Documentation ¶
Overview ¶
Package cubbyhole provides an API client for the Vault Cubbyhole secrets engine.
To use the default Cubbyhole secrets engine mounted at "/cubbyhole", use the DefaultClient:
// List the Cubbyhole secret keys at the path "/cubbyhole/some/nested/path". cubbyhole.DefaultClient.ReadSecret("some/nested/path") cubbyhole.ListSecrets("some/nested/path") // shorthand of the above line
To use a Cubbyhole secrets engine mounted at a custom path, create a new Client:
// Create a secret at the Cubbyhole path "/my-cubbyhole/some/path". c := cubbyhole.NewClient("/my-cubbyhole", nil) c.WriteSecret("some/path", map[string]interface{}{"foo": "bar"})
See https://www.vaultproject.io/api-docs/secret/cubbyhole for more information on the available endpoints.
Index ¶
Constants ¶
This section is empty.
Variables ¶
var ( // ErrEmptyPath is returned when the secret path is an empty string. ErrEmptyPath = errors.New("cubbyhole: path is empty") // ErrNoSecretData is returned when no data is stored at the secret path. ErrNoSecretData = errors.New("cubbyhole: no secret data") )
var DefaultClient = NewClient(defaultMountPath, nil)
DefaultClient is a Cubbyhole API client mounted at the default path in Vault.
Functions ¶
func DeleteSecret ¶
DeleteSecret deletes the secret at the specified path using the DefaultClient.
See https://www.vaultproject.io/api-docs/secret/cubbyhole#delete-secret.
func ListSecrets ¶
ListSecrets lists the secret keys at the specified path using the DefaultClient.
See https://www.vaultproject.io/api-docs/secret/cubbyhole#list-secrets.
func ReadSecret ¶
ReadSecret reads the secret at the specified path using the DefaultClient.
See https://www.vaultproject.io/api-docs/secret/cubbyhole#read-secret.
func WriteSecret ¶
WriteSecret creates or updates the secret at the specified path using the DefaultClient.
See https://www.vaultproject.io/api-docs/secret/cubbyhole#create-update-secret.
Types ¶
type Client ¶
type Client struct {
// contains filtered or unexported fields
}
Client is an API client for the Vault Cubbyhole secrets engine.
See https://www.vaultproject.io/api-docs/secret/cubbyhole#cubbyhole-secrets-engine-api.
func NewClient ¶
func NewClient(path string, client vault.LogicalClient) *Client
NewClient creates a new Cubbyhole API client for the secrets engine mounted at the given path in Vault.
func (*Client) DeleteSecret ¶
DeleteSecret deletes the secret at the specified path.
See https://www.vaultproject.io/api-docs/secret/cubbyhole#delete-secret.
func (*Client) ListSecrets ¶
ListSecrets lists the secret keys at the specified path.
See https://www.vaultproject.io/api-docs/secret/cubbyhole#list-secrets.
func (*Client) ReadSecret ¶
ReadSecret reads the secret at the specified path.
See https://www.vaultproject.io/api-docs/secret/cubbyhole#read-secret.
func (*Client) WriteSecret ¶
WriteSecret creates or updates the secret at the specified path.
See https://www.vaultproject.io/api-docs/secret/cubbyhole#create-update-secret.