredentials name: Name of the dynamic role.

func (*Secrets) LdapRequestStaticRoleCredentials added in v0.3.0 

func (s *Secrets) LdapRequestStaticRoleCredentials(ctx context.Context, name string, options ...RequestOption) (*Response[map[string]interface{}], error)

LdapRequestStaticRoleCredentials name: Name of the static role.

func (*Secrets) LdapRotateRootCredentials added in v0.3.0 

func (s *Secrets) LdapRotateRootCredentials(ctx context.Context, options ...RequestOption) (*Response[map[string]interface{}], error)

LdapRotateRootCredentials

func (*Secrets) LdapRotateStaticRole added in v0.3.0 

func (s *Secrets) LdapRotateStaticRole(ctx context.Context, name string, options ...RequestOption) (*Response[map[string]interface{}], error)

LdapRotateStaticRole name: Name of the static role

func (*Secrets) LdapWriteDynamicRole added in v0.3.0 

func (s *Secrets) LdapWriteDynamicRole(ctx context.Context, name string, request schema.LdapWriteDynamicRoleRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

LdapWriteDynamicRole name: Name of the role (lowercase)

func (*Secrets) LdapWriteStaticRole added in v0.3.0 

func (s *Secrets) LdapWriteStaticRole(ctx context.Context, name string, request schema.LdapWriteStaticRoleRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

LdapWriteStaticRole name: Name of the role

func (*Secrets) MongoDbAtlasConfigure added in v0.3.0 

func (s *Secrets) MongoDbAtlasConfigure(ctx context.Context, request schema.MongoDbAtlasConfigureRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

MongoDbAtlasConfigure

func (*Secrets) MongoDbAtlasDeleteRole added in v0.3.0 

func (s *Secrets) MongoDbAtlasDeleteRole(ctx context.Context, name string, options ...RequestOption) (*Response[map[string]interface{}], error)

MongoDbAtlasDeleteRole Manage the roles used to generate MongoDB Atlas Programmatic API Keys. name: Name of the Roles

func (*Secrets) MongoDbAtlasGenerateCredentials added in v0.3.0 

func (s *Secrets) MongoDbAtlasGenerateCredentials(ctx context.Context, name string, options ...RequestOption) (*Response[map[string]interface{}], error)

MongoDbAtlasGenerateCredentials name: Name of the role

func (*Secrets) MongoDbAtlasListRoles added in v0.3.0 

func (s *Secrets) MongoDbAtlasListRoles(ctx context.Context, options ...RequestOption) (*Response[schema.StandardListResponse], error)

MongoDbAtlasListRoles List the existing roles in this backend

func (*Secrets) MongoDbAtlasReadConfiguration added in v0.3.0 

func (s *Secrets) MongoDbAtlasReadConfiguration(ctx context.Context, options ...RequestOption) (*Response[map[string]interface{}], error)

MongoDbAtlasReadConfiguration

func (*Secrets) MongoDbAtlasReadRole added in v0.3.0 

func (s *Secrets) MongoDbAtlasReadRole(ctx context.Context, name string, options ...RequestOption) (*Response[map[string]interface{}], error)

MongoDbAtlasReadRole Manage the roles used to generate MongoDB Atlas Programmatic API Keys. name: Name of the Roles

func (*Secrets) MongoDbAtlasWriteRole added in v0.3.0 

func (s *Secrets) MongoDbAtlasWriteRole(ctx context.Context, name string, request schema.MongoDbAtlasWriteRoleRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

MongoDbAtlasWriteRole Manage the roles used to generate MongoDB Atlas Programmatic API Keys. name: Name of the Roles

func (*Secrets) NomadConfigureAccess added in v0.3.0 

func (s *Secrets) NomadConfigureAccess(ctx context.Context, request schema.NomadConfigureAccessRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

NomadConfigureAccess

func (*Secrets) NomadConfigureLease added in v0.3.0 

func (s *Secrets) NomadConfigureLease(ctx context.Context, request schema.NomadConfigureLeaseRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

NomadConfigureLease

func (*Secrets) NomadDeleteAccessConfiguration added in v0.3.0 

func (s *Secrets) NomadDeleteAccessConfiguration(ctx context.Context, options ...RequestOption) (*Response[map[string]interface{}], error)

NomadDeleteAccessConfiguration

func (*Secrets) NomadDeleteLeaseConfiguration added in v0.3.0 

func (s *Secrets) NomadDeleteLeaseConfiguration(ctx context.Context, options ...RequestOption) (*Response[map[string]interface{}], error)

NomadDeleteLeaseConfiguration

func (*Secrets) NomadDeleteRole 

func (s *Secrets) NomadDeleteRole(ctx context.Context, name string, options ...RequestOption) (*Response[map[string]interface{}], error)

NomadDeleteRole name: Name of the role

func (*Secrets) NomadGenerateCredentials added in v0.3.0 

func (s *Secrets) NomadGenerateCredentials(ctx context.Context, name string, options ...RequestOption) (*Response[map[string]interface{}], error)

NomadGenerateCredentials name: Name of the role

func (*Secrets) NomadListRoles 

func (s *Secrets) NomadListRoles(ctx context.Context, options ...RequestOption) (*Response[schema.StandardListResponse], error)

NomadListRoles

func (*Secrets) NomadReadAccessConfiguration added in v0.3.0 

func (s *Secrets) NomadReadAccessConfiguration(ctx context.Context, options ...RequestOption) (*Response[map[string]interface{}], error)

NomadReadAccessConfiguration

func (*Secrets) NomadReadLeaseConfiguration added in v0.3.0 

func (s *Secrets) NomadReadLeaseConfiguration(ctx context.Context, options ...RequestOption) (*Response[map[string]interface{}], error)

NomadReadLeaseConfiguration

func (*Secrets) NomadReadRole 

func (s *Secrets) NomadReadRole(ctx context.Context, name string, options ...RequestOption) (*Response[map[string]interface{}], error)

NomadReadRole name: Name of the role

func (*Secrets) NomadWriteRole 

func (s *Secrets) NomadWriteRole(ctx context.Context, name string, request schema.NomadWriteRoleRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

NomadWriteRole name: Name of the role

func (*Secrets) PkiConfigureAcme added in v0.4.0 

func (s *Secrets) PkiConfigureAcme(ctx context.Context, request schema.PkiConfigureAcmeRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

PkiConfigureAcme

func (*Secrets) PkiConfigureAutoTidy added in v0.3.0 

func (s *Secrets) PkiConfigureAutoTidy(ctx context.Context, request schema.PkiConfigureAutoTidyRequest, options ...RequestOption) (*Response[schema.PkiConfigureAutoTidyResponse], error)

PkiConfigureAutoTidy

func (*Secrets) PkiConfigureCa added in v0.3.0 

func (s *Secrets) PkiConfigureCa(ctx context.Context, request schema.PkiConfigureCaRequest, options ...RequestOption) (*Response[schema.PkiConfigureCaResponse], error)

PkiConfigureCa

func (*Secrets) PkiConfigureCluster added in v0.3.0 

func (s *Secrets) PkiConfigureCluster(ctx context.Context, request schema.PkiConfigureClusterRequest, options ...RequestOption) (*Response[schema.PkiConfigureClusterResponse], error)

PkiConfigureCluster

func (*Secrets) PkiConfigureCrl added in v0.3.0 

func (s *Secrets) PkiConfigureCrl(ctx context.Context, request schema.PkiConfigureCrlRequest, options ...RequestOption) (*Response[schema.PkiConfigureCrlResponse], error)

PkiConfigureCrl

func (*Secrets) PkiConfigureIssuers added in v0.3.0 

func (s *Secrets) PkiConfigureIssuers(ctx context.Context, request schema.PkiConfigureIssuersRequest, options ...RequestOption) (*Response[schema.PkiConfigureIssuersResponse], error)

PkiConfigureIssuers

func (*Secrets) PkiConfigureKeys added in v0.3.0 

func (s *Secrets) PkiConfigureKeys(ctx context.Context, request schema.PkiConfigureKeysRequest, options ...RequestOption) (*Response[schema.PkiConfigureKeysResponse], error)

PkiConfigureKeys

func (*Secrets) PkiConfigureUrls added in v0.3.0 

func (s *Secrets) PkiConfigureUrls(ctx context.Context, request schema.PkiConfigureUrlsRequest, options ...RequestOption) (*Response[schema.PkiConfigureUrlsResponse], error)

PkiConfigureUrls

func (*Secrets) PkiCrossSignIntermediate added in v0.3.0 

func (s *Secrets) PkiCrossSignIntermediate(ctx context.Context, request schema.PkiCrossSignIntermediateRequest, options ...RequestOption) (*Response[schema.PkiCrossSignIntermediateResponse], error)

PkiCrossSignIntermediate

func (*Secrets) PkiDeleteEabKey added in v0.4.0 

func (s *Secrets) PkiDeleteEabKey(ctx context.Context, keyId string, options ...RequestOption) (*Response[map[string]interface{}], error)

PkiDeleteEabKey keyId: EAB key identifier

func (*Secrets) PkiDeleteIssuer added in v0.3.0 

func (s *Secrets) PkiDeleteIssuer(ctx context.Context, issuerRef string, options ...RequestOption) (*Response[map[string]interface{}], error)

PkiDeleteIssuer issuerRef: Reference to a existing issuer; either \"default\" for the configured default issuer, an identifier or the name assigned to the issuer.

func (*Secrets) PkiDeleteKey added in v0.3.0 

func (s *Secrets) PkiDeleteKey(ctx context.Context, keyRef string, options ...RequestOption) (*Response[map[string]interface{}], error)

PkiDeleteKey keyRef: Reference to key; either \"default\" for the configured default key, an identifier of a key, or the name assigned to the key.

func (*Secrets) PkiDeleteRole added in v0.3.0 

func (s *Secrets) PkiDeleteRole(ctx context.Context, name string, options ...RequestOption) (*Response[map[string]interface{}], error)

PkiDeleteRole name: Name of the role

func (*Secrets) PkiDeleteRoot added in v0.3.0 

func (s *Secrets) PkiDeleteRoot(ctx context.Context, options ...RequestOption) (*Response[map[string]interface{}], error)

PkiDeleteRoot

func (*Secrets) PkiGenerateEabKey added in v0.4.0 

func (s *Secrets) PkiGenerateEabKey(ctx context.Context, options ...RequestOption) (*Response[schema.PkiGenerateEabKeyResponse], error)

PkiGenerateEabKey

func (*Secrets) PkiGenerateEabKeyForIssuer added in v0.4.0 

func (s *Secrets) PkiGenerateEabKeyForIssuer(ctx context.Context, issuerRef string, options ...RequestOption) (*Response[schema.PkiGenerateEabKeyForIssuerResponse], error)

PkiGenerateEabKeyForIssuer issuerRef: Reference to an existing issuer name or issuer id

func (*Secrets) PkiGenerateEabKeyForIssuerAndRole added in v0.4.0 

func (s *Secrets) PkiGenerateEabKeyForIssuerAndRole(ctx context.Context, issuerRef string, role string, options ...RequestOption) (*Response[schema.PkiGenerateEabKeyForIssuerAndRoleResponse], error)

PkiGenerateEabKeyForIssuerAndRole issuerRef: Reference to an existing issuer name or issuer id role: The desired role for the acme request

func (*Secrets) PkiGenerateEabKeyForRole added in v0.4.0 

func (s *Secrets) PkiGenerateEabKeyForRole(ctx context.Context, role string, options ...RequestOption) (*Response[schema.PkiGenerateEabKeyForRoleResponse], error)

PkiGenerateEabKeyForRole role: The desired role for the acme request

func (*Secrets) PkiGenerateExportedKey added in v0.3.0 

func (s *Secrets) PkiGenerateExportedKey(ctx context.Context, request schema.PkiGenerateExportedKeyRequest, options ...RequestOption) (*Response[schema.PkiGenerateExportedKeyResponse], error)

PkiGenerateExportedKey

func (*Secrets) PkiGenerateIntermediate added in v0.3.0 

func (s *Secrets) PkiGenerateIntermediate(ctx context.Context, exported string, request schema.PkiGenerateIntermediateRequest, options ...RequestOption) (*Response[schema.PkiGenerateIntermediateResponse], error)

PkiGenerateIntermediate exported: Must be \"internal\", \"exported\" or \"kms\". If set to \"exported\", the generated private key will be returned. This is your *only* chance to retrieve the private key!

func (*Secrets) PkiGenerateInternalKey added in v0.3.0 

func (s *Secrets) PkiGenerateInternalKey(ctx context.Context, request schema.PkiGenerateInternalKeyRequest, options ...RequestOption) (*Response[schema.PkiGenerateInternalKeyResponse], error)

PkiGenerateInternalKey

func (*Secrets) PkiGenerateKmsKey added in v0.3.0 

func (s *Secrets) PkiGenerateKmsKey(ctx context.Context, request schema.PkiGenerateKmsKeyRequest, options ...RequestOption) (*Response[schema.PkiGenerateKmsKeyResponse], error)

PkiGenerateKmsKey

func (*Secrets) PkiGenerateRoot added in v0.3.0 

func (s *Secrets) PkiGenerateRoot(ctx context.Context, exported string, request schema.PkiGenerateRootRequest, options ...RequestOption) (*Response[schema.PkiGenerateRootResponse], error)

PkiGenerateRoot exported: Must be \"internal\", \"exported\" or \"kms\". If set to \"exported\", the generated private key will be returned. This is your *only* chance to retrieve the private key!

func (*Secrets) PkiImportKey added in v0.3.0 

func (s *Secrets) PkiImportKey(ctx context.Context, request schema.PkiImportKeyRequest, options ...RequestOption) (*Response[schema.PkiImportKeyResponse], error)

PkiImportKey

func (*Secrets) PkiIssueWithRole added in v0.3.0 

func (s *Secrets) PkiIssueWithRole(ctx context.Context, role string, request schema.PkiIssueWithRoleRequest, options ...RequestOption) (*Response[schema.PkiIssueWithRoleResponse], error)

PkiIssueWithRole role: The desired role with configuration for this request

func (*Secrets) PkiIssuerIssueWithRole added in v0.3.0 

func (s *Secrets) PkiIssuerIssueWithRole(ctx context.Context, issuerRef string, role string, request schema.PkiIssuerIssueWithRoleRequest, options ...RequestOption) (*Response[schema.PkiIssuerIssueWithRoleResponse], error)

PkiIssuerIssueWithRole issuerRef: Reference to a existing issuer; either \"default\" for the configured default issuer, an identifier or the name assigned to the issuer. role: The desired role with configuration for this request

func (*Secrets) PkiIssuerReadCrl added in v0.3.0 

func (s *Secrets) PkiIssuerReadCrl(ctx context.Context, issuerRef string, options ...RequestOption) (*Response[schema.PkiIssuerReadCrlResponse], error)

PkiIssuerReadCrl issuerRef: Reference to a existing issuer; either \"default\" for the configured default issuer, an identifier or the name assigned to the issuer.

func (*Secrets) PkiIssuerReadCrlDelta added in v0.3.0 

func (s *Secrets) PkiIssuerReadCrlDelta(ctx context.Context, issuerRef string, options ...RequestOption) (*Response[schema.PkiIssuerReadCrlDeltaResponse], error)

PkiIssuerReadCrlDelta issuerRef: Reference to a existing issuer; either \"default\" for the configured default issuer, an identifier or the name assigned to the issuer.

func (*Secrets) PkiIssuerReadCrlDeltaDer added in v0.3.0 

func (s *Secrets) PkiIssuerReadCrlDeltaDer(ctx context.Context, issuerRef string, options ...RequestOption) (*Response[schema.PkiIssuerReadCrlDeltaDerResponse], error)

PkiIssuerReadCrlDeltaDer issuerRef: Reference to a existing issuer; either \"default\" for the configured default issuer, an identifier or the name assigned to the issuer.

func (*Secrets) PkiIssuerReadCrlDeltaPem added in v0.3.0 

func (s *Secrets) PkiIssuerReadCrlDeltaPem(ctx context.Context, issuerRef string, options ...RequestOption) (*Response[schema.PkiIssuerReadCrlDeltaPemResponse], error)

PkiIssuerReadCrlDeltaPem issuerRef: Reference to a existing issuer; either \"default\" for the configured default issuer, an identifier or the name assigned to the issuer.

