vault: github.com/hashicorp/vault/plugins/database/mongodb Index | Files | Directories

package mongodb

import "github.com/hashicorp/vault/plugins/database/mongodb"

Index

Package Files

connection_producer.go mongodb.go util.go

func New Uses

func New() (interface{}, error)

New returns a new MongoDB instance

func Run Uses

func Run(apiTLSConfig *api.TLSConfig) error

Run instantiates a MongoDB object, and runs the RPC server for the plugin

type MongoDB Uses

type MongoDB struct {
    credsutil.CredentialsProducer
    // contains filtered or unexported fields
}

MongoDB is an implementation of Database interface

func (MongoDB) Close Uses

func (c MongoDB) Close() error

Close terminates the database connection.

func (MongoDB) Connection Uses

func (c MongoDB) Connection(_ context.Context) (interface{}, error)

Connection creates or returns an existing a database connection. If the session fails on a ping check, the session will be closed and then re-created.

func (*MongoDB) CreateUser Uses

func (m *MongoDB) CreateUser(ctx context.Context, statements dbplugin.Statements, usernameConfig dbplugin.UsernameConfig, expiration time.Time) (username string, password string, err error)

CreateUser generates the username/password on the underlying secret backend as instructed by the CreationStatement provided. The creation statement is a JSON blob that has a db value, and an array of roles that accepts a role, and an optional db value pair. This array will be normalized the format specified in the mongoDB docs: https://docs.mongodb.com/manual/reference/command/createUser/#dbcmd.createUser

JSON Example:

{ "db": "admin", "roles": [{ "role": "readWrite" }, {"role": "read", "db": "foo"}] }

func (MongoDB) Init Uses

func (c MongoDB) Init(ctx context.Context, conf map[string]interface{}, verifyConnection bool) (map[string]interface{}, error)

Initialize parses connection configuration.

func (MongoDB) Initialize Uses

func (c MongoDB) Initialize(ctx context.Context, conf map[string]interface{}, verifyConnection bool) error

func (*MongoDB) RenewUser Uses

func (m *MongoDB) RenewUser(ctx context.Context, statements dbplugin.Statements, username string, expiration time.Time) error

RenewUser is not supported on MongoDB, so this is a no-op.

func (*MongoDB) RevokeUser Uses

func (m *MongoDB) RevokeUser(ctx context.Context, statements dbplugin.Statements, username string) error

RevokeUser drops the specified user from the authentication database. If none is provided in the revocation statement, the default "admin" authentication database will be assumed.

func (*MongoDB) RotateRootCredentials Uses

func (m *MongoDB) RotateRootCredentials(ctx context.Context, statements []string) (map[string]interface{}, error)

RotateRootCredentials is not currently supported on MongoDB

func (*MongoDB) SetCredentials Uses

func (m *MongoDB) SetCredentials(ctx context.Context, statements dbplugin.Statements, staticUser dbplugin.StaticUserConfig) (username, password string, err error)

SetCredentials uses provided information to set/create a user in the database. Unlike CreateUser, this method requires a username be provided and uses the name given, instead of generating a name. This is used for creating and setting the password of static accounts, as well as rolling back passwords in the database in the event an updated database fails to save in Vault's storage.

func (*MongoDB) Type Uses

func (m *MongoDB) Type() (string, error)

Type returns the TypeName for this backend

Directories

PathSynopsis
mongodb-database-plugin

Package mongodb imports 21 packages (graph) and is imported by 3 packages. Updated 2019-07-16. Refresh now. Tools for package owners.