luxolus
/
open-vault
2
0
Fork 0
Code Issues 1 Pull Requests Releases Activity

Sync plugin updates

This commit is contained in:
Jeff Mitchell 2018-08-28 02:39:13 -04:00
parent bd34be9144
commit a001021d51
12 changed files with 636 additions and 57 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
vendor/github.com/aliyun/alibaba-cloud-sdk-go/sdk/auth/credentials/providers/chain.go generated vendored Normal file
View File

@ -0,0 +1,34 @@
package providers
import (
"github.com/aliyun/alibaba-cloud-sdk-go/sdk/auth"
)
type Provider interface {
Retrieve() (auth.Credential, error)
}
// NewChainProvider will attempt to use its given providers in the order
// in which they're provided. It will return credentials for the first
// provider that doesn't return an error.
func NewChainProvider(providers []Provider) Provider {
return &ChainProvider{
Providers: providers,
}
}
type ChainProvider struct {
Providers []Provider
}
func (p *ChainProvider) Retrieve() (auth.Credential, error) {
var lastErr error
for _, provider := range p.Providers {
creds, err := provider.Retrieve()
if err == nil {
return creds, nil
}
lastErr = err
}
return nil, lastErr
}

62
vendor/github.com/aliyun/alibaba-cloud-sdk-go/sdk/auth/credentials/providers/configuration.go generated vendored Normal file
View File

@ -0,0 +1,62 @@
package providers
import (
"errors"
"github.com/aliyun/alibaba-cloud-sdk-go/sdk/auth"
"github.com/aliyun/alibaba-cloud-sdk-go/sdk/auth/credentials"
)
var (
ErrNoValidCredentialsFound = errors.New("no valid credentials were found")
)
type Configuration struct {
AccessKeyID string
AccessKeySecret string
AccessKeyStsToken string
RoleArn string
RoleSessionName string
RoleSessionExpiration *int
PrivateKey string
PublicKeyID string
SessionExpiration *int
RoleName string
}
func NewConfigurationCredentialProvider(configuration *Configuration) Provider {
return &ConfigurationProvider{
Configuration: configuration,
}
}
type ConfigurationProvider struct {
Configuration *Configuration
}
// Retrieve walks through all currently supported credential types and attempts to build them
// using the given configuration.
func (p *ConfigurationProvider) Retrieve() (auth.Credential, error) {
if p.Configuration.AccessKeyID != "" && p.Configuration.AccessKeySecret != "" {
if p.Configuration.RoleArn != "" && p.Configuration.RoleSessionName != "" && p.Configuration.RoleSessionExpiration != nil {
return credentials.NewRamRoleArnCredential(p.Configuration.AccessKeyID, p.Configuration.AccessKeySecret, p.Configuration.RoleArn, p.Configuration.RoleSessionName, *p.Configuration.RoleSessionExpiration), nil
}
if p.Configuration.AccessKeyStsToken != "" {
return credentials.NewStsTokenCredential(p.Configuration.AccessKeyID, p.Configuration.AccessKeySecret, p.Configuration.AccessKeyStsToken), nil
}
return credentials.NewAccessKeyCredential(p.Configuration.AccessKeyID, p.Configuration.AccessKeySecret), nil
}
if p.Configuration.RoleName != "" {
return credentials.NewEcsRamRoleCredential(p.Configuration.RoleName), nil
}