func (*Secrets) PkiIssuerReadCrlDer added in v0.3.0 

func (s *Secrets) PkiIssuerReadCrlDer(ctx context.Context, issuerRef string, options ...RequestOption) (*Response[schema.PkiIssuerReadCrlDerResponse], error)

PkiIssuerReadCrlDer issuerRef: Reference to a existing issuer; either \"default\" for the configured default issuer, an identifier or the name assigned to the issuer.

func (*Secrets) PkiIssuerReadCrlPem added in v0.3.0 

func (s *Secrets) PkiIssuerReadCrlPem(ctx context.Context, issuerRef string, options ...RequestOption) (*Response[schema.PkiIssuerReadCrlPemResponse], error)

PkiIssuerReadCrlPem issuerRef: Reference to a existing issuer; either \"default\" for the configured default issuer, an identifier or the name assigned to the issuer.

func (*Secrets) PkiIssuerResignCrls added in v0.3.0 

func (s *Secrets) PkiIssuerResignCrls(ctx context.Context, issuerRef string, request schema.PkiIssuerResignCrlsRequest, options ...RequestOption) (*Response[schema.PkiIssuerResignCrlsResponse], error)

PkiIssuerResignCrls issuerRef: Reference to a existing issuer; either \"default\" for the configured default issuer, an identifier or the name assigned to the issuer.

func (*Secrets) PkiIssuerSignIntermediate added in v0.3.0 

func (s *Secrets) PkiIssuerSignIntermediate(ctx context.Context, issuerRef string, request schema.PkiIssuerSignIntermediateRequest, options ...RequestOption) (*Response[schema.PkiIssuerSignIntermediateResponse], error)

PkiIssuerSignIntermediate issuerRef: Reference to a existing issuer; either \"default\" for the configured default issuer, an identifier or the name assigned to the issuer.

func (*Secrets) PkiIssuerSignRevocationList added in v0.3.0 

func (s *Secrets) PkiIssuerSignRevocationList(ctx context.Context, issuerRef string, request schema.PkiIssuerSignRevocationListRequest, options ...RequestOption) (*Response[schema.PkiIssuerSignRevocationListResponse], error)

PkiIssuerSignRevocationList issuerRef: Reference to a existing issuer; either \"default\" for the configured default issuer, an identifier or the name assigned to the issuer.

func (*Secrets) PkiIssuerSignSelfIssued added in v0.3.0 

func (s *Secrets) PkiIssuerSignSelfIssued(ctx context.Context, issuerRef string, request schema.PkiIssuerSignSelfIssuedRequest, options ...RequestOption) (*Response[schema.PkiIssuerSignSelfIssuedResponse], error)

PkiIssuerSignSelfIssued issuerRef: Reference to a existing issuer; either \"default\" for the configured default issuer, an identifier or the name assigned to the issuer.

func (*Secrets) PkiIssuerSignVerbatim added in v0.3.0 

func (s *Secrets) PkiIssuerSignVerbatim(ctx context.Context, issuerRef string, request schema.PkiIssuerSignVerbatimRequest, options ...RequestOption) (*Response[schema.PkiIssuerSignVerbatimResponse], error)

PkiIssuerSignVerbatim issuerRef: Reference to a existing issuer; either \"default\" for the configured default issuer, an identifier or the name assigned to the issuer.

func (*Secrets) PkiIssuerSignVerbatimWithRole added in v0.3.0 

func (s *Secrets) PkiIssuerSignVerbatimWithRole(ctx context.Context, issuerRef string, role string, request schema.PkiIssuerSignVerbatimWithRoleRequest, options ...RequestOption) (*Response[schema.PkiIssuerSignVerbatimWithRoleResponse], error)

PkiIssuerSignVerbatimWithRole issuerRef: Reference to a existing issuer; either \"default\" for the configured default issuer, an identifier or the name assigned to the issuer. role: The desired role with configuration for this request

func (*Secrets) PkiIssuerSignWithRole added in v0.3.0 

func (s *Secrets) PkiIssuerSignWithRole(ctx context.Context, issuerRef string, role string, request schema.PkiIssuerSignWithRoleRequest, options ...RequestOption) (*Response[schema.PkiIssuerSignWithRoleResponse], error)

PkiIssuerSignWithRole issuerRef: Reference to a existing issuer; either \"default\" for the configured default issuer, an identifier or the name assigned to the issuer. role: The desired role with configuration for this request

func (*Secrets) PkiIssuersGenerateIntermediate added in v0.3.0 

func (s *Secrets) PkiIssuersGenerateIntermediate(ctx context.Context, exported string, request schema.PkiIssuersGenerateIntermediateRequest, options ...RequestOption) (*Response[schema.PkiIssuersGenerateIntermediateResponse], error)

PkiIssuersGenerateIntermediate exported: Must be \"internal\", \"exported\" or \"kms\". If set to \"exported\", the generated private key will be returned. This is your *only* chance to retrieve the private key!

func (*Secrets) PkiIssuersGenerateRoot added in v0.3.0 

func (s *Secrets) PkiIssuersGenerateRoot(ctx context.Context, exported string, request schema.PkiIssuersGenerateRootRequest, options ...RequestOption) (*Response[schema.PkiIssuersGenerateRootResponse], error)

PkiIssuersGenerateRoot exported: Must be \"internal\", \"exported\" or \"kms\". If set to \"exported\", the generated private key will be returned. This is your *only* chance to retrieve the private key!

func (*Secrets) PkiIssuersImportBundle added in v0.3.0 

func (s *Secrets) PkiIssuersImportBundle(ctx context.Context, request schema.PkiIssuersImportBundleRequest, options ...RequestOption) (*Response[schema.PkiIssuersImportBundleResponse], error)

PkiIssuersImportBundle

func (*Secrets) PkiIssuersImportCert added in v0.3.0 

func (s *Secrets) PkiIssuersImportCert(ctx context.Context, request schema.PkiIssuersImportCertRequest, options ...RequestOption) (*Response[schema.PkiIssuersImportCertResponse], error)

PkiIssuersImportCert

func (*Secrets) PkiListCerts added in v0.3.0 

func (s *Secrets) PkiListCerts(ctx context.Context, options ...RequestOption) (*Response[schema.StandardListResponse], error)

PkiListCerts

func (*Secrets) PkiListEabKeys added in v0.4.0 

func (s *Secrets) PkiListEabKeys(ctx context.Context, options ...RequestOption) (*Response[schema.PkiListEabKeysResponse], error)

PkiListEabKeys

func (*Secrets) PkiListIssuers added in v0.3.0 

func (s *Secrets) PkiListIssuers(ctx context.Context, options ...RequestOption) (*Response[schema.PkiListIssuersResponse], error)

PkiListIssuers

func (*Secrets) PkiListKeys added in v0.3.0 

func (s *Secrets) PkiListKeys(ctx context.Context, options ...RequestOption) (*Response[schema.PkiListKeysResponse], error)

PkiListKeys

func (*Secrets) PkiListRevokedCerts added in v0.3.0 

func (s *Secrets) PkiListRevokedCerts(ctx context.Context, options ...RequestOption) (*Response[schema.StandardListResponse], error)

PkiListRevokedCerts

func (*Secrets) PkiListRoles added in v0.3.0 

func (s *Secrets) PkiListRoles(ctx context.Context, options ...RequestOption) (*Response[schema.StandardListResponse], error)

PkiListRoles

func (*Secrets) PkiQueryOcsp added in v0.3.0 

func (s *Secrets) PkiQueryOcsp(ctx context.Context, options ...RequestOption) (*Response[map[string]interface{}], error)

PkiQueryOcsp

func (*Secrets) PkiQueryOcspWithGetReq added in v0.3.0 

func (s *Secrets) PkiQueryOcspWithGetReq(ctx context.Context, req string, options ...RequestOption) (*Response[map[string]interface{}], error)

PkiQueryOcspWithGetReq req: base-64 encoded ocsp request

func (*Secrets) PkiReadAcmeConfiguration added in v0.4.0 

func (s *Secrets) PkiReadAcmeConfiguration(ctx context.Context, options ...RequestOption) (*Response[map[string]interface{}], error)

PkiReadAcmeConfiguration

func (*Secrets) PkiReadAcmeDirectory added in v0.4.0 

func (s *Secrets) PkiReadAcmeDirectory(ctx context.Context, options ...RequestOption) (*Response[map[string]interface{}], error)

PkiReadAcmeDirectory

func (*Secrets) PkiReadAcmeNewNonce added in v0.4.0 

func (s *Secrets) PkiReadAcmeNewNonce(ctx context.Context, options ...RequestOption) (*Response[map[string]interface{}], error)

PkiReadAcmeNewNonce

func (*Secrets) PkiReadAutoTidyConfiguration added in v0.3.0 

func (s *Secrets) PkiReadAutoTidyConfiguration(ctx context.Context, options ...RequestOption) (*Response[schema.PkiReadAutoTidyConfigurationResponse], error)

PkiReadAutoTidyConfiguration

func (*Secrets) PkiReadCaChainPem added in v0.3.0 

func (s *Secrets) PkiReadCaChainPem(ctx context.Context, options ...RequestOption) (*Response[schema.PkiReadCaChainPemResponse], error)

PkiReadCaChainPem

func (*Secrets) PkiReadCaDer added in v0.3.0 

func (s *Secrets) PkiReadCaDer(ctx context.Context, options ...RequestOption) (*Response[schema.PkiReadCaDerResponse], error)

PkiReadCaDer

func (*Secrets) PkiReadCaPem added in v0.3.0 

func (s *Secrets) PkiReadCaPem(ctx context.Context, options ...RequestOption) (*Response[schema.PkiReadCaPemResponse], error)

PkiReadCaPem

func (*Secrets) PkiReadCert added in v0.3.0 

func (s *Secrets) PkiReadCert(ctx context.Context, serial string, options ...RequestOption) (*Response[schema.PkiReadCertResponse], error)

PkiReadCert serial: Certificate serial number, in colon- or hyphen-separated octal

func (*Secrets) PkiReadCertCaChain added in v0.3.0 

func (s *Secrets) PkiReadCertCaChain(ctx context.Context, options ...RequestOption) (*Response[schema.PkiReadCertCaChainResponse], error)

PkiReadCertCaChain

func (*Secrets) PkiReadCertCrl added in v0.3.0 

func (s *Secrets) PkiReadCertCrl(ctx context.Context, options ...RequestOption) (*Response[schema.PkiReadCertCrlResponse], error)

PkiReadCertCrl

func (*Secrets) PkiReadCertDeltaCrl added in v0.3.0 

func (s *Secrets) PkiReadCertDeltaCrl(ctx context.Context, options ...RequestOption) (*Response[schema.PkiReadCertDeltaCrlResponse], error)

PkiReadCertDeltaCrl

func (*Secrets) PkiReadCertRawDer added in v0.3.0 

func (s *Secrets) PkiReadCertRawDer(ctx context.Context, serial string, options ...RequestOption) (*Response[schema.PkiReadCertRawDerResponse], error)

PkiReadCertRawDer serial: Certificate serial number, in colon- or hyphen-separated octal

func (*Secrets) PkiReadCertRawPem added in v0.3.0 

func (s *Secrets) PkiReadCertRawPem(ctx context.Context, serial string, options ...RequestOption) (*Response[schema.PkiReadCertRawPemResponse], error)

PkiReadCertRawPem serial: Certificate serial number, in colon- or hyphen-separated octal

func (*Secrets) PkiReadClusterConfiguration added in v0.3.0 

func (s *Secrets) PkiReadClusterConfiguration(ctx context.Context, options ...RequestOption) (*Response[schema.PkiReadClusterConfigurationResponse], error)

PkiReadClusterConfiguration

func (*Secrets) PkiReadCrlConfiguration added in v0.3.0 

func (s *Secrets) PkiReadCrlConfiguration(ctx context.Context, options ...RequestOption) (*Response[schema.PkiReadCrlConfigurationResponse], error)

PkiReadCrlConfiguration

func (*Secrets) PkiReadCrlDelta added in v0.3.0 

func (s *Secrets) PkiReadCrlDelta(ctx context.Context, options ...RequestOption) (*Response[schema.PkiReadCrlDeltaResponse], error)

PkiReadCrlDelta

func (*Secrets) PkiReadCrlDeltaPem added in v0.3.0 

func (s *Secrets) PkiReadCrlDeltaPem(ctx context.Context, options ...RequestOption) (*Response[schema.PkiReadCrlDeltaPemResponse], error)

PkiReadCrlDeltaPem

func (*Secrets) PkiReadCrlDer added in v0.3.0 

func (s *Secrets) PkiReadCrlDer(ctx context.Context, options ...RequestOption) (*Response[schema.PkiReadCrlDerResponse], error)

PkiReadCrlDer

func (*Secrets) PkiReadCrlPem added in v0.3.0 

func (s *Secrets) PkiReadCrlPem(ctx context.Context, options ...RequestOption) (*Response[schema.PkiReadCrlPemResponse], error)

PkiReadCrlPem

func (*Secrets) PkiReadIssuer added in v0.3.0 

func (s *Secrets) PkiReadIssuer(ctx context.Context, issuerRef string, options ...RequestOption) (*Response[schema.PkiReadIssuerResponse], error)

PkiReadIssuer issuerRef: Reference to a existing issuer; either \"default\" for the configured default issuer, an identifier or the name assigned to the issuer.

func (*Secrets) PkiReadIssuerDer added in v0.3.0 

func (s *Secrets) PkiReadIssuerDer(ctx context.Context, issuerRef string, options ...RequestOption) (*Response[schema.PkiReadIssuerDerResponse], error)

PkiReadIssuerDer issuerRef: Reference to a existing issuer; either \"default\" for the configured default issuer, an identifier or the name assigned to the issuer.

func (*Secrets) PkiReadIssuerIssuerRefAcmeDirectory added in v0.4.0 

func (s *Secrets) PkiReadIssuerIssuerRefAcmeDirectory(ctx context.Context, issuerRef string, options ...RequestOption) (*Response[map[string]interface{}], error)

PkiReadIssuerIssuerRefAcmeDirectory issuerRef: Reference to an existing issuer name or issuer id

func (*Secrets) PkiReadIssuerIssuerRefAcmeNewNonce added in v0.4.0 

func (s *Secrets) PkiReadIssuerIssuerRefAcmeNewNonce(ctx context.Context, issuerRef string, options ...RequestOption) (*Response[map[string]interface{}], error)

PkiReadIssuerIssuerRefAcmeNewNonce issuerRef: Reference to an existing issuer name or issuer id

func (*Secrets) PkiReadIssuerIssuerRefRolesRoleAcmeDirectory added in v0.4.0 

func (s *Secrets) PkiReadIssuerIssuerRefRolesRoleAcmeDirectory(ctx context.Context, issuerRef string, role string, options ...RequestOption) (*Response[map[string]interface{}], error)

PkiReadIssuerIssuerRefRolesRoleAcmeDirectory issuerRef: Reference to an existing issuer name or issuer id role: The desired role for the acme request

func (*Secrets) PkiReadIssuerIssuerRefRolesRoleAcmeNewNonce added in v0.4.0 

func (s *Secrets) PkiReadIssuerIssuerRefRolesRoleAcmeNewNonce(ctx context.Context, issuerRef string, role string, options ...RequestOption) (*Response[map[string]interface{}], error)

PkiReadIssuerIssuerRefRolesRoleAcmeNewNonce issuerRef: Reference to an existing issuer name or issuer id role: The desired role for the acme request

func (*Secrets) PkiReadIssuerJson added in v0.3.0 

func (s *Secrets) PkiReadIssuerJson(ctx context.Context, issuerRef string, options ...RequestOption) (*Response[schema.PkiReadIssuerJsonResponse], error)

PkiReadIssuerJson issuerRef: Reference to a existing issuer; either \"default\" for the configured default issuer, an identifier or the name assigned to the issuer.

func (*Secrets) PkiReadIssuerPem added in v0.3.0 

func (s *Secrets) PkiReadIssuerPem(ctx context.Context, issuerRef string, options ...RequestOption) (*Response[schema.PkiReadIssuerPemResponse], error)

PkiReadIssuerPem issuerRef: Reference to a existing issuer; either \"default\" for the configured default issuer, an identifier or the name assigned to the issuer.

func (*Secrets) PkiReadIssuersConfiguration added in v0.3.0 

func (s *Secrets) PkiReadIssuersConfiguration(ctx context.Context, options ...RequestOption) (*Response[schema.PkiReadIssuersConfigurationResponse], error)

