secret

package

v0.8.3 Latest Latest Go to latest Published: Sep 8, 2021 License: MIT Imports: 12 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/rapid7/cps

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
Variables
func DecryptKMSSecret(ctx context.Context, svc KMSAPI, ciphertext string) (string, error)
func GetSSMSecret(k string, v []byte) (string, error)
func GetSSMSecretWithLabels(ctx context.Context, svc SSMAPI, name string, cred SSM) (string, error)
type KMS
type KMSAPI
- func GetKMSSession(region string) KMSAPI
type SSM
type SSMAPI
- func GetSSMSession(region string) SSMAPI

Constants ¶

View Source

const (
	// KMSIdentifier is the magic string identifying a KMS secret stanza
	KMSIdentifier = "$kms"
)

View Source

const (
	// SSMIdentifier is the magic string identifying an SSM secret stanza
	SSMIdentifier = "$ssm"
)

Variables ¶

View Source

var (
	// ErrKMSMissingRegion is a typed error if a KMS stanza is missing a region
	ErrKMSMissingRegion = errors.New("KMS credential is missing the region key")
)

View Source

var (

	// ErrSSMMissingRegion is a typed error if a SSM stanza is missing a region
	ErrSSMMissingRegion = errors.New("SSM credential is missing the region key")
)

Functions ¶

func DecryptKMSSecret ¶ added in v0.8.3

func DecryptKMSSecret(ctx context.Context, svc KMSAPI, ciphertext string) (string, error)

DecryptKMSSecret decrypts a KMS encrypted secret

func GetSSMSecret ¶

func GetSSMSecret(k string, v []byte) (string, error)

GetSSMSecret parses all properties looking for an $ssm key. When found, it gets the ssm parameter store secret and writes the key and secret to GetSSMSessionthe kv store.

func GetSSMSecretWithLabels ¶ added in v0.8.3

func GetSSMSecretWithLabels(ctx context.Context, svc SSMAPI, name string, cred SSM) (string, error)

GetSSMSecretWithLabels gets a decrypted SSM secret, supporting searching by labels as well

Types ¶

type KMS ¶ added in v0.8.3

type KMS struct {
	KMS struct {
		Region    string `mapstructure:"region"`
		Encrypted string `mapstructure:"encrypted"`
	} `mapstructure:"$kms"`
}

KMS is a plain-old-Go-object for carrying structured KMS stanzas in CPS props

type KMSAPI ¶ added in v0.8.3

type KMSAPI interface {
	kmsiface.KMSAPI
}

KMSAPI is a local wrapper over aws-sdk-go's KMS API

func GetKMSSession ¶ added in v0.8.3

func GetKMSSession(region string) KMSAPI

GetKMSSession gets a regional KMS session

type SSM ¶ added in v0.8.3

type SSM struct {
	SSM struct {
		Service   string `mapstructure:"service"`
		Region    string `mapstructure:"region"`
		Label     string `mapstructure:"label"`
		Encrypted string `mapstructure:"encrypted"`
	} `mapstructure:"$ssm"`
}

SSM is a plain-old-Go-object for carrying structured SSM stanzas in CPS props

type SSMAPI ¶ added in v0.8.3

type SSMAPI interface {
	ssmiface.SSMAPI
}

SSMAPI is a local wrapper over aws-sdk-go's SSM API

func GetSSMSession ¶ added in v0.8.3

func GetSSMSession(region string) SSMAPI

GetSSMSession gets a regional SSM session

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
mocks

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL