Documentation ¶
Index ¶
- type SecretKey
- type VaultLogical
- type VaultTransit
- func (v VaultTransit) Create(key SecretKey, keyType string) (*api.Secret, error)
- func (v VaultTransit) Decrypt(key SecretKey, ciphertext string) (string, error)
- func (v VaultTransit) Delete(key SecretKey) error
- func (v VaultTransit) Encrypt(key SecretKey, plaintext string) (string, error)
- func (v VaultTransit) GenerateDataKey(key SecretKey) (string, error)
- func (v VaultTransit) Read(key SecretKey) (*api.Secret, error)
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type SecretKey ¶
type SecretKey struct { // Name is a secret name, used to build a url (example, /transit/keys/:name). Name string // Namespace is a vault namespace, optional. Namespace string }
SecretKey contains parameters used to identify the vault secret.
type VaultLogical ¶
type VaultLogical interface { Read(path string) (*api.Secret, error) Write(path string, data map[string]interface{}) (*api.Secret, error) Delete(path string) (*api.Secret, error) }
VaultLogical represents methods from the vault.Logical client used by VaultTransit.
type VaultTransit ¶
type VaultTransit struct {
// contains filtered or unexported fields
}
VaultTransit partially implements vault transit API.
func New ¶
func New(client VaultLogical) (*VaultTransit, error)
New returns a new instance of the VaultTransit.
func (VaultTransit) Create ¶
Create creates a new named encryption key of the specified type. https://www.vaultproject.io/api/secret/transit#create-key
func (VaultTransit) Decrypt ¶
func (v VaultTransit) Decrypt(key SecretKey, ciphertext string) (string, error)
Decrypt decrypts the provided cipher text using the named key. The output is a base64-encoded plain text. https://www.vaultproject.io/api/secret/transit#decrypt-data
func (VaultTransit) Delete ¶
func (v VaultTransit) Delete(key SecretKey) error
Delete deletes a named encryption key. https://www.vaultproject.io/api/secret/transit#delete-key
func (VaultTransit) Encrypt ¶
func (v VaultTransit) Encrypt(key SecretKey, plaintext string) (string, error)
Encrypt encrypts the provided plain text using the named key. All plaintext data must be base64-encoded. It supports the create (create an encryption key if it's not exist) and update policy capabilities. https://www.vaultproject.io/api/secret/transit#encrypt-data
func (VaultTransit) GenerateDataKey ¶
func (v VaultTransit) GenerateDataKey(key SecretKey) (string, error)
GenerateDataKey generates a new high-entropy key and the value encrypted with the named key. Returns a cipher text. It create an encryption key if it's not exist. https://www.vaultproject.io/api/secret/transit#generate-data-key
func (VaultTransit) Read ¶
func (v VaultTransit) Read(key SecretKey) (*api.Secret, error)
Read returns information about a named encryption key. https://www.vaultproject.io/api/secret/transit#read-key