PkiReadIssuersConfiguration

func (*Secrets) PkiReadKey added in v0.3.0 

func (s *Secrets) PkiReadKey(ctx context.Context, keyRef string, options ...RequestOption) (*Response[schema.PkiReadKeyResponse], error)

PkiReadKey keyRef: Reference to key; either \"default\" for the configured default key, an identifier of a key, or the name assigned to the key.

func (*Secrets) PkiReadKeysConfiguration added in v0.3.0 

func (s *Secrets) PkiReadKeysConfiguration(ctx context.Context, options ...RequestOption) (*Response[schema.PkiReadKeysConfigurationResponse], error)

PkiReadKeysConfiguration

func (*Secrets) PkiReadRole added in v0.3.0 

func (s *Secrets) PkiReadRole(ctx context.Context, name string, options ...RequestOption) (*Response[schema.PkiReadRoleResponse], error)

PkiReadRole name: Name of the role

func (*Secrets) PkiReadRolesRoleAcmeDirectory added in v0.4.0 

func (s *Secrets) PkiReadRolesRoleAcmeDirectory(ctx context.Context, role string, options ...RequestOption) (*Response[map[string]interface{}], error)

PkiReadRolesRoleAcmeDirectory role: The desired role for the acme request

func (*Secrets) PkiReadRolesRoleAcmeNewNonce added in v0.4.0 

func (s *Secrets) PkiReadRolesRoleAcmeNewNonce(ctx context.Context, role string, options ...RequestOption) (*Response[map[string]interface{}], error)

PkiReadRolesRoleAcmeNewNonce role: The desired role for the acme request

func (*Secrets) PkiReadUrlsConfiguration added in v0.3.0 

func (s *Secrets) PkiReadUrlsConfiguration(ctx context.Context, options ...RequestOption) (*Response[schema.PkiReadUrlsConfigurationResponse], error)

PkiReadUrlsConfiguration

func (*Secrets) PkiReplaceRoot added in v0.3.0 

func (s *Secrets) PkiReplaceRoot(ctx context.Context, request schema.PkiReplaceRootRequest, options ...RequestOption) (*Response[schema.PkiReplaceRootResponse], error)

PkiReplaceRoot

func (*Secrets) PkiRevoke added in v0.3.0 

func (s *Secrets) PkiRevoke(ctx context.Context, request schema.PkiRevokeRequest, options ...RequestOption) (*Response[schema.PkiRevokeResponse], error)

PkiRevoke

func (*Secrets) PkiRevokeIssuer added in v0.3.0 

func (s *Secrets) PkiRevokeIssuer(ctx context.Context, issuerRef string, options ...RequestOption) (*Response[schema.PkiRevokeIssuerResponse], error)

PkiRevokeIssuer issuerRef: Reference to a existing issuer; either \"default\" for the configured default issuer, an identifier or the name assigned to the issuer.

func (*Secrets) PkiRevokeWithKey added in v0.3.0 

func (s *Secrets) PkiRevokeWithKey(ctx context.Context, request schema.PkiRevokeWithKeyRequest, options ...RequestOption) (*Response[schema.PkiRevokeWithKeyResponse], error)

PkiRevokeWithKey

func (*Secrets) PkiRootSignIntermediate added in v0.3.0 

func (s *Secrets) PkiRootSignIntermediate(ctx context.Context, request schema.PkiRootSignIntermediateRequest, options ...RequestOption) (*Response[schema.PkiRootSignIntermediateResponse], error)

PkiRootSignIntermediate

func (*Secrets) PkiRootSignSelfIssued added in v0.3.0 

func (s *Secrets) PkiRootSignSelfIssued(ctx context.Context, request schema.PkiRootSignSelfIssuedRequest, options ...RequestOption) (*Response[schema.PkiRootSignSelfIssuedResponse], error)

PkiRootSignSelfIssued

func (*Secrets) PkiRotateCrl added in v0.3.0 

func (s *Secrets) PkiRotateCrl(ctx context.Context, options ...RequestOption) (*Response[schema.PkiRotateCrlResponse], error)

PkiRotateCrl

func (*Secrets) PkiRotateDeltaCrl added in v0.3.0 

func (s *Secrets) PkiRotateDeltaCrl(ctx context.Context, options ...RequestOption) (*Response[schema.PkiRotateDeltaCrlResponse], error)

PkiRotateDeltaCrl

func (*Secrets) PkiRotateRoot added in v0.4.0 

func (s *Secrets) PkiRotateRoot(ctx context.Context, exported string, request schema.PkiRotateRootRequest, options ...RequestOption) (*Response[schema.PkiRotateRootResponse], error)

PkiRotateRoot exported: Must be \"internal\", \"exported\" or \"kms\". If set to \"exported\", the generated private key will be returned. This is your *only* chance to retrieve the private key!

func (*Secrets) PkiSetSignedIntermediate added in v0.3.0 

func (s *Secrets) PkiSetSignedIntermediate(ctx context.Context, request schema.PkiSetSignedIntermediateRequest, options ...RequestOption) (*Response[schema.PkiSetSignedIntermediateResponse], error)

PkiSetSignedIntermediate

func (*Secrets) PkiSignVerbatim added in v0.3.0 

func (s *Secrets) PkiSignVerbatim(ctx context.Context, request schema.PkiSignVerbatimRequest, options ...RequestOption) (*Response[schema.PkiSignVerbatimResponse], error)

PkiSignVerbatim

func (*Secrets) PkiSignVerbatimWithRole added in v0.3.0 

func (s *Secrets) PkiSignVerbatimWithRole(ctx context.Context, role string, request schema.PkiSignVerbatimWithRoleRequest, options ...RequestOption) (*Response[schema.PkiSignVerbatimWithRoleResponse], error)

PkiSignVerbatimWithRole role: The desired role with configuration for this request

func (*Secrets) PkiSignWithRole added in v0.3.0 

func (s *Secrets) PkiSignWithRole(ctx context.Context, role string, request schema.PkiSignWithRoleRequest, options ...RequestOption) (*Response[schema.PkiSignWithRoleResponse], error)

PkiSignWithRole role: The desired role with configuration for this request

func (*Secrets) PkiTidy added in v0.3.0 

func (s *Secrets) PkiTidy(ctx context.Context, request schema.PkiTidyRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

PkiTidy

func (*Secrets) PkiTidyCancel added in v0.3.0 

func (s *Secrets) PkiTidyCancel(ctx context.Context, options ...RequestOption) (*Response[schema.PkiTidyCancelResponse], error)

PkiTidyCancel

func (*Secrets) PkiTidyStatus added in v0.3.0 

func (s *Secrets) PkiTidyStatus(ctx context.Context, options ...RequestOption) (*Response[schema.PkiTidyStatusResponse], error)

PkiTidyStatus

func (*Secrets) PkiWriteAcmeAccountKid added in v0.4.0 

func (s *Secrets) PkiWriteAcmeAccountKid(ctx context.Context, kid string, request schema.PkiWriteAcmeAccountKidRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

PkiWriteAcmeAccountKid kid: The key identifier provided by the CA

func (*Secrets) PkiWriteAcmeAuthorizationAuthId added in v0.4.0 

func (s *Secrets) PkiWriteAcmeAuthorizationAuthId(ctx context.Context, authId string, request schema.PkiWriteAcmeAuthorizationAuthIdRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

PkiWriteAcmeAuthorizationAuthId authId: ACME authorization identifier value

func (*Secrets) PkiWriteAcmeChallengeAuthIdChallengeType added in v0.4.0 

func (s *Secrets) PkiWriteAcmeChallengeAuthIdChallengeType(ctx context.Context, authId string, challengeType string, request schema.PkiWriteAcmeChallengeAuthIdChallengeTypeRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

PkiWriteAcmeChallengeAuthIdChallengeType authId: ACME authorization identifier value challengeType: ACME challenge type

func (*Secrets) PkiWriteAcmeNewAccount added in v0.4.0 

func (s *Secrets) PkiWriteAcmeNewAccount(ctx context.Context, request schema.PkiWriteAcmeNewAccountRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

PkiWriteAcmeNewAccount

func (*Secrets) PkiWriteAcmeNewOrder added in v0.4.0 

func (s *Secrets) PkiWriteAcmeNewOrder(ctx context.Context, request schema.PkiWriteAcmeNewOrderRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

PkiWriteAcmeNewOrder

func (*Secrets) PkiWriteAcmeOrderOrderId added in v0.4.0 

func (s *Secrets) PkiWriteAcmeOrderOrderId(ctx context.Context, orderId string, request schema.PkiWriteAcmeOrderOrderIdRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

PkiWriteAcmeOrderOrderId orderId: The ACME order identifier to fetch

func (*Secrets) PkiWriteAcmeOrderOrderIdCert added in v0.4.0 

func (s *Secrets) PkiWriteAcmeOrderOrderIdCert(ctx context.Context, orderId string, request schema.PkiWriteAcmeOrderOrderIdCertRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

PkiWriteAcmeOrderOrderIdCert orderId: The ACME order identifier to fetch

func (*Secrets) PkiWriteAcmeOrderOrderIdFinalize added in v0.4.0 

func (s *Secrets) PkiWriteAcmeOrderOrderIdFinalize(ctx context.Context, orderId string, request schema.PkiWriteAcmeOrderOrderIdFinalizeRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

PkiWriteAcmeOrderOrderIdFinalize orderId: The ACME order identifier to fetch

func (*Secrets) PkiWriteAcmeOrders added in v0.4.0 

func (s *Secrets) PkiWriteAcmeOrders(ctx context.Context, request schema.PkiWriteAcmeOrdersRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

PkiWriteAcmeOrders

func (*Secrets) PkiWriteAcmeRevokeCert added in v0.4.0 

func (s *Secrets) PkiWriteAcmeRevokeCert(ctx context.Context, request schema.PkiWriteAcmeRevokeCertRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

PkiWriteAcmeRevokeCert

func (*Secrets) PkiWriteIssuer added in v0.3.0 

func (s *Secrets) PkiWriteIssuer(ctx context.Context, issuerRef string, request schema.PkiWriteIssuerRequest, options ...RequestOption) (*Response[schema.PkiWriteIssuerResponse], error)

PkiWriteIssuer issuerRef: Reference to a existing issuer; either \"default\" for the configured default issuer, an identifier or the name assigned to the issuer.

func (*Secrets) PkiWriteIssuerIssuerRefAcmeAccountKid added in v0.4.0 

func (s *Secrets) PkiWriteIssuerIssuerRefAcmeAccountKid(ctx context.Context, issuerRef string, kid string, request schema.PkiWriteIssuerIssuerRefAcmeAccountKidRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

PkiWriteIssuerIssuerRefAcmeAccountKid issuerRef: Reference to an existing issuer name or issuer id kid: The key identifier provided by the CA

func (*Secrets) PkiWriteIssuerIssuerRefAcmeAuthorizationAuthId added in v0.4.0 

func (s *Secrets) PkiWriteIssuerIssuerRefAcmeAuthorizationAuthId(ctx context.Context, authId string, issuerRef string, request schema.PkiWriteIssuerIssuerRefAcmeAuthorizationAuthIdRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

PkiWriteIssuerIssuerRefAcmeAuthorizationAuthId authId: ACME authorization identifier value issuerRef: Reference to an existing issuer name or issuer id

func (*Secrets) PkiWriteIssuerIssuerRefAcmeChallengeAuthIdChallengeType added in v0.4.0 

func (s *Secrets) PkiWriteIssuerIssuerRefAcmeChallengeAuthIdChallengeType(ctx context.Context, authId string, challengeType string, issuerRef string, request schema.PkiWriteIssuerIssuerRefAcmeChallengeAuthIdChallengeTypeRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

PkiWriteIssuerIssuerRefAcmeChallengeAuthIdChallengeType authId: ACME authorization identifier value challengeType: ACME challenge type issuerRef: Reference to an existing issuer name or issuer id

func (*Secrets) PkiWriteIssuerIssuerRefAcmeNewAccount added in v0.4.0 

func (s *Secrets) PkiWriteIssuerIssuerRefAcmeNewAccount(ctx context.Context, issuerRef string, request schema.PkiWriteIssuerIssuerRefAcmeNewAccountRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

PkiWriteIssuerIssuerRefAcmeNewAccount issuerRef: Reference to an existing issuer name or issuer id

func (*Secrets) PkiWriteIssuerIssuerRefAcmeNewOrder added in v0.4.0 

func (s *Secrets) PkiWriteIssuerIssuerRefAcmeNewOrder(ctx context.Context, issuerRef string, request schema.PkiWriteIssuerIssuerRefAcmeNewOrderRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

PkiWriteIssuerIssuerRefAcmeNewOrder issuerRef: Reference to an existing issuer name or issuer id

func (*Secrets) PkiWriteIssuerIssuerRefAcmeOrderOrderId added in v0.4.0 

func (s *Secrets) PkiWriteIssuerIssuerRefAcmeOrderOrderId(ctx context.Context, issuerRef string, orderId string, request schema.PkiWriteIssuerIssuerRefAcmeOrderOrderIdRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

PkiWriteIssuerIssuerRefAcmeOrderOrderId issuerRef: Reference to an existing issuer name or issuer id orderId: The ACME order identifier to fetch

func (*Secrets) PkiWriteIssuerIssuerRefAcmeOrderOrderIdCert added in v0.4.0 

func (s *Secrets) PkiWriteIssuerIssuerRefAcmeOrderOrderIdCert(ctx context.Context, issuerRef string, orderId string, request schema.PkiWriteIssuerIssuerRefAcmeOrderOrderIdCertRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

PkiWriteIssuerIssuerRefAcmeOrderOrderIdCert issuerRef: Reference to an existing issuer name or issuer id orderId: The ACME order identifier to fetch

func (*Secrets) PkiWriteIssuerIssuerRefAcmeOrderOrderIdFinalize added in v0.4.0 

func (s *Secrets) PkiWriteIssuerIssuerRefAcmeOrderOrderIdFinalize(ctx context.Context, issuerRef string, orderId string, request schema.PkiWriteIssuerIssuerRefAcmeOrderOrderIdFinalizeRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

PkiWriteIssuerIssuerRefAcmeOrderOrderIdFinalize issuerRef: Reference to an existing issuer name or issuer id orderId: The ACME order identifier to fetch

func (*Secrets) PkiWriteIssuerIssuerRefAcmeOrders added in v0.4.0 

func (s *Secrets) PkiWriteIssuerIssuerRefAcmeOrders(ctx context.Context, issuerRef string, request schema.PkiWriteIssuerIssuerRefAcmeOrdersRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

PkiWriteIssuerIssuerRefAcmeOrders issuerRef: Reference to an existing issuer name or issuer id

func (*Secrets) PkiWriteIssuerIssuerRefAcmeRevokeCert added in v0.4.0 

func (s *Secrets) PkiWriteIssuerIssuerRefAcmeRevokeCert(ctx context.Context, issuerRef string, request schema.PkiWriteIssuerIssuerRefAcmeRevokeCertRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

PkiWriteIssuerIssuerRefAcmeRevokeCert issuerRef: Reference to an existing issuer name or issuer id

func (*Secrets) PkiWriteIssuerIssuerRefRolesRoleAcmeAccountKid added in v0.4.0 

func (s *Secrets) PkiWriteIssuerIssuerRefRolesRoleAcmeAccountKid(ctx context.Context, issuerRef string, kid string, role string, request schema.PkiWriteIssuerIssuerRefRolesRoleAcmeAccountKidRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

PkiWriteIssuerIssuerRefRolesRoleAcmeAccountKid issuerRef: Reference to an existing issuer name or issuer id kid: The key identifier provided by the CA role: The desired role for the acme request

func (*Secrets) PkiWriteIssuerIssuerRefRolesRoleAcmeAuthorizationAuthId added in v0.4.0 

func (s *Secrets) PkiWriteIssuerIssuerRefRolesRoleAcmeAuthorizationAuthId(ctx context.Context, authId string, issuerRef string, role string, request schema.PkiWriteIssuerIssuerRefRolesRoleAcmeAuthorizationAuthIdRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

PkiWriteIssuerIssuerRefRolesRoleAcmeAuthorizationAuthId authId: ACME authorization identifier value issuerRef: Reference to an existing issuer name or issuer id role: The desired role for the acme request

func (*Secrets) PkiWriteIssuerIssuerRefRolesRoleAcmeChallengeAuthIdChallengeType added in v0.4.0 

func (s *Secrets) PkiWriteIssuerIssuerRefRolesRoleAcmeChallengeAuthIdChallengeType(ctx context.Context, authId string, challengeType string, issuerRef string, role string, request schema.PkiWriteIssuerIssuerRefRolesRoleAcmeChallengeAuthIdChallengeTypeRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

PkiWriteIssuerIssuerRefRolesRoleAcmeChallengeAuthIdChallengeType authId: ACME authorization identifier value challengeType: ACME challenge type issuerRef: Reference to an existing issuer name or issuer id role: The desired role for the acme request

func (*Secrets) PkiWriteIssuerIssuerRefRolesRoleAcmeNewAccount added in v0.4.0 

func (s *Secrets) PkiWriteIssuerIssuerRefRolesRoleAcmeNewAccount(ctx context.Context, issuerRef string, role string, request schema.PkiWriteIssuerIssuerRefRolesRoleAcmeNewAccountRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

PkiWriteIssuerIssuerRefRolesRoleAcmeNewAccount issuerRef: Reference to an existing issuer name or issuer id role: The desired role for the acme request

func (*Secrets) PkiWriteIssuerIssuerRefRolesRoleAcmeNewOrder added in v0.4.0 

func (s *Secrets) PkiWriteIssuerIssuerRefRolesRoleAcmeNewOrder(ctx context.Context, issuerRef string, role string, request schema.PkiWriteIssuerIssuerRefRolesRoleAcmeNewOrderRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

PkiWriteIssuerIssuerRefRolesRoleAcmeNewOrder issuerRef: Reference to an existing issuer name or issuer id role: The desired role for the acme request

func (*Secrets) PkiWriteIssuerIssuerRefRolesRoleAcmeOrderOrderId added in v0.4.0 

func (s *Secrets) PkiWriteIssuerIssuerRefRolesRoleAcmeOrderOrderId(ctx context.Context, issuerRef string, orderId string, role string, request schema.PkiWriteIssuerIssuerRefRolesRoleAcmeOrderOrderIdRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

PkiWriteIssuerIssuerRefRolesRoleAcmeOrderOrderId issuerRef: Reference to an existing issuer name or issuer id orderId: The ACME order identifier to fetch role: The desired role for the acme request

func (*Secrets) PkiWriteIssuerIssuerRefRolesRoleAcmeOrderOrderIdCert added in v0.4.0 

func (s *Secrets) PkiWriteIssuerIssuerRefRolesRoleAcmeOrderOrderIdCert(ctx context.Context, issuerRef string, orderId string, role string, request schema.PkiWriteIssuerIssuerRefRolesRoleAcmeOrderOrderIdCertRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

PkiWriteIssuerIssuerRefRolesRoleAcmeOrderOrderIdCert issuerRef: Reference to an existing issuer name or issuer id orderId: The ACME order identifier to fetch role: The desired role for the acme request

func (*Secrets) PkiWriteIssuerIssuerRefRolesRoleAcmeOrderOrderIdFinalize added in v0.4.0 

func (s *Secrets) PkiWriteIssuerIssuerRefRolesRoleAcmeOrderOrderIdFinalize(ctx context.Context, issuerRef string, orderId string, role string, request schema.PkiWriteIssuerIssuerRefRolesRoleAcmeOrderOrderIdFinalizeRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

PkiWriteIssuerIssuerRefRolesRoleAcmeOrderOrderIdFinalize issuerRef: Reference to an existing issuer name or issuer id orderId: The ACME order identifier to fetch role: The desired role for the acme request

func (*Secrets) PkiWriteIssuerIssuerRefRolesRoleAcmeOrders added in v0.4.0 

func (s *Secrets) PkiWriteIssuerIssuerRefRolesRoleAcmeOrders(ctx context.Context, issuerRef string, role string, request schema.PkiWriteIssuerIssuerRefRolesRoleAcmeOrdersRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

PkiWriteIssuerIssuerRefRolesRoleAcmeOrders issuerRef: Reference to an existing issuer name or issuer id role: The desired role for the acme request

func (*Secrets) PkiWriteIssuerIssuerRefRolesRoleAcmeRevokeCert added in v0.4.0 

func (s *Secrets) PkiWriteIssuerIssuerRefRolesRoleAcmeRevokeCert(ctx context.Context, issuerRef string, role string, request schema.PkiWriteIssuerIssuerRefRolesRoleAcmeRevokeCertRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

PkiWriteIssuerIssuerRefRolesRoleAcmeRevokeCert issuerRef: Reference to an existing issuer name or issuer id role: The desired role for the acme request

func (*Secrets) PkiWriteKey added in v0.3.0 

func (s *Secrets) PkiWriteKey(ctx context.Context, keyRef string, request schema.PkiWriteKeyRequest, options ...RequestOption) (*Response[schema.PkiWriteKeyResponse], error)

PkiWriteKey keyRef: Reference to key; either \"default\" for the configured default key, an identifier of a key, or the name assigned to the key.

func (*Secrets) PkiWriteRole added in v0.3.0 

func (s *Secrets) PkiWriteRole(ctx context.Context, name string, request schema.PkiWriteRoleRequest, options ...RequestOption) (*Response[schema.PkiWriteRoleResponse], error)

PkiWriteRole name: Name of the role

func (*Secrets) PkiWriteRolesRoleAcmeAccountKid added in v0.4.0 

func (s *Secrets) PkiWriteRolesRoleAcmeAccountKid(ctx context.Context, kid string, role string, request schema.PkiWriteRolesRoleAcmeAccountKidRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

PkiWriteRolesRoleAcmeAccountKid kid: The key identifier provided by the CA role: The desired role for the acme request

func (*Secrets) PkiWriteRolesRoleAcmeAuthorizationAuthId added in v0.4.0 

func (s *Secrets) PkiWriteRolesRoleAcmeAuthorizationAuthId(ctx context.Context, authId string, role string, request schema.PkiWriteRolesRoleAcmeAuthorizationAuthIdRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

PkiWriteRolesRoleAcmeAuthorizationAuthId authId: ACME authorization identifier value role: The desired role for the acme request

func (*Secrets) PkiWriteRolesRoleAcmeChallengeAuthIdChallengeType added in v0.4.0 

func (s *Secrets) PkiWriteRolesRoleAcmeChallengeAuthIdChallengeType(ctx context.Context, authId string, challengeType string, role string, request schema.PkiWriteRolesRoleAcmeChallengeAuthIdChallengeTypeRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

PkiWriteRolesRoleAcmeChallengeAuthIdChallengeType authId: ACME authorization identifier value challengeType: ACME challenge type role: The desired role for the acme request

func (*Secrets) PkiWriteRolesRoleAcmeNewAccount added in v0.4.0 

func (s *Secrets) PkiWriteRolesRoleAcmeNewAccount(ctx context.Context, role string, request schema.PkiWriteRolesRoleAcmeNewAccountRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

PkiWriteRolesRoleAcmeNewAccount role: The desired role for the acme request

func (*Secrets) PkiWriteRolesRoleAcmeNewOrder added in v0.4.0 

func (s *Secrets) PkiWriteRolesRoleAcmeNewOrder(ctx context.Context, role string, request schema.PkiWriteRolesRoleAcmeNewOrderRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

PkiWriteRolesRoleAcmeNewOrder role: The desired role for the acme request

func (*Secrets) PkiWriteRolesRoleAcmeOrderOrderId added in v0.4.0 

func (s *Secrets) PkiWriteRolesRoleAcmeOrderOrderId(ctx context.Context, orderId string, role string, request schema.PkiWriteRolesRoleAcmeOrderOrderIdRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

PkiWriteRolesRoleAcmeOrderOrderId orderId: The ACME order identifier to fetch role: The desired role for the acme request

func (*Secrets) PkiWriteRolesRoleAcmeOrderOrderIdCert added in v0.4.0 

func (s *Secrets) PkiWriteRolesRoleAcmeOrderOrderIdCert(ctx context.Context, orderId string, role string, request schema.PkiWriteRolesRoleAcmeOrderOrderIdCertRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

PkiWriteRolesRoleAcmeOrderOrderIdCert orderId: The ACME order identifier to fetch role: The desired role for the acme request

func (*Secrets) PkiWriteRolesRoleAcmeOrderOrderIdFinalize added in v0.4.0 

func (s *Secrets) PkiWriteRolesRoleAcmeOrderOrderIdFinalize(ctx context.Context, orderId string, role string, request schema.PkiWriteRolesRoleAcmeOrderOrderIdFinalizeRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

PkiWriteRolesRoleAcmeOrderOrderIdFinalize orderId: The ACME order identifier to fetch role: The desired role for the acme request

func (*Secrets) PkiWriteRolesRoleAcmeOrders added in v0.4.0 

func (s *Secrets) PkiWriteRolesRoleAcmeOrders(ctx context.Context, role string, request schema.PkiWriteRolesRoleAcmeOrdersRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

PkiWriteRolesRoleAcmeOrders role: The desired role for the acme request

func (*Secrets) PkiWriteRolesRoleAcmeRevokeCert added in v0.4.0 

func (s *Secrets) PkiWriteRolesRoleAcmeRevokeCert(ctx context.Context, role string, request schema.PkiWriteRolesRoleAcmeRevokeCertRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

PkiWriteRolesRoleAcmeRevokeCert role: The desired role for the acme request

func (*Secrets) RabbitMqConfigureConnection added in v0.3.0 

func (s *Secrets) RabbitMqConfigureConnection(ctx context.Context, request schema.RabbitMqConfigureConnectionRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

RabbitMqConfigureConnection Configure the connection URI, username, and password to talk to RabbitMQ management HTTP API.

func (*Secrets) RabbitMqConfigureLease added in v0.3.0 

func (s *Secrets) RabbitMqConfigureLease(ctx context.Context, request schema.RabbitMqConfigureLeaseRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

RabbitMqConfigureLease

func (*Secrets) RabbitMqDeleteRole added in v0.3.0 

func (s *Secrets) RabbitMqDeleteRole(ctx context.Context, name string, options ...RequestOption) (*Response[map[string]interface{}], error)

RabbitMqDeleteRole Manage the roles that can be created with this backend. name: Name of the role.

func (*Secrets) RabbitMqListRoles added in v0.3.0 

func (s *Secrets) RabbitMqListRoles(ctx context.Context, options ...RequestOption) (*Response[schema.StandardListResponse], error)

RabbitMqListRoles Manage the roles that can be created with this backend.

func (*Secrets) RabbitMqReadLeaseConfiguration added in v0.3.0 

func (s *Secrets) RabbitMqReadLeaseConfiguration(ctx context.Context, options ...RequestOption) (*Response[map[string]interface{}], error)

RabbitMqReadLeaseConfiguration

func (*Secrets) RabbitMqReadRole added in v0.3.0 

func (s *Secrets) RabbitMqReadRole(ctx context.Context, name string, options ...RequestOption) (*Response[map[string]interface{}], error)

RabbitMqReadRole Manage the roles that can be created with this backend. name: Name of the role.

func (*Secrets) RabbitMqRequestCredentials added in v0.3.0 

func (s *Secrets) RabbitMqRequestCredentials(ctx context.Context, name string, options ...RequestOption) (*Response[map[string]interface{}], error)

RabbitMqRequestCredentials Request RabbitMQ credentials for a certain role. name: Name of the role.

func (*Secrets) RabbitMqWriteRole added in v0.3.0 

func (s *Secrets) RabbitMqWriteRole(ctx context.Context, name string, request schema.RabbitMqWriteRoleRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

RabbitMqWriteRole Manage the roles that can be created with this backend. name: Name of the role.

func (*Secrets) SshConfigureCa added in v0.3.0 

func (s *Secrets) SshConfigureCa(ctx context.Context, request schema.SshConfigureCaRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

SshConfigureCa

func (*Secrets) SshConfigureZeroAddress added in v0.3.0 

func (s *Secrets) SshConfigureZeroAddress(ctx context.Context, request schema.SshConfigureZeroAddressRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

SshConfigureZeroAddress

func (*Secrets) SshDeleteCaConfiguration added in v0.3.0 

func (s *Secrets) SshDeleteCaConfiguration(ctx context.Context, options ...RequestOption) (*Response[map[string]interface{}], error)

SshDeleteCaConfiguration

func (*Secrets) SshDeleteRole added in v0.3.0 

func (s *Secrets) SshDeleteRole(ctx context.Context, role string, options ...RequestOption) (*Response[map[string]interface{}], error)

SshDeleteRole Manage the 'roles' that can be created with this backend. role: [Required for all types] Name of the role being created.

func (*Secrets) SshDeleteZeroAddressConfiguration added in v0.3.0 

func (s *Secrets) SshDeleteZeroAddressConfiguration(ctx context.Context, options ...RequestOption) (*Response[map[string]interface{}], error)

SshDeleteZeroAddressConfiguration

func (*Secrets) SshGenerateCredentials added in v0.3.0 

func (s *Secrets) SshGenerateCredentials(ctx context.Context, role string, request schema.SshGenerateCredentialsRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

SshGenerateCredentials Creates a credential for establishing SSH connection with the remote host. role: [Required] Name of the role

func (*Secrets) SshIssueCertificate added in v0.3.0 

func (s *Secrets) SshIssueCertificate(ctx context.Context, role string, request schema.SshIssueCertificateRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

SshIssueCertificate role: The desired role with configuration for this request.

func (*Secrets) SshListRoles added in v0.3.0 

func (s *Secrets) SshListRoles(ctx context.Context, options ...RequestOption) (*Response[schema.StandardListResponse], error)

SshListRoles Manage the 'roles' that can be created with this backend.

func (*Secrets) SshListRolesByIp added in v0.3.0 

func (s *Secrets) SshListRolesByIp(ctx context.Context, request schema.SshListRolesByIpRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

SshListRolesByIp List all the roles associated with the given IP address.

func (*Secrets) SshReadCaConfiguration added in v0.3.0 

func (s *Secrets) SshReadCaConfiguration(ctx context.Context, options ...RequestOption) (*Response[map[string]interface{}], error)

SshReadCaConfiguration

func (*Secrets) SshReadPublicKey added in v0.3.0 

func (s *Secrets) SshReadPublicKey(ctx context.Context, options ...RequestOption) (*Response[map[string]interface{}], error)

SshReadPublicKey Retrieve the public key.

func (*Secrets) SshReadRole added in v0.3.0 

func (s *Secrets) SshReadRole(ctx context.Context, role string, options ...RequestOption) (*Response[map[string]interface{}], error)

SshReadRole Manage the 'roles' that can be created with this backend. role: [Required for all types] Name of the role being created.

func (*Secrets) SshReadZeroAddressConfiguration added in v0.3.0 

func (s *Secrets) SshReadZeroAddressConfiguration(ctx context.Context, options ...RequestOption) (*Response[map[string]interface{}], error)

SshReadZeroAddressConfiguration

func (*Secrets) SshSignCertificate added in v0.3.0 

func (s *Secrets) SshSignCertificate(ctx context.Context, role string, request schema.SshSignCertificateRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

SshSignCertificate Request signing an SSH key using a certain role with the provided details. role: The desired role with configuration for this request.

func (*Secrets) SshTidyDynamicHostKeys added in v0.3.0 

func (s *Secrets) SshTidyDynamicHostKeys(ctx context.Context, options ...RequestOption) (*Response[map[string]interface{}], error)

SshTidyDynamicHostKeys This endpoint removes the stored host keys used for the removed Dynamic Key feature, if present.

func (*Secrets) SshVerifyOtp added in v0.3.0 

func (s *Secrets) SshVerifyOtp(ctx context.Context, request schema.SshVerifyOtpRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

SshVerifyOtp Validate the OTP provided by Vault SSH Agent.

func (*Secrets) SshWriteRole added in v0.3.0 

func (s *Secrets) SshWriteRole(ctx context.Context, role string, request schema.SshWriteRoleRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

SshWriteRole Manage the 'roles' that can be created with this backend. role: [Required for all types] Name of the role being created.

func (*Secrets) TerraformCloudConfigure added in v0.3.0 

func (s *Secrets) TerraformCloudConfigure(ctx context.Context, request schema.TerraformCloudConfigureRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

TerraformCloudConfigure

func (*Secrets) TerraformCloudDeleteConfiguration added in v0.3.0 

func (s *Secrets) TerraformCloudDeleteConfiguration(ctx context.Context, options ...RequestOption) (*Response[map[string]interface{}], error)

TerraformCloudDeleteConfiguration

func (*Secrets) TerraformCloudDeleteRole added in v0.3.0 

func (s *Secrets) TerraformCloudDeleteRole(ctx context.Context, name string, options ...RequestOption) (*Response[map[string]interface{}], error)

TerraformCloudDeleteRole name: Name of the role

func (*Secrets) TerraformCloudGenerateCredentials added in v0.3.0 

func (s *Secrets) TerraformCloudGenerateCredentials(ctx context.Context, name string, options ...RequestOption) (*Response[map[string]interface{}], error)

TerraformCloudGenerateCredentials name: Name of the role

func (*Secrets) TerraformCloudListRoles added in v0.3.0 

func (s *Secrets) TerraformCloudListRoles(ctx context.Context, options ...RequestOption) (*Response[schema.StandardListResponse], error)

TerraformCloudListRoles

func (*Secrets) TerraformCloudReadConfiguration added in v0.3.0 

func (s *Secrets) TerraformCloudReadConfiguration(ctx context.Context, options ...RequestOption) (*Response[map[string]interface{}], error)

TerraformCloudReadConfiguration

func (*Secrets) TerraformCloudReadRole added in v0.3.0 

func (s *Secrets) TerraformCloudReadRole(ctx context.Context, name string, options ...RequestOption) (*Response[map[string]interface{}], error)

TerraformCloudReadRole name: Name of the role

func (*Secrets) TerraformCloudRotateRole added in v0.3.0 

func (s *Secrets) TerraformCloudRotateRole(ctx context.Context, name string, options ...RequestOption) (*Response[map[string]interface{}], error)

TerraformCloudRotateRole name: Name of the team or organization role

func (*Secrets) TerraformCloudWriteRole added in v0.3.0 

func (s *Secrets) TerraformCloudWriteRole(ctx context.Context, name string, request schema.TerraformCloudWriteRoleRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

TerraformCloudWriteRole name: Name of the role

func (*Secrets) TotpCreateKey added in v0.3.0 

func (s *Secrets) TotpCreateKey(ctx context.Context, name string, request schema.TotpCreateKeyRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

TotpCreateKey name: Name of the key.

func (*Secrets) TotpDeleteKey added in v0.3.0 

func (s *Secrets) TotpDeleteKey(ctx context.Context, name string, options ...RequestOption) (*Response[map[string]interface{}], error)

TotpDeleteKey name: Name of the key.

func (*Secrets) TotpGenerateCode added in v0.3.0 

func (s *Secrets) TotpGenerateCode(ctx context.Context, name string, options ...RequestOption) (*Response[map[string]interface{}], error)

TotpGenerateCode name: Name of the key.

func (*Secrets) TotpListKeys added in v0.3.0 

func (s *Secrets) TotpListKeys(ctx context.Context, options ...RequestOption) (*Response[schema.StandardListResponse], error)

TotpListKeys Manage the keys that can be created with this backend.

func (*Secrets) TotpReadKey added in v0.3.0 

func (s *Secrets) TotpReadKey(ctx context.Context, name string, options ...RequestOption) (*Response[map[string]interface{}], error)

TotpReadKey name: Name of the key.

func (*Secrets) TotpValidateCode added in v0.3.0 

func (s *Secrets) TotpValidateCode(ctx context.Context, name string, request schema.TotpValidateCodeRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

TotpValidateCode name: Name of the key.

func (*Secrets) TransitBackUpKey added in v0.3.0 

func (s *Secrets) TransitBackUpKey(ctx context.Context, name string, options ...RequestOption) (*Response[map[string]interface{}], error)

TransitBackUpKey Backup the named key name: Name of the key

func (*Secrets) TransitByokKey added in v0.4.0 

func (s *Secrets) TransitByokKey(ctx context.Context, destination string, source string, options ...RequestOption) (*Response[map[string]interface{}], error)

TransitByokKey Securely export named encryption or signing key destination: Destination key to export to; usually the public wrapping key of another Transit instance. source: Source key to export; could be any present key within Transit.

func (*Secrets) TransitByokKeyVersion added in v0.4.0 

func (s *Secrets) TransitByokKeyVersion(ctx context.Context, destination string, source string, version string, options ...RequestOption) (*Response[map[string]interface{}], error)

TransitByokKeyVersion Securely export named encryption or signing key destination: Destination key to export to; usually the public wrapping key of another Transit instance. source: Source key to export; could be any present key within Transit. version: Optional version of the key to export, else all key versions are exported.

func (*Secrets) TransitConfigureCache added in v0.3.0 

func (s *Secrets) TransitConfigureCache(ctx context.Context, request schema.TransitConfigureCacheRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

TransitConfigureCache Configures a new cache of the specified size

func (*Secrets) TransitConfigureKey added in v0.3.0 

func (s *Secrets) TransitConfigureKey(ctx context.Context, name string, request schema.TransitConfigureKeyRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

TransitConfigureKey Configure a named encryption key name: Name of the key

func (*Secrets) TransitConfigureKeys added in v0.3.0 

func (s *Secrets) TransitConfigureKeys(ctx context.Context, request schema.TransitConfigureKeysRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

TransitConfigureKeys

func (*Secrets) TransitCreateKey added in v0.3.0 

func (s *Secrets) TransitCreateKey(ctx context.Context, name string, request schema.TransitCreateKeyRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

TransitCreateKey name: Name of the key

func (*Secrets) TransitDecrypt 

func (s *Secrets) TransitDecrypt(ctx context.Context, name string, request schema.TransitDecryptRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

TransitDecrypt Decrypt a ciphertext value using a named key name: Name of the key

func (*Secrets) TransitDeleteKey 

func (s *Secrets) TransitDeleteKey(ctx context.Context, name string, options ...RequestOption) (*Response[map[string]interface{}], error)

TransitDeleteKey name: Name of the key

func (*Secrets) TransitEncrypt 

func (s *Secrets) TransitEncrypt(ctx context.Context, name string, request schema.TransitEncryptRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

TransitEncrypt Encrypt a plaintext value or a batch of plaintext blocks using a named key name: Name of the key

func (*Secrets) TransitExportKey added in v0.3.0 

func (s *Secrets) TransitExportKey(ctx context.Context, name string, type_ string, options ...RequestOption) (*Response[map[string]interface{}], error)

TransitExportKey Export named encryption or signing key name: Name of the key type_: Type of key to export (encryption-key, signing-key, hmac-key, public-key)

func (*Secrets) TransitExportKeyVersion added in v0.3.0 

func (s *Secrets) TransitExportKeyVersion(ctx context.Context, name string, type_ string, version string, options ...RequestOption) (*Response[map[string]interface{}], error)

TransitExportKeyVersion Export named encryption or signing key name: Name of the key type_: Type of key to export (encryption-key, signing-key, hmac-key, public-key) version: Version of the key

func (*Secrets) TransitGenerateCsrForKey added in v0.4.0 

func (s *Secrets) TransitGenerateCsrForKey(ctx context.Context, name string, request schema.TransitGenerateCsrForKeyRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

TransitGenerateCsrForKey name: Name of the key

func (*Secrets) TransitGenerateDataKey 

func (s *Secrets) TransitGenerateDataKey(ctx context.Context, name string, plaintext string, request schema.TransitGenerateDataKeyRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

TransitGenerateDataKey Generate a data key name: The backend key used for encrypting the data key plaintext: \"plaintext\" will return the key in both plaintext and ciphertext; \"wrapped\" will return the ciphertext only.

func (*Secrets) TransitGenerateHmac added in v0.3.0 

func (s *Secrets) TransitGenerateHmac(ctx context.Context, name string, request schema.TransitGenerateHmacRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

TransitGenerateHmac Generate an HMAC for input data using the named key name: The key to use for the HMAC function

func (*Secrets) TransitGenerateHmacWithAlgorithm added in v0.3.0 

func (s *Secrets) TransitGenerateHmacWithAlgorithm(ctx context.Context, name string, urlalgorithm string, request schema.TransitGenerateHmacWithAlgorithmRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

TransitGenerateHmacWithAlgorithm Generate an HMAC for input data using the named key name: The key to use for the HMAC function urlalgorithm: Algorithm to use (POST URL parameter)

func (*Secrets) TransitGenerateRandom 

func (s *Secrets) TransitGenerateRandom(ctx context.Context, request schema.TransitGenerateRandomRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

TransitGenerateRandom Generate random bytes

func (*Secrets) TransitGenerateRandomWithBytes added in v0.3.0 

func (s *Secrets) TransitGenerateRandomWithBytes(ctx context.Context, urlbytes string, request schema.TransitGenerateRandomWithBytesRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

TransitGenerateRandomWithBytes Generate random bytes urlbytes: The number of bytes to generate (POST URL parameter)

func (*Secrets) TransitGenerateRandomWithSource added in v0.3.0 

func (s *Secrets) TransitGenerateRandomWithSource(ctx context.Context, source string, request schema.TransitGenerateRandomWithSourceRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

TransitGenerateRandomWithSource Generate random bytes source: Which system to source random data from, ether \"platform\", \"seal\", or \"all\".

func (*Secrets) TransitGenerateRandomWithSourceAndBytes added in v0.3.0 

func (s *Secrets) TransitGenerateRandomWithSourceAndBytes(ctx context.Context, source string, urlbytes string, request schema.TransitGenerateRandomWithSourceAndBytesRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

TransitGenerateRandomWithSourceAndBytes Generate random bytes source: Which system to source random data from, ether \"platform\", \"seal\", or \"all\". urlbytes: The number of bytes to generate (POST URL parameter)

func (*Secrets) TransitHash 

func (s *Secrets) TransitHash(ctx context.Context, request schema.TransitHashRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

TransitHash Generate a hash sum for input data

func (*Secrets) TransitHashWithAlgorithm 

func (s *Secrets) TransitHashWithAlgorithm(ctx context.Context, urlalgorithm string, request schema.TransitHashWithAlgorithmRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

TransitHashWithAlgorithm Generate a hash sum for input data urlalgorithm: Algorithm to use (POST URL parameter)

func (*Secrets) TransitImportKey 

func (s *Secrets) TransitImportKey(ctx context.Context, name string, request schema.TransitImportKeyRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

TransitImportKey Imports an externally-generated key into a new transit key name: The name of the key

func (*Secrets) TransitImportKeyVersion 

func (s *Secrets) TransitImportKeyVersion(ctx context.Context, name string, request schema.TransitImportKeyVersionRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

TransitImportKeyVersion Imports an externally-generated key into an existing imported key name: The name of the key

func (*Secrets) TransitListKeys 

func (s *Secrets) TransitListKeys(ctx context.Context, options ...RequestOption) (*Response[schema.StandardListResponse], error)

TransitListKeys Managed named encryption keys

func (*Secrets) TransitReadCacheConfiguration added in v0.3.0 

func (s *Secrets) TransitReadCacheConfiguration(ctx context.Context, options ...RequestOption) (*Response[map[string]interface{}], error)

TransitReadCacheConfiguration Returns the size of the active cache

func (*Secrets) TransitReadKey 

func (s *Secrets) TransitReadKey(ctx context.Context, name string, options ...RequestOption) (*Response[map[string]interface{}], error)

TransitReadKey name: Name of the key

func (*Secrets) TransitReadKeysConfiguration added in v0.3.0 

func (s *Secrets) TransitReadKeysConfiguration(ctx context.Context, options ...RequestOption) (*Response[map[string]interface{}], error)

TransitReadKeysConfiguration

func (*Secrets) TransitReadWrappingKey 

func (s *Secrets) TransitReadWrappingKey(ctx context.Context, options ...RequestOption) (*Response[map[string]interface{}], error)

TransitReadWrappingKey Returns the public key to use for wrapping imported keys

func (*Secrets) TransitRestoreAndRenameKey added in v0.3.0 

func (s *Secrets) TransitRestoreAndRenameKey(ctx context.Context, name string, request schema.TransitRestoreAndRenameKeyRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

TransitRestoreAndRenameKey Restore the named key name: If set, this will be the name of the restored key.

func (*Secrets) TransitRestoreKey 

func (s *Secrets) TransitRestoreKey(ctx context.Context, request schema.TransitRestoreKeyRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

TransitRestoreKey Restore the named key

func (*Secrets) TransitRewrap 

func (s *Secrets) TransitRewrap(ctx context.Context, name string, request schema.TransitRewrapRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

TransitRewrap Rewrap ciphertext name: Name of the key

func (*Secrets) TransitRotateKey 

func (s *Secrets) TransitRotateKey(ctx context.Context, name string, request schema.TransitRotateKeyRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

TransitRotateKey Rotate named encryption key name: Name of the key

func (*Secrets) TransitSetCertificateForKey added in v0.4.0 

func (s *Secrets) TransitSetCertificateForKey(ctx context.Context, name string, request schema.TransitSetCertificateForKeyRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

TransitSetCertificateForKey name: Name of the key

func (*Secrets) TransitSign 

func (s *Secrets) TransitSign(ctx context.Context, name string, request schema.TransitSignRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

TransitSign Generate a signature for input data using the named key name: The key to use

func (*Secrets) TransitSignWithAlgorithm 

func (s *Secrets) TransitSignWithAlgorithm(ctx context.Context, name string, urlalgorithm string, request schema.TransitSignWithAlgorithmRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

TransitSignWithAlgorithm Generate a signature for input data using the named key name: The key to use urlalgorithm: Hash algorithm to use (POST URL parameter)

func (*Secrets) TransitTrimKey 

func (s *Secrets) TransitTrimKey(ctx context.Context, name string, request schema.TransitTrimKeyRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

TransitTrimKey Trim key versions of a named key name: Name of the key

func (*Secrets) TransitVerify 

func (s *Secrets) TransitVerify(ctx context.Context, name string, request schema.TransitVerifyRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

TransitVerify Verify a signature or HMAC for input data created using the named key name: The key to use

func (*Secrets) TransitVerifyWithAlgorithm 

func (s *Secrets) TransitVerifyWithAlgorithm(ctx context.Context, name string, urlalgorithm string, request schema.TransitVerifyWithAlgorithmRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

TransitVerifyWithAlgorithm Verify a signature or HMAC for input data created using the named key name: The key to use urlalgorithm: Hash algorithm to use (POST URL parameter)

type ServerCertificateEntry 

type ServerCertificateEntry struct {
	// FromFile is the path to a PEM-encoded CA certificate file or bundle.
	// Default: "", takes precedence over 'FromBytes' and 'FromDirectory'.
	FromFile string `env:"VAULT_CACERT"`

	// FromBytes is PEM-encoded CA certificate data.
	// Default: nil, takes precedence over 'FromDirectory'.
	FromBytes []byte `env:"VAULT_CACERT_BYTES"`

	// FromDirectory is the path to a directory populated with PEM-encoded
	// certificates.
	// Default: ""
	FromDirectory string `env:"VAULT_CAPATH"`
}

type System 

type System struct {
	// contains filtered or unexported fields
}

System is a simple wrapper around the client for System requests

func (*System) AuditingCalculateHash added in v0.3.0 

func (s *System) AuditingCalculateHash(ctx context.Context, path string, request schema.AuditingCalculateHashRequest, options ...RequestOption) (*Response[schema.AuditingCalculateHashResponse], error)

AuditingCalculateHash path: The name of the backend. Cannot be delimited. Example: \"mysql\"

func (*System) AuditingDisableDevice added in v0.3.0 

func (s *System) AuditingDisableDevice(ctx context.Context, path string, options ...RequestOption) (*Response[map[string]interface{}], error)

AuditingDisableDevice Disable the audit device at the given path. path: The name of the backend. Cannot be delimited. Example: \"mysql\"

func (*System) AuditingDisableRequestHeader added in v0.3.0 

func (s *System) AuditingDisableRequestHeader(ctx context.Context, header string, options ...RequestOption) (*Response[map[string]interface{}], error)

AuditingDisableRequestHeader Disable auditing of the given request header.

func (*System) AuditingEnableDevice added in v0.3.0 

func (s *System) AuditingEnableDevice(ctx context.Context, path string, request schema.AuditingEnableDeviceRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

AuditingEnableDevice Enable a new audit device at the supplied path. path: The name of the backend. Cannot be delimited. Example: \"mysql\"

func (*System) AuditingEnableRequestHeader added in v0.3.0 

func (s *System) AuditingEnableRequestHeader(ctx context.Context, header string, request schema.AuditingEnableRequestHeaderRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

AuditingEnableRequestHeader Enable auditing of a header.

func (*System) AuditingListEnabledDevices added in v0.3.0 

func (s *System) AuditingListEnabledDevices(ctx context.Context, options ...RequestOption) (*Response[map[string]interface{}], error)

AuditingListEnabledDevices List the enabled audit devices.

func (*System) AuditingListRequestHeaders added in v0.3.0 

func (s *System) AuditingListRequestHeaders(ctx context.Context, options ...RequestOption) (*Response[schema.AuditingListRequestHeadersResponse], error)

AuditingListRequestHeaders List the request headers that are configured to be audited.

func (*System) AuditingReadRequestHeaderInformation added in v0.3.0 

func (s *System) AuditingReadRequestHeaderInformation(ctx context.Context, header string, options ...RequestOption) (*Response[map[string]interface{}], error)

AuditingReadRequestHeaderInformation List the information for the given request header.

func (*System) AuthDisableMethod added in v0.3.0 

func (s *System) AuthDisableMethod(ctx context.Context, path string, options ...RequestOption) (*Response[map[string]interface{}], error)

AuthDisableMethod Disable the auth method at the given auth path path: The path to mount to. Cannot be delimited. Example: \"user\"

func (*System) AuthEnableMethod added in v0.3.0 

func (s *System) AuthEnableMethod(ctx context.Context, path string, request schema.AuthEnableMethodRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

AuthEnableMethod Enables a new auth method. After enabling, the auth method can be accessed and configured via the auth path specified as part of the URL. This auth path will be nested under the auth prefix. For example, enable the \"foo\" auth method will make it accessible at /auth/foo. path: The path to mount to. Cannot be delimited. Example: \"user\"

func (*System) AuthListEnabledMethods added in v0.3.0 

func (s *System) AuthListEnabledMethods(ctx context.Context, options ...RequestOption) (*Response[map[string]interface{}], error)

AuthListEnabledMethods

func (*System) AuthReadConfiguration added in v0.3.0 

func (s *System) AuthReadConfiguration(ctx context.Context, path string, options ...RequestOption) (*Response[schema.AuthReadConfigurationResponse], error)

AuthReadConfiguration Read the configuration of the auth engine at the given path. path: The path to mount to. Cannot be delimited. Example: \"user\"

func (*System) AuthReadTuningInformation added in v0.3.0 

func (s *System) AuthReadTuningInformation(ctx context.Context, path string, options ...RequestOption) (*Response[schema.AuthReadTuningInformationResponse], error)

AuthReadTuningInformation Reads the given auth path's configuration. This endpoint requires sudo capability on the final path, but the same functionality can be achieved without sudo via `sys/mounts/auth/[auth-path]/tune`. path: Tune the configuration parameters for an auth path.

func (*System) AuthTuneConfigurationParameters added in v0.3.0 

func (s *System) AuthTuneConfigurationParameters(ctx context.Context, path string, request schema.AuthTuneConfigurationParametersRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

AuthTuneConfigurationParameters Tune configuration parameters for a given auth path. This endpoint requires sudo capability on the final path, but the same functionality can be achieved without sudo via `sys/mounts/auth/[auth-path]/tune`. path: Tune the configuration parameters for an auth path.

func (*System) CollectHostInformation added in v0.3.0 

func (s *System) CollectHostInformation(ctx context.Context, options ...RequestOption) (*Response[schema.CollectHostInformationResponse], error)

CollectHostInformation Information about the host instance that this Vault server is running on. Information about the host instance that this Vault server is running on. The information that gets collected includes host hardware information, and CPU, disk, and memory utilization

func (*System) CollectInFlightRequestInformation added in v0.3.0 

func (s *System) CollectInFlightRequestInformation(ctx context.Context, options ...RequestOption) (*Response[map[string]interface{}], error)

CollectInFlightRequestInformation reports in-flight requests This path responds to the following HTTP methods. GET / Returns a map of in-flight requests.

func (*System) CorsConfigure added in v0.3.0 

func (s *System) CorsConfigure(ctx context.Context, request schema.CorsConfigureRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

CorsConfigure Configure the CORS settings.

func (*System) CorsDeleteConfiguration added in v0.3.0 

func (s *System) CorsDeleteConfiguration(ctx context.Context, options ...RequestOption) (*Response[map[string]interface{}], error)

CorsDeleteConfiguration Remove any CORS settings.

func (*System) CorsReadConfiguration added in v0.3.0 

func (s *System) CorsReadConfiguration(ctx context.Context, options ...RequestOption) (*Response[schema.CorsReadConfigurationResponse], error)

CorsReadConfiguration Return the current CORS settings.

func (*System) Decode added in v0.4.0 

func (s *System) Decode(ctx context.Context, request schema.DecodeRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

Decode Decodes the encoded token with the otp.

func (*System) EncryptionKeyConfigureRotation added in v0.3.0 

func (s *System) EncryptionKeyConfigureRotation(ctx context.Context, request schema.EncryptionKeyConfigureRotationRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

EncryptionKeyConfigureRotation

func (*System) EncryptionKeyReadRotationConfiguration added in v0.3.0 

func (s *System) EncryptionKeyReadRotationConfiguration(ctx context.Context, options ...RequestOption) (*Response[schema.EncryptionKeyReadRotationConfigurationResponse], error)

EncryptionKeyReadRotationConfiguration

func (*System) EncryptionKeyRotate added in v0.3.0 

func (s *System) EncryptionKeyRotate(ctx context.Context, options ...RequestOption) (*Response[map[string]interface{}], error)

EncryptionKeyRotate

func (*System) EncryptionKeyStatus added in v0.3.0 

func (s *System) EncryptionKeyStatus(ctx context.Context, options ...RequestOption) (*Response[map[string]interface{}], error)

EncryptionKeyStatus Provides information about the backend encryption key.

func (*System) GenerateHash added in v0.3.0 

func (s *System) GenerateHash(ctx context.Context, request schema.GenerateHashRequest, options ...RequestOption) (*Response[schema.GenerateHashResponse], error)

GenerateHash

func (*System) GenerateHashWithAlgorithm added in v0.3.0 

func (s *System) GenerateHashWithAlgorithm(ctx context.Context, urlalgorithm string, request schema.GenerateHashWithAlgorithmRequest, options ...RequestOption) (*Response[schema.GenerateHashWithAlgorithmResponse], error)

GenerateHashWithAlgorithm urlalgorithm: Algorithm to use (POST URL parameter)

func (*System) GenerateRandom added in v0.3.0 

func (s *System) GenerateRandom(ctx context.Context, request schema.GenerateRandomRequest, options ...RequestOption) (*Response[schema.GenerateRandomResponse], error)

GenerateRandom

func (*System) GenerateRandomWithBytes added in v0.3.0 

func (s *System) GenerateRandomWithBytes(ctx context.Context, urlbytes string, request schema.GenerateRandomWithBytesRequest, options ...RequestOption) (*Response[schema.GenerateRandomWithBytesResponse], error)

GenerateRandomWithBytes urlbytes: The number of bytes to generate (POST URL parameter)

func (*System) GenerateRandomWithSource added in v0.3.0 

func (s *System) GenerateRandomWithSource(ctx context.Context, source string, request schema.GenerateRandomWithSourceRequest, options ...RequestOption) (*Response[schema.GenerateRandomWithSourceResponse], error)

GenerateRandomWithSource source: Which system to source random data from, ether \"platform\", \"seal\", or \"all\".

func (*System) GenerateRandomWithSourceAndBytes added in v0.3.0 

func (s *System) GenerateRandomWithSourceAndBytes(ctx context.Context, source string, urlbytes string, request schema.GenerateRandomWithSourceAndBytesRequest, options ...RequestOption) (*Response[schema.GenerateRandomWithSourceAndBytesResponse], error)

GenerateRandomWithSourceAndBytes source: Which system to source random data from, ether \"platform\", \"seal\", or \"all\". urlbytes: The number of bytes to generate (POST URL parameter)

func (*System) HaStatus added in v0.3.0 

func (s *System) HaStatus(ctx context.Context, options ...RequestOption) (*Response[schema.HaStatusResponse], error)

HaStatus Check the HA status of a Vault cluster

func (*System) Initialize added in v0.3.0 

func (s *System) Initialize(ctx context.Context, request schema.InitializeRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

Initialize Initialize a new Vault. The Vault must not have been previously initialized. The recovery options, as well as the stored shares option, are only available when using Vault HSM.

func (*System) InternalClientActivityConfigure added in v0.3.0 

func (s *System) InternalClientActivityConfigure(ctx context.Context, request schema.InternalClientActivityConfigureRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

InternalClientActivityConfigure Enable or disable collection of client count, set retention period, or set default reporting period.

func (*System) InternalClientActivityExport added in v0.3.0 

func (s *System) InternalClientActivityExport(ctx context.Context, options ...RequestOption) (*Response[map[string]interface{}], error)

InternalClientActivityExport Report the client count metrics, for this namespace and all child namespaces.

func (*System) InternalClientActivityReadConfiguration added in v0.3.0 

func (s *System) InternalClientActivityReadConfiguration(ctx context.Context, options ...RequestOption) (*Response[map[string]interface{}], error)

InternalClientActivityReadConfiguration Read the client count tracking configuration.

func (*System) InternalClientActivityReportCounts added in v0.3.0 

func (s *System) InternalClientActivityReportCounts(ctx context.Context, options ...RequestOption) (*Response[map[string]interface{}], error)

InternalClientActivityReportCounts Report the client count metrics, for this namespace and all child namespaces.

func (*System) InternalClientActivityReportCountsThisMonth added in v0.3.0 

func (s *System) InternalClientActivityReportCountsThisMonth(ctx context.Context, options ...RequestOption) (*Response[map[string]interface{}], error)

InternalClientActivityReportCountsThisMonth Report the number of clients for this month, for this namespace and all child namespaces.

func (*System) InternalCountEntities added in v0.3.0 

func (s *System) InternalCountEntities(ctx context.Context, options ...RequestOption) (*Response[schema.InternalCountEntitiesResponse], error)

InternalCountEntities Backwards compatibility is not guaranteed for this API

func (*System) InternalCountRequests added in v0.3.0 

func (s *System) InternalCountRequests(ctx context.Context, options ...RequestOption) (*Response[map[string]interface{}], error)

Deprecated InternalCountRequests Backwards compatibility is not guaranteed for this API

func (*System) InternalCountTokens added in v0.3.0 

func (s *System) InternalCountTokens(ctx context.Context, options ...RequestOption) (*Response[schema.InternalCountTokensResponse], error)

InternalCountTokens Backwards compatibility is not guaranteed for this API

func (*System) InternalGenerateOpenApiDocument added in v0.3.0 

func (s *System) InternalGenerateOpenApiDocument(ctx context.Context, context string, genericMountPaths bool, options ...RequestOption) (*Response[map[string]interface{}], error)

InternalGenerateOpenApiDocument context: Context string appended to every operationId genericMountPaths: Use generic mount paths

func (*System) InternalGenerateOpenApiDocumentWithParameters added in v0.4.0 

func (s *System) InternalGenerateOpenApiDocumentWithParameters(ctx context.Context, request schema.InternalGenerateOpenApiDocumentWithParametersRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

InternalGenerateOpenApiDocumentWithParameters

func (*System) InternalInspectRouter added in v0.3.0 

func (s *System) InternalInspectRouter(ctx context.Context, tag string, options ...RequestOption) (*Response[map[string]interface{}], error)

InternalInspectRouter Expose the route entry and mount entry tables present in the router tag: Name of subtree being observed

func (*System) InternalUiListEnabledFeatureFlags added in v0.3.0 

func (s *System) InternalUiListEnabledFeatureFlags(ctx context.Context, options ...RequestOption) (*Response[schema.InternalUiListEnabledFeatureFlagsResponse], error)

InternalUiListEnabledFeatureFlags Lists enabled feature flags.

func (*System) InternalUiListEnabledVisibleMounts added in v0.3.0 

func (s *System) InternalUiListEnabledVisibleMounts(ctx context.Context, options ...RequestOption) (*Response[schema.InternalUiListEnabledVisibleMountsResponse], error)

InternalUiListEnabledVisibleMounts Lists all enabled and visible auth and secrets mounts.

func (*System) InternalUiListNamespaces added in v0.3.0 

func (s *System) InternalUiListNamespaces(ctx context.Context, options ...RequestOption) (*Response[schema.InternalUiListNamespacesResponse], error)

InternalUiListNamespaces Backwards compatibility is not guaranteed for this API

func (*System) InternalUiReadMountInformation added in v0.3.0 

func (s *System) InternalUiReadMountInformation(ctx context.Context, path string, options ...RequestOption) (*Response[schema.InternalUiReadMountInformationResponse], error)

InternalUiReadMountInformation Return information about the given mount. path: The path of the mount.

func (*System) InternalUiReadResultantAcl added in v0.3.0 

func (s *System) InternalUiReadResultantAcl(ctx context.Context, options ...RequestOption) (*Response[schema.InternalUiReadResultantAclResponse], error)

InternalUiReadResultantAcl Backwards compatibility is not guaranteed for this API

func (*System) LeaderStatus added in v0.3.0 

func (s *System) LeaderStatus(ctx context.Context, options ...RequestOption) (*Response[schema.LeaderStatusResponse], error)

LeaderStatus Returns the high availability status and current leader instance of Vault.

func (*System) LeasesCount added in v0.3.0 

func (s *System) LeasesCount(ctx context.Context, options ...RequestOption) (*Response[schema.LeasesCountResponse], error)

LeasesCount

func (*System) LeasesForceRevokeLeaseWithPrefix added in v0.3.0 

func (s *System) LeasesForceRevokeLeaseWithPrefix(ctx context.Context, prefix string, options ...RequestOption) (*Response[map[string]interface{}], error)

LeasesForceRevokeLeaseWithPrefix Revokes all secrets or tokens generated under a given prefix immediately Unlike `/sys/leases/revoke-prefix`, this path ignores backend errors encountered during revocation. This is potentially very dangerous and should only be used in specific emergency situations where errors in the backend or the connected backend service prevent normal revocation. By ignoring these errors, Vault abdicates responsibility for ensuring that the issued credentials or secrets are properly revoked and/or cleaned up. Access to this endpoint should be tightly controlled. prefix: The path to revoke keys under. Example: \"prod/aws/ops\"

func (*System) LeasesList added in v0.3.0 

func (s *System) LeasesList(ctx context.Context, options ...RequestOption) (*Response[schema.LeasesListResponse], error)

LeasesList

func (*System) LeasesLookUp added in v0.3.0 

func (s *System) LeasesLookUp(ctx context.Context, prefix string, options ...RequestOption) (*Response[schema.LeasesLookUpResponse], error)

LeasesLookUp prefix: The path to list leases under. Example: \"aws/creds/deploy\"

func (*System) LeasesReadLease added in v0.3.0 

func (s *System) LeasesReadLease(ctx context.Context, request schema.LeasesReadLeaseRequest, options ...RequestOption) (*Response[schema.LeasesReadLeaseResponse], error)

LeasesReadLease

func (*System) LeasesRenewLease added in v0.3.0 

func (s *System) LeasesRenewLease(ctx context.Context, request schema.LeasesRenewLeaseRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

LeasesRenewLease Renews a lease, requesting to extend the lease.

func (*System) LeasesRenewLeaseWithId added in v0.3.0 

func (s *System) LeasesRenewLeaseWithId(ctx context.Context, urlLeaseId string, request schema.LeasesRenewLeaseWithIdRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

LeasesRenewLeaseWithId Renews a lease, requesting to extend the lease. urlLeaseId: The lease identifier to renew. This is included with a lease.

func (*System) LeasesRevokeLease added in v0.3.0 

func (s *System) LeasesRevokeLease(ctx context.Context, request schema.LeasesRevokeLeaseRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

LeasesRevokeLease Revokes a lease immediately.

func (*System) LeasesRevokeLeaseWithId added in v0.3.0 

func (s *System) LeasesRevokeLeaseWithId(ctx context.Context, urlLeaseId string, request schema.LeasesRevokeLeaseWithIdRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

