vault

package

v0.0.0-...-c2300e3 Latest Latest Go to latest Published: Dec 28, 2023 License: Apache-2.0 Imports: 15 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/nhaancs/bhms

Documentation ¶

Overview ¶

Package vault provides support for accessing Hashicorp's vault service to access private keys.

Constants ¶

This section is empty.

Variables ¶

View Source

var (
	ErrAlreadyInitialized = errors.New("already initialized")
	ErrBadRequest         = errors.New("bad request")
	ErrPathInUse          = errors.New("path in use")
)

Error variables for this set of API calls.

Functions ¶

This section is empty.

Types ¶

type Config ¶

type Config struct {
	Address   string
	MountPath string
	Token     string
	Client    *http.Client
}

Config represents the mandatory settings needed to work with Vault.

type SystemInitResponse ¶

type SystemInitResponse struct {
	KeysB64   []string `json:"keys_base64"`
	RootToken string   `json:"root_token"`
}

SystemInitResponse represents the response from a system init call.

type Vault ¶

type Vault struct {
	// contains filtered or unexported fields
}

Vault provides support to access Hashicorp's Vault product for keys.

func New ¶

func New(cfg Config) (*Vault, error)

New constructs a vault for use.

func (*Vault) AddPrivateKey ¶

func (v *Vault) AddPrivateKey(ctx context.Context, kid string, pem []byte) error

AddPrivateKey adds a new private key into vault as PEM encoded.

func (*Vault) CheckToken ¶

func (v *Vault) CheckToken(ctx context.Context, token string) error

CheckToken validates the specified token exists.

func (*Vault) CreatePolicy ¶

func (v *Vault) CreatePolicy(ctx context.Context, name string, path string, capabilities []string) error

CreatePolicy defines a policy inside of Vault.

func (*Vault) CreateToken ¶

func (v *Vault) CreateToken(ctx context.Context, id string, policies []string, displayName string) error

CreateToken creates a new token in Vault.

func (*Vault) Mount ¶

func (v *Vault) Mount(ctx context.Context) error

Mount accepts a mount point and mounts vault to that point.

func (*Vault) PrivateKey ¶

func (v *Vault) PrivateKey(ctx context.Context, kid string) (string, error)

PrivateKey searches the key store for a given kid and returns the private key in pem format.

func (*Vault) PublicKey ¶

func (v *Vault) PublicKey(ctx context.Context, kid string) (string, error)

PublicKey searches the key store for a given kid and returns the public key in pem format.

func (*Vault) SetToken ¶

func (v *Vault) SetToken(token string)

SetToken allows the user to change out the token to use on calls.

func (*Vault) SystemInit ¶

func (v *Vault) SystemInit(ctx context.Context, shares int, threshold int) (SystemInitResponse, error)

SystemInit provides support to initialize a vault system for use.

func (*Vault) Unseal ¶

func (v *Vault) Unseal(ctx context.Context, key string) error

Unseal does what the unseal command does.

Source Files ¶

View all Source files

vault.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL