vault: github.com/hashicorp/vault/physical/dynamodb Index | Files

package dynamodb

import "github.com/hashicorp/vault/physical/dynamodb"

Index

Package Files

dynamodb.go

Constants

const (
    // DefaultDynamoDBRegion is used when no region is configured
    // explicitly.
    DefaultDynamoDBRegion = "us-east-1"
    // DefaultDynamoDBTableName is used when no table name
    // is configured explicitly.
    DefaultDynamoDBTableName = "vault-dynamodb-backend"

    // DefaultDynamoDBReadCapacity is the default read capacity
    // that is used when none is configured explicitly.
    DefaultDynamoDBReadCapacity = 5
    // DefaultDynamoDBWriteCapacity is the default write capacity
    // that is used when none is configured explicitly.
    DefaultDynamoDBWriteCapacity = 5

    // DynamoDBEmptyPath is the string that is used instead of
    // empty strings when stored in DynamoDB.
    DynamoDBEmptyPath = " "
    // DynamoDBLockPrefix is the prefix used to mark DynamoDB records
    // as locks. This prefix causes them not to be returned by
    // List operations.
    DynamoDBLockPrefix = "_"

    // The lock TTL matches the default that Consul API uses, 15 seconds.
    DynamoDBLockTTL = 15 * time.Second

    // The amount of time to wait between the lock renewals
    DynamoDBLockRenewInterval = 5 * time.Second

    // DynamoDBLockRetryInterval is the amount of time to wait
    // if a lock fails before trying again.
    DynamoDBLockRetryInterval = time.Second
    // DynamoDBWatchRetryMax is the number of times to re-try a
    // failed watch before signaling that leadership is lost.
    DynamoDBWatchRetryMax = 5
    // DynamoDBWatchRetryInterval is the amount of time to wait
    // if a watch fails before trying again.
    DynamoDBWatchRetryInterval = 5 * time.Second
)

func NewDynamoDBBackend Uses

func NewDynamoDBBackend(conf map[string]string, logger log.Logger) (physical.Backend, error)

NewDynamoDBBackend constructs a DynamoDB backend. If the configured DynamoDB table does not exist, it creates it.

type DynamoDBBackend Uses

type DynamoDBBackend struct {
    // contains filtered or unexported fields
}

DynamoDBBackend is a physical backend that stores data in a DynamoDB table. It can be run in high-availability mode as DynamoDB has locking capabilities.

func (*DynamoDBBackend) Delete Uses

func (d *DynamoDBBackend) Delete(ctx context.Context, key string) error

Delete is used to permanently delete an entry

func (*DynamoDBBackend) Get Uses

func (d *DynamoDBBackend) Get(ctx context.Context, key string) (*physical.Entry, error)

Get is used to fetch an entry

func (*DynamoDBBackend) HAEnabled Uses

func (d *DynamoDBBackend) HAEnabled() bool

func (*DynamoDBBackend) List Uses

func (d *DynamoDBBackend) List(ctx context.Context, prefix string) ([]string, error)

List is used to list all the keys under a given prefix, up to the next prefix.

func (*DynamoDBBackend) LockWith Uses

func (d *DynamoDBBackend) LockWith(key, value string) (physical.Lock, error)

LockWith is used for mutual exclusion based on the given key.

func (*DynamoDBBackend) Put Uses

func (d *DynamoDBBackend) Put(ctx context.Context, entry *physical.Entry) error

Put is used to insert or update an entry

type DynamoDBLock Uses

type DynamoDBLock struct {
    // contains filtered or unexported fields
}

DynamoDBLock implements a lock using an DynamoDB client.

func (*DynamoDBLock) Lock Uses

func (l *DynamoDBLock) Lock(stopCh <-chan struct{}) (doneCh <-chan struct{}, retErr error)

Lock tries to acquire the lock by repeatedly trying to create a record in the DynamoDB table. It will block until either the stop channel is closed or the lock could be acquired successfully. The returned channel will be closed once the lock is deleted or changed in the DynamoDB table.

func (*DynamoDBLock) Unlock Uses

func (l *DynamoDBLock) Unlock() error

Unlock releases the lock by deleting the lock record from the DynamoDB table.

func (*DynamoDBLock) Value Uses

func (l *DynamoDBLock) Value() (bool, string, error)

Value checks whether or not the lock is held by any instance of DynamoDBLock, including this one, and returns the current value.

type DynamoDBLockRecord Uses

type DynamoDBLockRecord struct {
    Path     string
    Key      string
    Value    []byte
    Identity []byte
    Expires  int64
}

type DynamoDBRecord Uses

type DynamoDBRecord struct {
    Path  string
    Key   string
    Value []byte
}

DynamoDBRecord is the representation of a vault entry in DynamoDB. The vault key is split up into two components (Path and Key) in order to allow more efficient listings.

Package dynamodb imports 24 packages (graph) and is imported by 4 packages. Updated 2019-10-16. Refresh now. Tools for package owners.