LeasesRevokeLeaseWithId Revokes a lease immediately. urlLeaseId: The lease identifier to renew. This is included with a lease.

func (*System) LeasesRevokeLeaseWithPrefix added in v0.3.0 

func (s *System) LeasesRevokeLeaseWithPrefix(ctx context.Context, prefix string, request schema.LeasesRevokeLeaseWithPrefixRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

LeasesRevokeLeaseWithPrefix Revokes all secrets (via a lease ID prefix) or tokens (via the tokens' path property) generated under a given prefix immediately. prefix: The path to revoke keys under. Example: \"prod/aws/ops\"

func (*System) LeasesTidy added in v0.3.0 

func (s *System) LeasesTidy(ctx context.Context, options ...RequestOption) (*Response[map[string]interface{}], error)

LeasesTidy

func (*System) ListExperimentalFeatures added in v0.3.0 

func (s *System) ListExperimentalFeatures(ctx context.Context, options ...RequestOption) (*Response[map[string]interface{}], error)

ListExperimentalFeatures Returns the available and enabled experiments

func (*System) LockedUsersList added in v0.3.0 

func (s *System) LockedUsersList(ctx context.Context, options ...RequestOption) (*Response[map[string]interface{}], error)

LockedUsersList Report the locked user count metrics, for this namespace and all child namespaces.

func (*System) LockedUsersUnlock added in v0.3.0 

func (s *System) LockedUsersUnlock(ctx context.Context, aliasIdentifier string, mountAccessor string, options ...RequestOption) (*Response[map[string]interface{}], error)

LockedUsersUnlock Unlocks the user with given mount_accessor and alias_identifier aliasIdentifier: It is the name of the alias (user). For example, if the alias belongs to userpass backend, the name should be a valid username within userpass auth method. If the alias belongs to an approle auth method, the name should be a valid RoleID mountAccessor: MountAccessor is the identifier of the mount entry to which the user belongs

func (*System) LoggersReadVerbosityLevel added in v0.3.0 

func (s *System) LoggersReadVerbosityLevel(ctx context.Context, options ...RequestOption) (*Response[map[string]interface{}], error)

LoggersReadVerbosityLevel Read the log level for all existing loggers.

func (*System) LoggersReadVerbosityLevelFor added in v0.3.0 

func (s *System) LoggersReadVerbosityLevelFor(ctx context.Context, name string, options ...RequestOption) (*Response[map[string]interface{}], error)

LoggersReadVerbosityLevelFor Read the log level for a single logger. name: The name of the logger to be modified.

func (*System) LoggersRevertVerbosityLevel added in v0.3.0 

func (s *System) LoggersRevertVerbosityLevel(ctx context.Context, options ...RequestOption) (*Response[map[string]interface{}], error)

LoggersRevertVerbosityLevel Revert the all loggers to use log level provided in config.

func (*System) LoggersRevertVerbosityLevelFor added in v0.3.0 

func (s *System) LoggersRevertVerbosityLevelFor(ctx context.Context, name string, options ...RequestOption) (*Response[map[string]interface{}], error)

LoggersRevertVerbosityLevelFor Revert a single logger to use log level provided in config. name: The name of the logger to be modified.

func (*System) LoggersUpdateVerbosityLevel added in v0.3.0 

func (s *System) LoggersUpdateVerbosityLevel(ctx context.Context, request schema.LoggersUpdateVerbosityLevelRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

LoggersUpdateVerbosityLevel Modify the log level for all existing loggers.

func (*System) LoggersUpdateVerbosityLevelFor added in v0.3.0 

func (s *System) LoggersUpdateVerbosityLevelFor(ctx context.Context, name string, request schema.LoggersUpdateVerbosityLevelForRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

LoggersUpdateVerbosityLevelFor Modify the log level of a single logger. name: The name of the logger to be modified.

func (*System) Metrics added in v0.3.0 

func (s *System) Metrics(ctx context.Context, format string, options ...RequestOption) (*Response[map[string]interface{}], error)

Metrics format: Format to export metrics into. Currently accepts only \"prometheus\".

func (*System) MfaValidate added in v0.3.0 

func (s *System) MfaValidate(ctx context.Context, request schema.MfaValidateRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

MfaValidate Validates the login for the given MFA methods. Upon successful validation, it returns an auth response containing the client token

func (*System) Monitor 

func (s *System) Monitor(ctx context.Context, logFormat string, logLevel string, options ...RequestOption) (*Response[map[string]interface{}], error)

Monitor logFormat: Output format of logs. Supported values are \"standard\" and \"json\". The default is \"standard\". logLevel: Log level to view system logs at. Currently supported values are \"trace\", \"debug\", \"info\", \"warn\", \"error\".

func (*System) MountsDisableSecretsEngine added in v0.3.0 

func (s *System) MountsDisableSecretsEngine(ctx context.Context, path string, options ...RequestOption) (*Response[map[string]interface{}], error)

MountsDisableSecretsEngine Disable the mount point specified at the given path. path: The path to mount to. Example: \"aws/east\"

func (*System) MountsEnableSecretsEngine added in v0.3.0 

func (s *System) MountsEnableSecretsEngine(ctx context.Context, path string, request schema.MountsEnableSecretsEngineRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

MountsEnableSecretsEngine Enable a new secrets engine at the given path. path: The path to mount to. Example: \"aws/east\"

func (*System) MountsListSecretsEngines added in v0.3.0 

func (s *System) MountsListSecretsEngines(ctx context.Context, options ...RequestOption) (*Response[map[string]interface{}], error)

MountsListSecretsEngines

func (*System) MountsReadConfiguration added in v0.3.0 

func (s *System) MountsReadConfiguration(ctx context.Context, path string, options ...RequestOption) (*Response[schema.MountsReadConfigurationResponse], error)

MountsReadConfiguration Read the configuration of the secret engine at the given path. path: The path to mount to. Example: \"aws/east\"

func (*System) MountsReadTuningInformation added in v0.3.0 

func (s *System) MountsReadTuningInformation(ctx context.Context, path string, options ...RequestOption) (*Response[schema.MountsReadTuningInformationResponse], error)

MountsReadTuningInformation path: The path to mount to. Example: \"aws/east\"

func (*System) MountsTuneConfigurationParameters added in v0.3.0 

func (s *System) MountsTuneConfigurationParameters(ctx context.Context, path string, request schema.MountsTuneConfigurationParametersRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

MountsTuneConfigurationParameters path: The path to mount to. Example: \"aws/east\"

func (*System) PluginsCatalogListPlugins added in v0.3.0 

func (s *System) PluginsCatalogListPlugins(ctx context.Context, options ...RequestOption) (*Response[schema.PluginsCatalogListPluginsResponse], error)

PluginsCatalogListPlugins

func (*System) PluginsCatalogListPluginsWithType added in v0.3.0 

func (s *System) PluginsCatalogListPluginsWithType(ctx context.Context, type_ string, options ...RequestOption) (*Response[schema.PluginsCatalogListPluginsWithTypeResponse], error)

PluginsCatalogListPluginsWithType List the plugins in the catalog. type_: The type of the plugin, may be auth, secret, or database

func (*System) PluginsCatalogReadPluginConfiguration added in v0.3.0 

func (s *System) PluginsCatalogReadPluginConfiguration(ctx context.Context, name string, options ...RequestOption) (*Response[schema.PluginsCatalogReadPluginConfigurationResponse], error)

PluginsCatalogReadPluginConfiguration Return the configuration data for the plugin with the given name. name: The name of the plugin

func (*System) PluginsCatalogReadPluginConfigurationWithType added in v0.3.0 

func (s *System) PluginsCatalogReadPluginConfigurationWithType(ctx context.Context, name string, type_ string, options ...RequestOption) (*Response[schema.PluginsCatalogReadPluginConfigurationWithTypeResponse], error)

PluginsCatalogReadPluginConfigurationWithType Return the configuration data for the plugin with the given name. name: The name of the plugin type_: The type of the plugin, may be auth, secret, or database

func (*System) PluginsCatalogRegisterPlugin added in v0.3.0 

func (s *System) PluginsCatalogRegisterPlugin(ctx context.Context, name string, request schema.PluginsCatalogRegisterPluginRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

PluginsCatalogRegisterPlugin Register a new plugin, or updates an existing one with the supplied name. name: The name of the plugin

func (*System) PluginsCatalogRegisterPluginWithType added in v0.3.0 

func (s *System) PluginsCatalogRegisterPluginWithType(ctx context.Context, name string, type_ string, request schema.PluginsCatalogRegisterPluginWithTypeRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

PluginsCatalogRegisterPluginWithType Register a new plugin, or updates an existing one with the supplied name. name: The name of the plugin type_: The type of the plugin, may be auth, secret, or database

func (*System) PluginsCatalogRemovePlugin added in v0.3.0 

func (s *System) PluginsCatalogRemovePlugin(ctx context.Context, name string, options ...RequestOption) (*Response[map[string]interface{}], error)

PluginsCatalogRemovePlugin Remove the plugin with the given name. name: The name of the plugin

func (*System) PluginsCatalogRemovePluginWithType added in v0.3.0 

func (s *System) PluginsCatalogRemovePluginWithType(ctx context.Context, name string, type_ string, options ...RequestOption) (*Response[map[string]interface{}], error)

PluginsCatalogRemovePluginWithType Remove the plugin with the given name. name: The name of the plugin type_: The type of the plugin, may be auth, secret, or database

func (*System) PluginsReloadBackends added in v0.3.0 

func (s *System) PluginsReloadBackends(ctx context.Context, request schema.PluginsReloadBackendsRequest, options ...RequestOption) (*Response[schema.PluginsReloadBackendsResponse], error)

PluginsReloadBackends Reload mounted plugin backends. Either the plugin name (`plugin`) or the desired plugin backend mounts (`mounts`) must be provided, but not both. In the case that the plugin name is provided, all mounted paths that use that plugin backend will be reloaded. If (`scope`) is provided and is (`global`), the plugin(s) are reloaded globally.

func (*System) PluginsRuntimesCatalogListPluginsRuntimes added in v0.4.0 

func (s *System) PluginsRuntimesCatalogListPluginsRuntimes(ctx context.Context, options ...RequestOption) (*Response[schema.PluginsRuntimesCatalogListPluginsRuntimesResponse], error)

PluginsRuntimesCatalogListPluginsRuntimes

func (*System) PluginsRuntimesCatalogReadPluginRuntimeConfiguration added in v0.4.0 

func (s *System) PluginsRuntimesCatalogReadPluginRuntimeConfiguration(ctx context.Context, name string, type_ string, options ...RequestOption) (*Response[schema.PluginsRuntimesCatalogReadPluginRuntimeConfigurationResponse], error)

PluginsRuntimesCatalogReadPluginRuntimeConfiguration Return the configuration data for the plugin runtime with the given name. name: The name of the plugin runtime type_: The type of the plugin runtime

func (*System) PluginsRuntimesCatalogRegisterPluginRuntime added in v0.4.0 

func (s *System) PluginsRuntimesCatalogRegisterPluginRuntime(ctx context.Context, name string, type_ string, request schema.PluginsRuntimesCatalogRegisterPluginRuntimeRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

PluginsRuntimesCatalogRegisterPluginRuntime Register a new plugin runtime, or updates an existing one with the supplied name. name: The name of the plugin runtime type_: The type of the plugin runtime

func (*System) PluginsRuntimesCatalogRemovePluginRuntime added in v0.4.0 

func (s *System) PluginsRuntimesCatalogRemovePluginRuntime(ctx context.Context, name string, type_ string, options ...RequestOption) (*Response[map[string]interface{}], error)

PluginsRuntimesCatalogRemovePluginRuntime Remove the plugin runtime with the given name. name: The name of the plugin runtime type_: The type of the plugin runtime

func (*System) PoliciesDeleteAclPolicy added in v0.3.0 

func (s *System) PoliciesDeleteAclPolicy(ctx context.Context, name string, options ...RequestOption) (*Response[map[string]interface{}], error)

PoliciesDeleteAclPolicy Delete the ACL policy with the given name. name: The name of the policy. Example: \"ops\"

func (*System) PoliciesDeletePasswordPolicy added in v0.3.0 

func (s *System) PoliciesDeletePasswordPolicy(ctx context.Context, name string, options ...RequestOption) (*Response[map[string]interface{}], error)

PoliciesDeletePasswordPolicy Delete a password policy. name: The name of the password policy.

func (*System) PoliciesGeneratePasswordFromPasswordPolicy added in v0.3.0 

func (s *System) PoliciesGeneratePasswordFromPasswordPolicy(ctx context.Context, name string, options ...RequestOption) (*Response[schema.PoliciesGeneratePasswordFromPasswordPolicyResponse], error)

PoliciesGeneratePasswordFromPasswordPolicy Generate a password from an existing password policy. name: The name of the password policy.

func (*System) PoliciesListAclPolicies added in v0.3.0 

func (s *System) PoliciesListAclPolicies(ctx context.Context, options ...RequestOption) (*Response[schema.PoliciesListAclPoliciesResponse], error)

PoliciesListAclPolicies

func (*System) PoliciesListPasswordPolicies added in v0.3.0 

func (s *System) PoliciesListPasswordPolicies(ctx context.Context, options ...RequestOption) (*Response[schema.StandardListResponse], error)

PoliciesListPasswordPolicies List the existing password policies.

func (*System) PoliciesReadAclPolicy added in v0.3.0 

func (s *System) PoliciesReadAclPolicy(ctx context.Context, name string, options ...RequestOption) (*Response[schema.PoliciesReadAclPolicyResponse], error)

PoliciesReadAclPolicy Retrieve information about the named ACL policy. name: The name of the policy. Example: \"ops\"

func (*System) PoliciesReadPasswordPolicy added in v0.3.0 

func (s *System) PoliciesReadPasswordPolicy(ctx context.Context, name string, options ...RequestOption) (*Response[schema.PoliciesReadPasswordPolicyResponse], error)

PoliciesReadPasswordPolicy Retrieve an existing password policy. name: The name of the password policy.

func (*System) PoliciesWriteAclPolicy added in v0.3.0 

func (s *System) PoliciesWriteAclPolicy(ctx context.Context, name string, request schema.PoliciesWriteAclPolicyRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

PoliciesWriteAclPolicy Add a new or update an existing ACL policy. name: The name of the policy. Example: \"ops\"

func (*System) PoliciesWritePasswordPolicy added in v0.3.0 

func (s *System) PoliciesWritePasswordPolicy(ctx context.Context, name string, request schema.PoliciesWritePasswordPolicyRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

PoliciesWritePasswordPolicy Add a new or update an existing password policy. name: The name of the password policy.

func (*System) PprofBlocking added in v0.3.0 

func (s *System) PprofBlocking(ctx context.Context, options ...RequestOption) (*Response[map[string]interface{}], error)

PprofBlocking Returns stack traces that led to blocking on synchronization primitives Returns stack traces that led to blocking on synchronization primitives

func (*System) PprofCommandLine added in v0.3.0 

func (s *System) PprofCommandLine(ctx context.Context, options ...RequestOption) (*Response[map[string]interface{}], error)

PprofCommandLine Returns the running program's command line. Returns the running program's command line, with arguments separated by NUL bytes.

func (*System) PprofCpuProfile added in v0.3.0 

func (s *System) PprofCpuProfile(ctx context.Context, options ...RequestOption) (*Response[map[string]interface{}], error)

PprofCpuProfile Returns a pprof-formatted cpu profile payload. Returns a pprof-formatted cpu profile payload. Profiling lasts for duration specified in seconds GET parameter, or for 30 seconds if not specified.

func (*System) PprofExecutionTrace added in v0.3.0 

func (s *System) PprofExecutionTrace(ctx context.Context, options ...RequestOption) (*Response[map[string]interface{}], error)

PprofExecutionTrace Returns the execution trace in binary form. Returns the execution trace in binary form. Tracing lasts for duration specified in seconds GET parameter, or for 1 second if not specified.

func (*System) PprofGoroutines added in v0.3.0 

func (s *System) PprofGoroutines(ctx context.Context, options ...RequestOption) (*Response[map[string]interface{}], error)

PprofGoroutines Returns stack traces of all current goroutines. Returns stack traces of all current goroutines.

func (*System) PprofIndex added in v0.3.0 

func (s *System) PprofIndex(ctx context.Context, options ...RequestOption) (*Response[map[string]interface{}], error)

PprofIndex Returns an HTML page listing the available profiles. Returns an HTML page listing the available profiles. This should be mainly accessed via browsers or applications that can render pages.

func (*System) PprofMemoryAllocations added in v0.3.0 

func (s *System) PprofMemoryAllocations(ctx context.Context, options ...RequestOption) (*Response[map[string]interface{}], error)

PprofMemoryAllocations Returns a sampling of all past memory allocations. Returns a sampling of all past memory allocations.

func (*System) PprofMemoryAllocationsLive added in v0.3.0 

func (s *System) PprofMemoryAllocationsLive(ctx context.Context, options ...RequestOption) (*Response[map[string]interface{}], error)

PprofMemoryAllocationsLive Returns a sampling of memory allocations of live object. Returns a sampling of memory allocations of live object.

func (*System) PprofMutexes added in v0.3.0 

func (s *System) PprofMutexes(ctx context.Context, options ...RequestOption) (*Response[map[string]interface{}], error)

PprofMutexes Returns stack traces of holders of contended mutexes Returns stack traces of holders of contended mutexes

func (*System) PprofSymbols added in v0.3.0 

func (s *System) PprofSymbols(ctx context.Context, options ...RequestOption) (*Response[map[string]interface{}], error)

PprofSymbols Returns the program counters listed in the request. Returns the program counters listed in the request.

func (*System) PprofThreadCreations added in v0.3.0 

func (s *System) PprofThreadCreations(ctx context.Context, options ...RequestOption) (*Response[map[string]interface{}], error)

PprofThreadCreations Returns stack traces that led to the creation of new OS threads Returns stack traces that led to the creation of new OS threads

func (*System) QueryTokenAccessorCapabilities added in v0.3.0 

func (s *System) QueryTokenAccessorCapabilities(ctx context.Context, request schema.QueryTokenAccessorCapabilitiesRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

QueryTokenAccessorCapabilities

func (*System) QueryTokenCapabilities added in v0.3.0 

func (s *System) QueryTokenCapabilities(ctx context.Context, request schema.QueryTokenCapabilitiesRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

QueryTokenCapabilities

func (*System) QueryTokenSelfCapabilities added in v0.3.0 

func (s *System) QueryTokenSelfCapabilities(ctx context.Context, request schema.QueryTokenSelfCapabilitiesRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

QueryTokenSelfCapabilities

func (*System) RateLimitQuotasConfigure added in v0.3.0 

func (s *System) RateLimitQuotasConfigure(ctx context.Context, request schema.RateLimitQuotasConfigureRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

RateLimitQuotasConfigure

func (*System) RateLimitQuotasDelete added in v0.3.0 

func (s *System) RateLimitQuotasDelete(ctx context.Context, name string, options ...RequestOption) (*Response[map[string]interface{}], error)

RateLimitQuotasDelete name: Name of the quota rule.

func (*System) RateLimitQuotasList added in v0.3.0 

func (s *System) RateLimitQuotasList(ctx context.Context, options ...RequestOption) (*Response[schema.StandardListResponse], error)

RateLimitQuotasList

func (*System) RateLimitQuotasRead added in v0.3.0 

func (s *System) RateLimitQuotasRead(ctx context.Context, name string, options ...RequestOption) (*Response[schema.RateLimitQuotasReadResponse], error)

RateLimitQuotasRead name: Name of the quota rule.

func (*System) RateLimitQuotasReadConfiguration added in v0.3.0 

func (s *System) RateLimitQuotasReadConfiguration(ctx context.Context, options ...RequestOption) (*Response[schema.RateLimitQuotasReadConfigurationResponse], error)

RateLimitQuotasReadConfiguration

func (*System) RateLimitQuotasWrite added in v0.3.0 

func (s *System) RateLimitQuotasWrite(ctx context.Context, name string, request schema.RateLimitQuotasWriteRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

RateLimitQuotasWrite name: Name of the quota rule.

func (*System) RawDelete added in v0.4.0 

func (s *System) RawDelete(ctx context.Context, path string, options ...RequestOption) (*Response[map[string]interface{}], error)

RawDelete Delete the key with given path.

func (*System) RawList added in v0.4.0 

func (s *System) RawList(ctx context.Context, path string, options ...RequestOption) (*Response[schema.StandardListResponse], error)

RawList Return a list keys for a given path prefix.

func (*System) RawRead added in v0.4.0 

func (s *System) RawRead(ctx context.Context, path string, options ...RequestOption) (*Response[schema.RawReadResponse], error)

RawRead Read the value of the key at the given path.

func (*System) RawWrite added in v0.4.0 

func (s *System) RawWrite(ctx context.Context, path string, request schema.RawWriteRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

RawWrite Update the value of the key at the given path.

func (*System) ReadHealthStatus added in v0.3.0 

func (s *System) ReadHealthStatus(ctx context.Context, options ...RequestOption) (*Response[map[string]interface{}], error)

ReadHealthStatus Returns the health status of Vault.

func (*System) ReadInitializationStatus added in v0.3.0 

func (s *System) ReadInitializationStatus(ctx context.Context, options ...RequestOption) (*Response[map[string]interface{}], error)

ReadInitializationStatus Returns the initialization status of Vault.

func (*System) ReadReplicationStatus 

func (s *System) ReadReplicationStatus(ctx context.Context, options ...RequestOption) (*Response[map[string]interface{}], error)

ReadReplicationStatus

func (*System) ReadSanitizedConfigurationState added in v0.3.0 

func (s *System) ReadSanitizedConfigurationState(ctx context.Context, options ...RequestOption) (*Response[map[string]interface{}], error)

ReadSanitizedConfigurationState Return a sanitized version of the Vault server configuration. The sanitized output strips configuration values in the storage, HA storage, and seals stanzas, which may contain sensitive values such as API tokens. It also removes any token or secret fields in other stanzas, such as the circonus_api_token from telemetry.

func (*System) ReadWrappingProperties added in v0.3.0 

func (s *System) ReadWrappingProperties(ctx context.Context, request schema.ReadWrappingPropertiesRequest, options ...RequestOption) (*Response[schema.ReadWrappingPropertiesResponse], error)

ReadWrappingProperties Look up wrapping properties for the given token.

func (*System) RekeyAttemptCancel added in v0.3.0 

func (s *System) RekeyAttemptCancel(ctx context.Context, options ...RequestOption) (*Response[map[string]interface{}], error)

RekeyAttemptCancel Cancels any in-progress rekey. This clears the rekey settings as well as any progress made. This must be called to change the parameters of the rekey. Note: verification is still a part of a rekey. If rekeying is canceled during the verification flow, the current unseal keys remain valid.

func (*System) RekeyAttemptInitialize added in v0.3.0 

func (s *System) RekeyAttemptInitialize(ctx context.Context, request schema.RekeyAttemptInitializeRequest, options ...RequestOption) (*Response[schema.RekeyAttemptInitializeResponse], error)

RekeyAttemptInitialize Initializes a new rekey attempt. Only a single rekey attempt can take place at a time, and changing the parameters of a rekey requires canceling and starting a new rekey, which will also provide a new nonce.

func (*System) RekeyAttemptReadProgress added in v0.3.0 

func (s *System) RekeyAttemptReadProgress(ctx context.Context, options ...RequestOption) (*Response[schema.RekeyAttemptReadProgressResponse], error)

RekeyAttemptReadProgress Reads the configuration and progress of the current rekey attempt.

func (*System) RekeyAttemptUpdate added in v0.3.0 

func (s *System) RekeyAttemptUpdate(ctx context.Context, request schema.RekeyAttemptUpdateRequest, options ...RequestOption) (*Response[schema.RekeyAttemptUpdateResponse], error)

RekeyAttemptUpdate Enter a single unseal key share to progress the rekey of the Vault.

func (*System) RekeyDeleteBackupKey added in v0.3.0 

func (s *System) RekeyDeleteBackupKey(ctx context.Context, options ...RequestOption) (*Response[map[string]interface{}], error)

RekeyDeleteBackupKey Delete the backup copy of PGP-encrypted unseal keys.

func (*System) RekeyDeleteBackupRecoveryKey added in v0.3.0 

func (s *System) RekeyDeleteBackupRecoveryKey(ctx context.Context, options ...RequestOption) (*Response[map[string]interface{}], error)

RekeyDeleteBackupRecoveryKey

func (*System) RekeyReadBackupKey added in v0.3.0 

func (s *System) RekeyReadBackupKey(ctx context.Context, options ...RequestOption) (*Response[schema.RekeyReadBackupKeyResponse], error)

RekeyReadBackupKey Return the backup copy of PGP-encrypted unseal keys.

func (*System) RekeyReadBackupRecoveryKey added in v0.3.0 

func (s *System) RekeyReadBackupRecoveryKey(ctx context.Context, options ...RequestOption) (*Response[schema.RekeyReadBackupRecoveryKeyResponse], error)

RekeyReadBackupRecoveryKey

func (*System) RekeyVerificationCancel added in v0.3.0 

func (s *System) RekeyVerificationCancel(ctx context.Context, options ...RequestOption) (*Response[schema.RekeyVerificationCancelResponse], error)

RekeyVerificationCancel Cancel any in-progress rekey verification operation. This clears any progress made and resets the nonce. Unlike a `DELETE` against `sys/rekey/init`, this only resets the current verification operation, not the entire rekey atttempt.

func (*System) RekeyVerificationReadProgress added in v0.3.0 

func (s *System) RekeyVerificationReadProgress(ctx context.Context, options ...RequestOption) (*Response[schema.RekeyVerificationReadProgressResponse], error)

RekeyVerificationReadProgress Read the configuration and progress of the current rekey verification attempt.

func (*System) RekeyVerificationUpdate added in v0.3.0 

func (s *System) RekeyVerificationUpdate(ctx context.Context, request schema.RekeyVerificationUpdateRequest, options ...RequestOption) (*Response[schema.RekeyVerificationUpdateResponse], error)

RekeyVerificationUpdate Enter a single new key share to progress the rekey verification operation.

func (*System) ReloadSubsystem added in v0.3.0 

func (s *System) ReloadSubsystem(ctx context.Context, subsystem string, options ...RequestOption) (*Response[map[string]interface{}], error)

ReloadSubsystem Reload the given subsystem

func (*System) Remount 

func (s *System) Remount(ctx context.Context, request schema.RemountRequest, options ...RequestOption) (*Response[schema.RemountResponse], error)

Remount Initiate a mount migration

func (*System) RemountStatus added in v0.3.0 

func (s *System) RemountStatus(ctx context.Context, migrationId string, options ...RequestOption) (*Response[schema.RemountStatusResponse], error)

RemountStatus Check status of a mount migration migrationId: The ID of the migration operation

func (*System) Rewrap added in v0.3.0 

func (s *System) Rewrap(ctx context.Context, request schema.RewrapRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

Rewrap

func (*System) RootTokenGenerationCancel added in v0.3.0 

func (s *System) RootTokenGenerationCancel(ctx context.Context, options ...RequestOption) (*Response[map[string]interface{}], error)

RootTokenGenerationCancel Cancels any in-progress root generation attempt.

func (*System) RootTokenGenerationInitialize added in v0.3.0 

func (s *System) RootTokenGenerationInitialize(ctx context.Context, request schema.RootTokenGenerationInitializeRequest, options ...RequestOption) (*Response[schema.RootTokenGenerationInitializeResponse], error)

RootTokenGenerationInitialize Initializes a new root generation attempt. Only a single root generation attempt can take place at a time. One (and only one) of otp or pgp_key are required.

func (*System) RootTokenGenerationReadProgress added in v0.3.0 

func (s *System) RootTokenGenerationReadProgress(ctx context.Context, options ...RequestOption) (*Response[schema.RootTokenGenerationReadProgressResponse], error)

RootTokenGenerationReadProgress Read the configuration and progress of the current root generation attempt.

func (*System) RootTokenGenerationUpdate added in v0.3.0 

func (s *System) RootTokenGenerationUpdate(ctx context.Context, request schema.RootTokenGenerationUpdateRequest, options ...RequestOption) (*Response[schema.RootTokenGenerationUpdateResponse], error)

RootTokenGenerationUpdate Enter a single unseal key share to progress the root generation attempt. If the threshold number of unseal key shares is reached, Vault will complete the root generation and issue the new token. Otherwise, this API must be called multiple times until that threshold is met. The attempt nonce must be provided with each call.

func (*System) Seal 

func (s *System) Seal(ctx context.Context, options ...RequestOption) (*Response[map[string]interface{}], error)

Seal Seal the Vault.

func (*System) SealStatus added in v0.3.0 

func (s *System) SealStatus(ctx context.Context, options ...RequestOption) (*Response[schema.SealStatusResponse], error)

SealStatus Check the seal status of a Vault.

func (*System) StepDownLeader 

func (s *System) StepDownLeader(ctx context.Context, options ...RequestOption) (*Response[map[string]interface{}], error)

StepDownLeader Cause the node to give up active status. This endpoint forces the node to give up active status. If the node does not have active status, this endpoint does nothing. Note that the node will sleep for ten seconds before attempting to grab the active lock again, but if no standby nodes grab the active lock in the interim, the same node may become the active node again.

func (*System) UiHeadersConfigure added in v0.3.0 

func (s *System) UiHeadersConfigure(ctx context.Context, header string, request schema.UiHeadersConfigureRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

UiHeadersConfigure Configure the values to be returned for the UI header. header: The name of the header.

func (*System) UiHeadersDeleteConfiguration added in v0.3.0 

func (s *System) UiHeadersDeleteConfiguration(ctx context.Context, header string, options ...RequestOption) (*Response[map[string]interface{}], error)

UiHeadersDeleteConfiguration Remove a UI header. header: The name of the header.

func (*System) UiHeadersList added in v0.3.0 

func (s *System) UiHeadersList(ctx context.Context, options ...RequestOption) (*Response[schema.UiHeadersListResponse], error)

UiHeadersList Return a list of configured UI headers.

func (*System) UiHeadersReadConfiguration added in v0.3.0 

func (s *System) UiHeadersReadConfiguration(ctx context.Context, header string, options ...RequestOption) (*Response[schema.UiHeadersReadConfigurationResponse], error)

UiHeadersReadConfiguration Return the given UI header's configuration header: The name of the header.

func (*System) Unseal 

func (s *System) Unseal(ctx context.Context, request schema.UnsealRequest, options ...RequestOption) (*Response[schema.UnsealResponse], error)

Unseal Unseal the Vault.

func (*System) Unwrap added in v0.3.0 

func (s *System) Unwrap(ctx context.Context, request schema.UnwrapRequest, options ...RequestOption) (*Response[map[string]interface{}], error)

Unwrap

func (*System) VersionHistory added in v0.3.0 

func (s *System) VersionHistory(ctx context.Context, options ...RequestOption) (*Response[schema.VersionHistoryResponse], error)

VersionHistory Returns map of historical version change entries

func (*System) Wrap added in v0.3.0 

func (s *System) Wrap(ctx context.Context, request map[string]interface{}, options ...RequestOption) (*Response[map[string]interface{}], error)

Wrap

type TLSConfiguration 

type TLSConfiguration struct {
	// ServerCertificate is a PEM-encoded CA certificate, which  the client
	// will use to verify the Vault server TLS certificate. It can be sourced
	// from a file, from a directory or from raw bytes.
	ServerCertificate ServerCertificateEntry

	// ClientCertificate is a PEM-encoded client certificate (signed by a CA or
	// self-signed), which is used to authenticate with Vault via the cert auth
	// method (see https://developer.hashicorp.com/vault/docs/auth/cert)
	ClientCertificate ClientCertificateEntry

	// ClientCertificateKey is a private key, which is used together with
	// ClientCertificate to authenticate with Vault via the cert auth method
	// (see https://developer.hashicorp.com/vault/docs/auth/cert)
	// Default: ""
	ClientCertificateKey ClientCertificateKeyEntry

	// ServerName is used to verify the hostname on the returned certificates
	// unless InsecureSkipVerify is given.
	// Default: ""
	ServerName string `env:"VAULT_TLS_SERVER_NAME"`

	// InsecureSkipVerify controls whether the client verifies the server's
	// certificate chain and hostname.
	// Default: false
	InsecureSkipVerify bool `env:"VAULT_SKIP_VERIFY"`
}

TLSConfiguration is a collection of TLS settings used to configure the internal http.Client.

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.