if p.Configuration.PrivateKey != "" && p.Configuration.PublicKeyID != "" && p.Configuration.SessionExpiration != nil {
return credentials.NewRsaKeyPairCredential(p.Configuration.PrivateKey, p.Configuration.PublicKeyID, *p.Configuration.SessionExpiration), nil
}
return nil, ErrNoValidCredentialsFound
}

65
vendor/github.com/aliyun/alibaba-cloud-sdk-go/sdk/auth/credentials/providers/env.go generated vendored Normal file
View File

@ -0,0 +1,65 @@
package providers
import (
"fmt"
"os"
"strconv"
"github.com/aliyun/alibaba-cloud-sdk-go/sdk/auth"
)
const (
EnvVarAccessKeyID = "ALICLOUD_ACCESS_KEY"
EnvVarAccessKeySecret = "ALICLOUD_SECRET_KEY"
EnvVarAccessKeyStsToken = "ALICLOUD_ACCESS_KEY_STS_TOKEN"
EnvVarRoleArn = "ALICLOUD_ROLE_ARN"
EnvVarRoleSessionName = "ALICLOUD_ROLE_SESSION_NAME"
EnvVarRoleSessionExpiration = "ALICLOUD_ROLE_SESSION_EXPIRATION"
EnvVarPrivateKey = "ALICLOUD_PRIVATE_KEY"
EnvVarPublicKeyID = "ALICLOUD_PUBLIC_KEY_ID"
EnvVarSessionExpiration = "ALICLOUD_SESSION_EXPIRATION"
EnvVarRoleName = "ALICLOUD_ROLE_NAME"
)
func NewEnvCredentialProvider() Provider {
return &EnvProvider{}
}
type EnvProvider struct{}
func (p *EnvProvider) Retrieve() (auth.Credential, error) {
roleSessionExpiration, err := envVarToInt(EnvVarRoleSessionExpiration)
if err != nil {
return nil, err
}
sessionExpiration, err := envVarToInt(EnvVarSessionExpiration)
if err != nil {
return nil, err
}
c := &Configuration{
AccessKeyID: os.Getenv(EnvVarAccessKeyID),
AccessKeySecret: os.Getenv(EnvVarAccessKeySecret),
AccessKeyStsToken: os.Getenv(EnvVarAccessKeyStsToken),
RoleArn: os.Getenv(EnvVarRoleArn),
RoleSessionName: os.Getenv(EnvVarRoleSessionName),
RoleSessionExpiration: &roleSessionExpiration,
PrivateKey: os.Getenv(EnvVarPrivateKey),
PublicKeyID: os.Getenv(EnvVarPublicKeyID),
SessionExpiration: &sessionExpiration,
RoleName: os.Getenv(EnvVarRoleName),
}
return NewConfigurationCredentialProvider(c).Retrieve()
}
func envVarToInt(envVar string) (int, error) {
asInt := 0
asStr := os.Getenv(envVar)
if asStr != "" {
if i, err := strconv.Atoi(asStr); err != nil {
return 0, fmt.Errorf("error parsing %s: %s", envVar, err)
} else {
asInt = i
}
}
return asInt, nil
}

86
vendor/github.com/aliyun/alibaba-cloud-sdk-go/sdk/auth/credentials/providers/instance_metadata.go generated vendored Normal file
View File

@ -0,0 +1,86 @@
package providers
import (
"encoding/json"
"errors"
"fmt"
"io/ioutil"
"net/http"
"github.com/aliyun/alibaba-cloud-sdk-go/sdk/auth"
"github.com/aliyun/alibaba-cloud-sdk-go/sdk/auth/credentials"
)
var securityCredURL = "http://100.100.100.200/latest/meta-data/ram/security-credentials/"
func NewInstanceMetadataProvider() Provider {
return &InstanceMetadataProvider{}
}
type InstanceMetadataProvider struct {
RoleName string
}
func (p *InstanceMetadataProvider) Retrieve() (auth.Credential, error) {
if p.RoleName == "" {
// Instances can have only one role name that never changes,
// so attempt to populate it.
// If this call is executed in an environment that doesn't support instance metadata,
// it will time out after 30 seconds and return an err.
resp, err := http.Get(securityCredURL)
if err != nil {
return nil, err
}
defer resp.Body.Close()
bodyBytes, _ := ioutil.ReadAll(resp.Body)
if resp.StatusCode != 200 {
return nil, fmt.Errorf("received %d getting role name: %s", resp.StatusCode, bodyBytes)
}
roleName := string(bodyBytes)
if roleName == "" {
return nil, errors.New("unable to retrieve role name, it may be unset")
}
p.RoleName = roleName
}
resp, err := http.Get(securityCredURL + p.RoleName)
if err != nil {
return nil, err
}
defer resp.Body.Close()
if resp.StatusCode != 200 {
return nil, fmt.Errorf("received %d getting security credentials for %s", resp.StatusCode, p.RoleName)
}
body := make(map[string]interface{})
if err := json.NewDecoder(resp.Body).Decode(&body); err != nil {
return nil, err
}
accessKeyID, err := extractString(body, "AccessKeyId")
if err != nil {
return nil, err
}
accessKeySecret, err := extractString(body, "AccessKeySecret")
if err != nil {
return nil, err
}
securityToken, err := extractString(body, "SecurityToken")
if err != nil {
return nil, err
}
return credentials.NewStsTokenCredential(accessKeyID, accessKeySecret, securityToken), nil
}
func extractString(m map[string]interface{}, key string) (string, error) {
raw, ok := m[key]
if !ok {
return "", fmt.Errorf("%s not in %+v", key, m)
}
str, ok := raw.(string)
if !ok {
return "", fmt.Errorf("%s is not a string in %+v", key, m)
}
return str, nil
}

10
vendor/github.com/hashicorp/vault-plugin-auth-alicloud/Gopkg.lock generated vendored
View File

@ -15,12 +15,13 @@
version = "1.1"
[[projects]]
digest = "1:73d72ad4ed3ffc0ae85442ff1ce0884423efa6c666566c13d90d75242a038f85"
digest = "1:cde027e8bb29425770dd8ddc87789e0139f2dc53a80e248c8d6a0698c7e3f0bc"
name = "github.com/aliyun/alibaba-cloud-sdk-go"
packages = [
"sdk",
"sdk/auth",
"sdk/auth/credentials",
"sdk/auth/credentials/providers",
"sdk/auth/signers",
"sdk/endpoints",
"sdk/errors",
@ -30,8 +31,8 @@
"services/sts",
]
pruneopts = "UT"
revision = "0e5371c0881225da7ef9f41ca50402a025eddd93"
version = "1.25.5"
revision = "ef9535c490beb6b59620d93f6c7ba88e9b3b1ad0"
version = "1.26.2"
[[projects]]
branch = "master"
@ -406,7 +407,8 @@
analyzer-version = 1
input-imports = [
"github.com/aliyun/alibaba-cloud-sdk-go/sdk",
"github.com/aliyun/alibaba-cloud-sdk-go/sdk/auth/credentials",
"github.com/aliyun/alibaba-cloud-sdk-go/sdk/auth",
"github.com/aliyun/alibaba-cloud-sdk-go/sdk/auth/credentials/providers",
"github.com/aliyun/alibaba-cloud-sdk-go/sdk/endpoints",
"github.com/aliyun/alibaba-cloud-sdk-go/services/sts",
"github.com/hashicorp/errwrap",

4
vendor/github.com/hashicorp/vault-plugin-auth-alicloud/README.md generated vendored
View File

@ -1,4 +1,4 @@
# Vault Plugin: AliCloud Auth Backend
# Vault Plugin: AliCloud Auth Backend [![Build Status](https://travis-ci.org/hashicorp/vault-plugin-auth-alicloud.svg?branch=master)](https://travis-ci.org/hashicorp/vault-plugin-auth-alicloud)
This is a standalone backend plugin for use with [Hashicorp Vault](https://www.github.com/hashicorp/vault).
This plugin allows authentication to Vault using Resource Access Management (RAM).
@ -124,4 +124,4 @@ You can also specify a `TESTARGS` variable to filter tests like so:
```sh
$ make test TESTARGS='--run=TestConfig'
```
```

18
vendor/github.com/hashicorp/vault-plugin-auth-alicloud/cli.go generated vendored
View File

@ -5,6 +5,7 @@ import (
"fmt"
"strings"
"github.com/aliyun/alibaba-cloud-sdk-go/sdk/auth/credentials/providers"
"github.com/hashicorp/vault-plugin-auth-alicloud/tools"
"github.com/hashicorp/vault/api"
)
@ -18,12 +19,25 @@ func (h *CLIHandler) Auth(c *api.Client, m map[string]string) (*api.Secret, erro
}
role := m["role"]
loginData, err := tools.GenerateLoginData(m["access_key"], m["secret_key"], m["security_token"], m["region"])
credentialChain := []providers.Provider{
providers.NewConfigurationCredentialProvider(&providers.Configuration{
AccessKeyID: m["access_key"],
AccessKeySecret: m["secret_key"],
AccessKeyStsToken: m["security_token"],
}),
providers.NewEnvCredentialProvider(),
providers.NewInstanceMetadataProvider(),
}
creds, err := providers.NewChainProvider(credentialChain).Retrieve()
if err != nil {
return nil, err
}
loginData, err := tools.GenerateLoginData(role, creds, m["region"])
if err != nil {
return nil, err
}
loginData["role"] = role
path := fmt.Sprintf("auth/%s/login", mount)
secret, err := c.Logical().Write(path, loginData)

12
vendor/github.com/hashicorp/vault-plugin-auth-alicloud/tools/tools.go generated vendored
View File

@ -8,14 +8,15 @@ import (
"net/url"
"github.com/aliyun/alibaba-cloud-sdk-go/sdk"
"github.com/aliyun/alibaba-cloud-sdk-go/sdk/auth/credentials"
"github.com/aliyun/alibaba-cloud-sdk-go/sdk/auth"
"github.com/aliyun/alibaba-cloud-sdk-go/services/sts"
)
// Generates the necessary data to send to the Vault server for generating a token
// This is useful for other API clients to use
func GenerateLoginData(accessKeyID, accessKeySecret, securityToken, region string) (map[string]interface{}, error) {
creds := credentials.NewStsTokenCredential(accessKeyID, accessKeySecret, securityToken)
// Generates the necessary data to send to the Vault server for generating a token.
// This is useful for other API clients to use.
// If "" is passed in for accessKeyID, accessKeySecret, and securityToken,
// attempts to use credentials set as env vars or available through instance metadata.
func GenerateLoginData(role string, creds auth.Credential, region string) (map[string]interface{}, error) {
config := sdk.NewConfig()
@ -51,6 +52,7 @@ func GenerateLoginData(accessKeyID, accessKeySecret, securityToken, region strin
}
headers := base64.StdEncoding.EncodeToString(b)
return map[string]interface{}{
"role": role,
"identity_request_url": u,
"identity_request_headers": headers,
}, nil

5
vendor/github.com/hashicorp/vault-plugin-auth-gcp/plugin/path_login.go generated vendored
View File

@ -9,6 +9,7 @@ import (
"time"
"github.com/SermoDigital/jose/jws"
"github.com/hashicorp/errwrap"
"github.com/hashicorp/go-gcp-common/gcputil"
"github.com/hashicorp/vault/helper/policyutil"
"github.com/hashicorp/vault/helper/strutil"
@ -217,7 +218,9 @@ func (b *GcpAuthBackend) getSigningKey(ctx context.Context, token *jwt.JSONWebTo
// Attempt to get a normal Google Oauth cert in case of GCE inferrence.
key, err := b.getGoogleOauthCert(ctx, keyId, s)
if err != nil {
return nil, errors.New("could not find service account key or Google Oauth cert with given 'kid' id")
return nil, errwrap.Wrapf(
fmt.Sprintf("could not find service account key or Google Oauth cert with given 'kid' id %s: {{err}}", keyId),
err)
}
return key, nil
}

4
vendor/github.com/hashicorp/vault-plugin-auth-jwt/path_login.go generated vendored
View File

@ -114,6 +114,10 @@ func (b *jwtAuthBackend) pathLogin(ctx context.Context, req *logical.Request, d
}
}
if len(claims.Audience) > 0 && len(role.BoundAudiences) == 0 {
return logical.ErrorResponse("audience claim found in JWT but no audiences bound to the role"), nil
}
expected := jwt.Expected{
Issuer: config.BoundIssuer,
Subject: role.BoundSubject,

335
vendor/github.com/hashicorp/vault-plugin-secrets-gcp/plugin/iamutil/iam_resources_generated.go generated vendored
View File

@ -191,12 +191,12 @@ var generatedIamResources = map[string]map[string]map[string]IamRestResource{
GetMethod: RestMethod{
HttpMethod: "POST",
BaseURL: "https://cloudresourcemanager.googleapis.com/",
Path: "v2beta1/{+resource}:getIamPolicy",
Path: "v2/{+resource}:getIamPolicy",
},
SetMethod: RestMethod{
HttpMethod: "POST",
BaseURL: "https://cloudresourcemanager.googleapis.com/",
Path: "v2beta1/{+resource}:setIamPolicy",
Path: "v2/{+resource}:setIamPolicy",
RequestFormat: `{"policy": %s}`,
},
},
@ -289,6 +289,27 @@ var generatedIamResources = map[string]map[string]map[string]IamRestResource{
},
},
},
"iap": {
"v1beta1": IamRestResource{
Name: "iap_web",
TypeKey: "projects",
Service: "iap",
IsPreferredVersion: true,
Parameters: []string{"resource"},
CollectionReplacementKeys: map[string]string{},
GetMethod: RestMethod{
HttpMethod: "POST",
BaseURL: "https://iap.googleapis.com/",
Path: "v1beta1/{+resource}:getIamPolicy",
},
SetMethod: RestMethod{
HttpMethod: "POST",
BaseURL: "https://iap.googleapis.com/",
Path: "v1beta1/{+resource}:setIamPolicy",
RequestFormat: `{"policy": %s}`,
},
},
},
},
"projects/backendBuckets": {
"compute": {
@ -360,7 +381,7 @@ var generatedIamResources = map[string]map[string]map[string]IamRestResource{
HttpMethod: "POST",
BaseURL: "https://www.googleapis.com/deploymentmanager/alpha/projects/",
Path: "{project}/global/deployments/{resource}/setIamPolicy",
RequestFormat: `%s`,
RequestFormat: `{"policy": %s}`,
},
},
"v2": IamRestResource{
@ -382,7 +403,7 @@ var generatedIamResources = map[string]map[string]map[string]IamRestResource{
HttpMethod: "POST",
BaseURL: "https://www.googleapis.com/deploymentmanager/v2/projects/",
Path: "{project}/global/deployments/{resource}/setIamPolicy",
RequestFormat: `%s`,
RequestFormat: `{"policy": %s}`,
},
},
"v2beta": IamRestResource{
@ -404,7 +425,7 @@ var generatedIamResources = map[string]map[string]map[string]IamRestResource{
HttpMethod: "POST",
BaseURL: "https://www.googleapis.com/deploymentmanager/v2beta/projects/",
Path: "{project}/global/deployments/{resource}/setIamPolicy",
RequestFormat: `%s`,
RequestFormat: `{"policy": %s}`,
},
},
},
@ -433,6 +454,76 @@ var generatedIamResources = map[string]map[string]map[string]IamRestResource{
RequestFormat: `{"policy": %s}`,
},
},
"beta": IamRestResource{
Name: "images",
TypeKey: "projects/images",
Service: "compute",
IsPreferredVersion: false,
Parameters: []string{"project", "resource"},
CollectionReplacementKeys: map[string]string{
"images": "resource",
"projects": "project",
},
GetMethod: RestMethod{
HttpMethod: "GET",
BaseURL: "https://www.googleapis.com/compute/beta/projects/",
Path: "{project}/global/images/{resource}/getIamPolicy",
},
SetMethod: RestMethod{
HttpMethod: "POST",
BaseURL: "https://www.googleapis.com/compute/beta/projects/",
Path: "{project}/global/images/{resource}/setIamPolicy",
RequestFormat: `{"policy": %s}`,
},
},
},
},
"projects/instanceTemplates": {
"compute": {
"alpha": IamRestResource{
Name: "instanceTemplates",
TypeKey: "projects/instanceTemplates",
Service: "compute",
IsPreferredVersion: false,
Parameters: []string{"project", "resource"},
CollectionReplacementKeys: map[string]string{
"instanceTemplates": "resource",
"projects": "project",
},
GetMethod: RestMethod{
HttpMethod: "GET",
BaseURL: "https://www.googleapis.com/compute/alpha/projects/",
Path: "{project}/global/instanceTemplates/{resource}/getIamPolicy",
},
SetMethod: RestMethod{
HttpMethod: "POST",
BaseURL: "https://www.googleapis.com/compute/alpha/projects/",
Path: "{project}/global/instanceTemplates/{resource}/setIamPolicy",
RequestFormat: `{"policy": %s}`,
},
},
"beta": IamRestResource{
Name: "instanceTemplates",
TypeKey: "projects/instanceTemplates",
Service: "compute",
IsPreferredVersion: false,
Parameters: []string{"project", "resource"},
CollectionReplacementKeys: map[string]string{
"instanceTemplates": "resource",
"projects": "project",
},
GetMethod: RestMethod{
HttpMethod: "GET",
BaseURL: "https://www.googleapis.com/compute/beta/projects/",
Path: "{project}/global/instanceTemplates/{resource}/getIamPolicy",
},
SetMethod: RestMethod{
HttpMethod: "POST",
BaseURL: "https://www.googleapis.com/compute/beta/projects/",
Path: "{project}/global/instanceTemplates/{resource}/setIamPolicy",
RequestFormat: `{"policy": %s}`,
},
},
},
},
"projects/instances": {
@ -651,6 +742,29 @@ var generatedIamResources = map[string]map[string]map[string]IamRestResource{
},
},
},
"projects/locations/registries/groups": {
"cloudiot": {
"v1": IamRestResource{
Name: "groups",
TypeKey: "projects/locations/registries/groups",
Service: "cloudiot",
IsPreferredVersion: true,
Parameters: []string{"resource"},
CollectionReplacementKeys: map[string]string{},
GetMethod: RestMethod{
HttpMethod: "POST",
BaseURL: "https://cloudiot.googleapis.com/",
Path: "v1/{+resource}:getIamPolicy",
},
SetMethod: RestMethod{
HttpMethod: "POST",
BaseURL: "https://cloudiot.googleapis.com/",
Path: "v1/{+resource}:setIamPolicy",
RequestFormat: `{"policy": %s}`,
},
},
},
},
"projects/locations/workflowTemplates": {
"dataproc": {
"v1beta2": IamRestResource{
@ -772,6 +886,29 @@ var generatedIamResources = map[string]map[string]map[string]IamRestResource{
RequestFormat: `{"policy": %s}`,
},
},
"beta": IamRestResource{
Name: "nodeTemplates",
TypeKey: "projects/regions/nodeTemplates",
Service: "compute",
IsPreferredVersion: false,
Parameters: []string{"project", "region", "resource"},
CollectionReplacementKeys: map[string]string{
"nodeTemplates": "resource",
"projects": "project",
"regions": "region",
},
GetMethod: RestMethod{
HttpMethod: "GET",
BaseURL: "https://www.googleapis.com/compute/beta/projects/",
Path: "{project}/regions/{region}/nodeTemplates/{resource}/getIamPolicy",
},
SetMethod: RestMethod{
HttpMethod: "POST",
BaseURL: "https://www.googleapis.com/compute/beta/projects/",
Path: "{project}/regions/{region}/nodeTemplates/{resource}/setIamPolicy",
RequestFormat: `{"policy": %s}`,
},
},
},
},
"projects/regions/operations": {
@ -797,6 +934,33 @@ var generatedIamResources = map[string]map[string]map[string]IamRestResource{
},
},
},
"projects/regions/resourcePolicies": {
"compute": {
"alpha": IamRestResource{
Name: "resourcePolicies",
TypeKey: "projects/regions/resourcePolicies",
Service: "compute",
IsPreferredVersion: false,
Parameters: []string{"project", "region", "resource"},
CollectionReplacementKeys: map[string]string{
"projects": "project",
"regions": "region",
"resourcePolicies": "resource",
},
GetMethod: RestMethod{
HttpMethod: "GET",
BaseURL: "https://www.googleapis.com/compute/alpha/projects/",
Path: "{project}/regions/{region}/resourcePolicies/{resource}/getIamPolicy",
},
SetMethod: RestMethod{
HttpMethod: "POST",
BaseURL: "https://www.googleapis.com/compute/alpha/projects/",
Path: "{project}/regions/{region}/resourcePolicies/{resource}/setIamPolicy",
RequestFormat: `{"policy": %s}`,
},
},
},
},
"projects/regions/subnetworks": {
"compute": {
"alpha": IamRestResource{
@ -916,6 +1080,52 @@ var generatedIamResources = map[string]map[string]map[string]IamRestResource{
},
},
},
"projects/services": {
"iap": {
"v1beta1": IamRestResource{
Name: "services",
TypeKey: "projects/services",
Service: "iap",
IsPreferredVersion: true,
Parameters: []string{"resource"},
CollectionReplacementKeys: map[string]string{},
GetMethod: RestMethod{
HttpMethod: "POST",
BaseURL: "https://iap.googleapis.com/",
Path: "v1beta1/{+resource}:getIamPolicy",
},
SetMethod: RestMethod{
HttpMethod: "POST",
BaseURL: "https://iap.googleapis.com/",
Path: "v1beta1/{+resource}:setIamPolicy",
RequestFormat: `{"policy": %s}`,
},
},
},
},
"projects/services/versions": {
"iap": {
"v1beta1": IamRestResource{
Name: "versions",
TypeKey: "projects/services/versions",
Service: "iap",
IsPreferredVersion: true,
Parameters: []string{"resource"},
CollectionReplacementKeys: map[string]string{},
GetMethod: RestMethod{
HttpMethod: "POST",
BaseURL: "https://iap.googleapis.com/",
Path: "v1beta1/{+resource}:getIamPolicy",
},
SetMethod: RestMethod{
HttpMethod: "POST",
BaseURL: "https://iap.googleapis.com/",
Path: "v1beta1/{+resource}:setIamPolicy",
RequestFormat: `{"policy": %s}`,
},
},
},
},
"projects/snapshots": {
"compute": {
"alpha": IamRestResource{
@ -940,6 +1150,28 @@ var generatedIamResources = map[string]map[string]map[string]IamRestResource{
RequestFormat: `{"policy": %s}`,
},
},
"beta": IamRestResource{
Name: "snapshots",
TypeKey: "projects/snapshots",
Service: "compute",
IsPreferredVersion: false,
Parameters: []string{"project", "resource"},
CollectionReplacementKeys: map[string]string{
"projects": "project",
"snapshots": "resource",
},
GetMethod: RestMethod{
HttpMethod: "GET",
BaseURL: "https://www.googleapis.com/compute/beta/projects/",
Path: "{project}/global/snapshots/{resource}/getIamPolicy",
},
SetMethod: RestMethod{
HttpMethod: "POST",
BaseURL: "https://www.googleapis.com/compute/beta/projects/",
Path: "{project}/global/snapshots/{resource}/setIamPolicy",
RequestFormat: `{"policy": %s}`,
},
},
},
"pubsub": {
"v1": IamRestResource{
@ -1047,6 +1279,33 @@ var generatedIamResources = map[string]map[string]map[string]IamRestResource{
},
},
},
"projects/zones/allocations": {
"compute": {
"alpha": IamRestResource{
Name: "allocations",
TypeKey: "projects/zones/allocations",
Service: "compute",
IsPreferredVersion: false,
Parameters: []string{"project", "zone", "resource"},
CollectionReplacementKeys: map[string]string{
"allocations": "resource",
"projects": "project",
"zones": "zone",
},
GetMethod: RestMethod{
HttpMethod: "GET",
BaseURL: "https://www.googleapis.com/compute/alpha/projects/",
Path: "{project}/zones/{zone}/allocations/{resource}/getIamPolicy",
},
SetMethod: RestMethod{
HttpMethod: "POST",
BaseURL: "https://www.googleapis.com/compute/alpha/projects/",
Path: "{project}/zones/{zone}/allocations/{resource}/setIamPolicy",
RequestFormat: `{"policy": %s}`,
},
},
},
},
"projects/zones/disks": {
"compute": {
"alpha": IamRestResource{
@ -1072,30 +1331,26 @@ var generatedIamResources = map[string]map[string]map[string]IamRestResource{
RequestFormat: `{"policy": %s}`,
},
},
},
},
"projects/zones/hosts": {
"compute": {
"alpha": IamRestResource{
Name: "hosts",
TypeKey: "projects/zones/hosts",
"beta": IamRestResource{
Name: "disks",
TypeKey: "projects/zones/disks",
Service: "compute",
IsPreferredVersion: false,
Parameters: []string{"project", "zone", "resource"},
CollectionReplacementKeys: map[string]string{
"hosts": "resource",
"disks": "resource",
"projects": "project",
"zones": "zone",
},
GetMethod: RestMethod{
HttpMethod: "GET",
BaseURL: "https://www.googleapis.com/compute/alpha/projects/",
Path: "{project}/zones/{zone}/hosts/{resource}/getIamPolicy",
BaseURL: "https://www.googleapis.com/compute/beta/projects/",
