vaulted

package
v2.2.0+incompatible Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 28, 2017 License: MIT Imports: 28 Imported by: 5

Documentation

Index

Constants

View Source 
const (
	DefaultSessionName = "VaultedSession"
)

Variables

View Source 
var (
	ErrInvalidCommand = errors.New("Invalid command")
	ErrNoTokenEntered = errors.New("Could not get MFA code")
)
View Source 
var (
	ErrInvalidPassword         = errors.New("Invalid password")
	ErrInvalidKeyConfig        = errors.New("Invalid key configuration")
	ErrInvalidEncryptionConfig = errors.New("Invalid encryption configuration")
)
View Source 
var STSDurationDefault = time.Hour

Functions

func ListVaults 

func ListVaults() ([]string, error)

func RemoveVault 

func RemoveVault(name string) error

func SealVault 

func SealVault(name, password string, vault *Vault) error

func VaultExists 

func VaultExists(name string) bool

Types

type AWSCredentials 

type AWSCredentials struct {
	ID     string `json:"id"`
	Secret string `json:"secret"`
	Token  string `json:"token,omitempty"`
}

func AWSCredentialsFromSTSCredentials 

func AWSCredentialsFromSTSCredentials(creds *sts.Credentials) *AWSCredentials

func (*AWSCredentials) AssumeRole 

func (c *AWSCredentials) AssumeRole(arn string, duration time.Duration) (*AWSCredentials, error)

func (*AWSCredentials) GetSessionToken 

func (c *AWSCredentials) GetSessionToken(duration time.Duration) (*AWSCredentials, error)

func (*AWSCredentials) GetSessionTokenWithMFA 

func (c *AWSCredentials) GetSessionTokenWithMFA(serialNumber, token string, duration time.Duration) (*AWSCredentials, error)

type AWSKey 

type AWSKey struct {
	AWSCredentials
	MFA                     string `json:"mfa,omitempty"`
	Role                    string `json:"role,omitempty"`
	ForgoTempCredGeneration bool   `json:"forgoTempCredGeneration"`
}

func (*AWSKey) GetAWSCredentials 

func (k *AWSKey) GetAWSCredentials(duration time.Duration) (*AWSCredentials, error)

type Details 

type Details map[string]interface{}

func (Details) Bytes 

func (d Details) Bytes(name string) []byte

func (Details) Clone 

func (d Details) Clone() Details

func (Details) Int 

func (d Details) Int(name string) int

func (Details) SetBytes 

func (d Details) SetBytes(name string, value []byte)

func (Details) SetInt 

func (d Details) SetInt(name string, value int)

func (Details) SetString 

func (d Details) SetString(name string, value string)

func (Details) String 

func (d Details) String(name string) string

type ProxyKeyring 

type ProxyKeyring struct {
	// contains filtered or unexported fields
}

func NewProxyKeyring 

func NewProxyKeyring(upstreamAuthSock string) (*ProxyKeyring, error)

func (*ProxyKeyring) Add 

func (pk *ProxyKeyring) Add(key agent.AddedKey) error

func (*ProxyKeyring) Close 

func (pk *ProxyKeyring) Close() error

func (*ProxyKeyring) List 

func (pk *ProxyKeyring) List() ([]*agent.Key, error)

func (*ProxyKeyring) Listen 

func (pk *ProxyKeyring) Listen() (string, error)

func (*ProxyKeyring) Lock 

func (pk *ProxyKeyring) Lock(passphrase []byte) error

func (*ProxyKeyring) Remove 

func (pk *ProxyKeyring) Remove(key ssh.PublicKey) error

func (*ProxyKeyring) RemoveAll 

func (pk *ProxyKeyring) RemoveAll() error

func (*ProxyKeyring) Serve 

func (pk *ProxyKeyring) Serve() error

func (*ProxyKeyring) Sign 

func (pk *ProxyKeyring) Sign(key ssh.PublicKey, data []byte) (*ssh.Signature, error)

func (*ProxyKeyring) Signers 

func (pk *ProxyKeyring) Signers() ([]ssh.Signer, error)

func (*ProxyKeyring) Unlock 

func (pk *ProxyKeyring) Unlock(passphrase []byte) error

type Session 

type Session struct {
	Name       string            `json:"name"`
	Role       string            `json:"role,omitempty"`
	Expiration time.Time         `json:"expiration"`
	AWSCreds   *AWSCredentials   `json:"aws_creds,omitempty"`
	Vars       map[string]string `json:"vars,omitempty"`
	SSHKeys    map[string]string `json:"ssh_keys,omitempty"`
}

func GetSession 

func GetSession(name, password string) (*Session, error)

func (*Session) Assume 

func (e *Session) Assume(arn string) (*Session, error)

func (*Session) Spawn 

func (e *Session) Spawn(cmd []string) (*int, error)

func (*Session) Variables 

func (e *Session) Variables() *Variables

type SessionFile 

type SessionFile struct {
	Method     string  `json:"method"`
	Details    Details `json:"details,omitempty"`
	Ciphertext []byte  `json:"ciphertext"`
}

type Variables 

type Variables struct {
	Set   map[string]string
	Unset []string
}

type Vault 

type Vault struct {
	Duration time.Duration     `json:"duration,omitempty"`
	AWSKey   *AWSKey           `json:"aws_key,omitempty"`
	Vars     map[string]string `json:"vars,omitempty"`
	SSHKeys  map[string]string `json:"ssh_keys,omitempty"`
}

func OpenVault 

func OpenVault(name, password string) (*Vault, error)

func (*Vault) CreateSession 

func (v *Vault) CreateSession(name string) (*Session, error)

type VaultFile 

type VaultFile struct {
	Key *VaultKey `json:"key"`

	Method     string  `json:"method"`
	Details    Details `json:"details,omitempty"`
	Ciphertext []byte  `json:"ciphertext"`
}

type VaultKey 

type VaultKey struct {
	Method  string  `json:"method"`
	Details Details `json:"details"`
}

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.