Documentation
¶
Overview ¶
Package secretcache provides the Cache struct for in-memory caching of secrets stored in AWS Secrets Manager Also exports a CacheHook, for pre-store and post-fetch processing of cached values
Index ¶
- Constants
- type Cache
- func (c *Cache) GetSecretBinary(secretId string) ([]byte, error)
- func (c *Cache) GetSecretBinaryWithContext(ctx context.Context, secretId string) ([]byte, error)
- func (c *Cache) GetSecretBinaryWithStage(secretId string, versionStage string) ([]byte, error)
- func (c *Cache) GetSecretBinaryWithStageWithContext(ctx context.Context, secretId string, versionStage string) ([]byte, error)
- func (c *Cache) GetSecretString(secretId string) (string, error)
- func (c *Cache) GetSecretStringWithContext(ctx context.Context, secretId string) (string, error)
- func (c *Cache) GetSecretStringWithStage(secretId string, versionStage string) (string, error)
- func (c *Cache) GetSecretStringWithStageWithContext(ctx context.Context, secretId string, versionStage string) (string, error)
- type CacheConfig
- type CacheHook
- type InvalidConfigError
- type InvalidOperationError
- type SecretsManagerAPIInterface
- type VersionNotFoundError
Constants ¶
const ( DefaultMaxCacheSize = 1024 DefaultCacheItemTTL = 3600000000000 // 1 hour in nanoseconds DefaultVersionStage = "AWSCURRENT" )
const ( VersionNumber = "1" MajorRevisionNumber = "1" MinorRevisionNumber = "2" BugfixRevisionNumber = "0" )
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Cache ¶
type Cache struct {
CacheConfig
Client SecretsManagerAPIInterface
// contains filtered or unexported fields
}
Cache client for AWS Secrets Manager secrets.
func New ¶
New constructs a secret cache using functional options, uses defaults otherwise. Initialises a SecretsManager Client from a new session.Session. Initialises CacheConfig to default values. Initialises lru cache with a default max size.
func (*Cache) GetSecretBinary ¶
GetSecretBinary gets the secret binary value from the cache for given secret id and a default version stage. Returns the secret binary and an error if operation failed.
func (*Cache) GetSecretBinaryWithContext ¶
func (*Cache) GetSecretBinaryWithStage ¶
GetSecretBinaryWithStage gets the secret binary value from the cache for given secret id and version stage. Returns the secret binary and an error if operation failed.
func (*Cache) GetSecretBinaryWithStageWithContext ¶
func (*Cache) GetSecretString ¶
GetSecretString gets the secret string value from the cache for given secret id and a default version stage. Returns the secret string and an error if operation failed.
func (*Cache) GetSecretStringWithContext ¶
func (*Cache) GetSecretStringWithStage ¶
GetSecretStringWithStage gets the secret string value from the cache for given secret id and version stage. Returns the secret string and an error if operation failed.
type CacheConfig ¶
type CacheConfig struct {
//The maximum number of cached secrets to maintain before evicting secrets that
//have not been accessed recently.
MaxCacheSize int
//The number of nanoseconds that a cached item is considered valid before
// requiring a refresh of the secret state. Items that have exceeded this
// TTL will be refreshed synchronously when requesting the secret value. If
// the synchronous refresh failed, the stale secret will be returned.
CacheItemTTL int64
//The version stage that will be used when requesting the secret values for
//this cache.
VersionStage string
//Used to hook in-memory cache updates.
Hook CacheHook
}
CacheConfig is the config object passed to the Cache struct
type CacheHook ¶
type CacheHook interface {
// Put prepares the object for storing in the cache.
Put(data interface{}) interface{}
// Get derives the object from the cached object.
Get(data interface{}) interface{}
}
CacheHook is an interface to hook into the local in-memory cache. This interface will allow users to perform actions on the items being stored in the in-memory cache. One example would be encrypting/decrypting items stored in the in-memory cache.
type InvalidConfigError ¶
type InvalidConfigError struct {
// contains filtered or unexported fields
}
func (*InvalidConfigError) Error ¶
func (i *InvalidConfigError) Error() string
type InvalidOperationError ¶
type InvalidOperationError struct {
// contains filtered or unexported fields
}
func (*InvalidOperationError) Error ¶
func (i *InvalidOperationError) Error() string
type SecretsManagerAPIInterface ¶
type SecretsManagerAPIInterface interface {
GetSecretValue(ctx context.Context, params *secretsmanager.GetSecretValueInput, optFns ...func(*secretsmanager.Options)) (*secretsmanager.GetSecretValueOutput, error)
CancelRotateSecret(ctx context.Context, params *secretsmanager.CancelRotateSecretInput, optFns ...func(*secretsmanager.Options)) (*secretsmanager.CancelRotateSecretOutput, error)
CreateSecret(ctx context.Context, params *secretsmanager.CreateSecretInput, optFns ...func(*secretsmanager.Options)) (*secretsmanager.CreateSecretOutput, error)
DeleteSecret(ctx context.Context, params *secretsmanager.DeleteSecretInput, optFns ...func(*secretsmanager.Options)) (*secretsmanager.DeleteSecretOutput, error)
DescribeSecret(ctx context.Context, params *secretsmanager.DescribeSecretInput, optFns ...func(*secretsmanager.Options)) (*secretsmanager.DescribeSecretOutput, error)
ListSecrets(ctx context.Context, params *secretsmanager.ListSecretsInput, optFns ...func(*secretsmanager.Options)) (*secretsmanager.ListSecretsOutput, error)
ListSecretVersionIds(ctx context.Context, params *secretsmanager.ListSecretVersionIdsInput, optFns ...func(*secretsmanager.Options)) (*secretsmanager.ListSecretVersionIdsOutput, error)
UpdateSecret(ctx context.Context, params *secretsmanager.UpdateSecretInput, optFns ...func(*secretsmanager.Options)) (*secretsmanager.UpdateSecretOutput, error)
}
type VersionNotFoundError ¶
type VersionNotFoundError struct {
// contains filtered or unexported fields
}
func (*VersionNotFoundError) Error ¶
func (v *VersionNotFoundError) Error() string
Source Files