import "github.com/hashicorp/vault/vendor/github.com/hashicorp/vault-plugin-secrets-azure"
backend.go client.go passwords.go path_config.go path_roles.go path_service_principal.go provider.go wal.go
const (
SecretTypeSP = "service_principal"
SecretTypeStaticSP = "static_service_principal"
)type ADGroupsClient interface {
AddGroupMember(ctx context.Context, groupObjectID string, parameters graphrbac.GroupAddMemberParameters) (result autorest.Response, err error)
RemoveGroupMember(ctx context.Context, groupObjectID, memberObjectID string) (result autorest.Response, err error)
GetGroup(ctx context.Context, objectID string) (result graphrbac.ADGroup, err error)
ListGroups(ctx context.Context, filter string) (result []graphrbac.ADGroup, err error)
}type ApplicationsClient interface {
CreateApplication(ctx context.Context, parameters graphrbac.ApplicationCreateParameters) (graphrbac.Application, error)
DeleteApplication(ctx context.Context, applicationObjectID string) (autorest.Response, error)
GetApplication(ctx context.Context, applicationObjectID string) (graphrbac.Application, error)
UpdateApplicationPasswordCredentials(
ctx context.Context,
applicationObjectID string,
parameters graphrbac.PasswordCredentialsUpdateParameters) (result autorest.Response, err error)
ListApplicationPasswordCredentials(ctx context.Context, applicationObjectID string) (result graphrbac.PasswordCredentialListResult, err error)
}type AzureGroup struct {
GroupName string `json:"group_name"` // e.g. MyGroup
ObjectID string `json:"object_id"` // e.g. 90820a30-352d-400f-89e5-2ca74ac14333
}AzureGroup is an Azure Active Directory Group (https://docs.microsoft.com/en-us/azure/role-based-access-control/overview). GroupName and ObjectID are both traits of the group. ObjectID is the unique identifier, but GroupName is more useful to a human (though it is not unique).
type AzureProvider interface {
ApplicationsClient
ServicePrincipalsClient
ADGroupsClient
RoleAssignmentsClient
RoleDefinitionsClient
}AzureProvider is an interface to access underlying Azure client objects and supporting services. Where practical the original function signature is preserved. client provides higher level operations atop AzureProvider.
type AzureRole struct {
RoleName string `json:"role_name"` // e.g. Owner
RoleID string `json:"role_id"` // e.g. /subscriptions/e0a207b2-.../providers/Microsoft.Authorization/roleDefinitions/de139f84-...
Scope string `json:"scope"` // e.g. /subscriptions/e0a207b2-...
}AzureRole is an Azure Role (https://docs.microsoft.com/en-us/azure/role-based-access-control/overview) applied to a scope. RoleName and RoleID are both traits of the role. RoleID is the unique identifier, but RoleName is more useful to a human (thought it is not unique).
type RoleAssignmentsClient interface {
CreateRoleAssignment(
ctx context.Context,
scope string,
roleAssignmentName string,
parameters authorization.RoleAssignmentCreateParameters) (authorization.RoleAssignment, error)
DeleteRoleAssignmentByID(ctx context.Context, roleID string) (authorization.RoleAssignment, error)
}type RoleDefinitionsClient interface {
ListRoles(ctx context.Context, scope string, filter string) ([]authorization.RoleDefinition, error)
GetRoleByID(ctx context.Context, roleID string) (result authorization.RoleDefinition, err error)
}type ServicePrincipalsClient interface {
CreateServicePrincipal(ctx context.Context, parameters graphrbac.ServicePrincipalCreateParameters) (graphrbac.ServicePrincipal, error)
}Package azuresecrets imports 25 packages (graph). Updated 2020-12-12. Refresh now. Tools for package owners.