Path: "{project}/zones/{zone}/disks/{resource}/getIamPolicy",
},
SetMethod: RestMethod{
HttpMethod: "POST",
BaseURL: "https://www.googleapis.com/compute/alpha/projects/",
Path: "{project}/zones/{zone}/hosts/{resource}/setIamPolicy",
BaseURL: "https://www.googleapis.com/compute/beta/projects/",
Path: "{project}/zones/{zone}/disks/{resource}/setIamPolicy",
RequestFormat: `{"policy": %s}`,
},
},
@ -1126,6 +1381,29 @@ var generatedIamResources = map[string]map[string]map[string]IamRestResource{
RequestFormat: `{"policy": %s}`,
},
},
"beta": IamRestResource{
Name: "instances",
TypeKey: "projects/zones/instances",
Service: "compute",
IsPreferredVersion: false,
Parameters: []string{"project", "zone", "resource"},
CollectionReplacementKeys: map[string]string{
"instances": "resource",
"projects": "project",
"zones": "zone",
},
GetMethod: RestMethod{
HttpMethod: "GET",
BaseURL: "https://www.googleapis.com/compute/beta/projects/",
Path: "{project}/zones/{zone}/instances/{resource}/getIamPolicy",
},
SetMethod: RestMethod{
HttpMethod: "POST",
BaseURL: "https://www.googleapis.com/compute/beta/projects/",
Path: "{project}/zones/{zone}/instances/{resource}/setIamPolicy",
RequestFormat: `{"policy": %s}`,
},
},
},
},
"projects/zones/nodeGroups": {
@ -1153,6 +1431,29 @@ var generatedIamResources = map[string]map[string]map[string]IamRestResource{
RequestFormat: `{"policy": %s}`,
},
},
"beta": IamRestResource{
Name: "nodeGroups",
TypeKey: "projects/zones/nodeGroups",
Service: "compute",
IsPreferredVersion: false,
Parameters: []string{"project", "zone", "resource"},
CollectionReplacementKeys: map[string]string{
"nodeGroups": "resource",
"projects": "project",
"zones": "zone",
},
GetMethod: RestMethod{
HttpMethod: "GET",
BaseURL: "https://www.googleapis.com/compute/beta/projects/",
Path: "{project}/zones/{zone}/nodeGroups/{resource}/getIamPolicy",
},
SetMethod: RestMethod{
HttpMethod: "POST",
BaseURL: "https://www.googleapis.com/compute/beta/projects/",
Path: "{project}/zones/{zone}/nodeGroups/{resource}/setIamPolicy",
RequestFormat: `{"policy": %s}`,
},
},
},
},
"services": {

58
vendor/vendor.json vendored
View File

@ -276,6 +276,12 @@
"revision": "ef9535c490beb6b59620d93f6c7ba88e9b3b1ad0",
"revisionTime": "2018-08-22T15:14:34Z"
},
{
"checksumSHA1": "Lbc1eCpbtMykOp4hEFoER5XU8Ds=",
"path": "github.com/aliyun/alibaba-cloud-sdk-go/sdk/auth/credentials/providers",
"revision": "e63e5962c8d71461c87a9236319569cda2237d98",
"revisionTime": "2018-08-27T12:30:37Z"
},
{
"checksumSHA1": "/qgQnVuKg8C8p1Wh2KXdTKMBr5c=",
"path": "github.com/aliyun/alibaba-cloud-sdk-go/sdk/endpoints",
@ -1345,16 +1351,16 @@
"revisionTime": "2018-05-30T15:59:58Z"
},
{
"checksumSHA1": "YfqomSqF4w9VSXlE0fIuXHLY1fc=",
"checksumSHA1": "76udfjuAEmd4JFZP8LhTLTKZ6gk=",
"path": "github.com/hashicorp/vault-plugin-auth-alicloud",
"revision": "aec43c9721368e8a28bfac4ad3b450d4c77efce3",
"revisionTime": "2018-08-16T20:09:44Z"
"revision": "90acf238c385792939aade0286fcb941d9899435",
"revisionTime": "2018-08-22T21:26:04Z"
},
{
"checksumSHA1": "KyRLlVNKvvjYWXqDxi478EBUEMY=",
"checksumSHA1": "xdrSQoX7B7Hr4iWm9T2+5wHVpHQ=",
"path": "github.com/hashicorp/vault-plugin-auth-alicloud/tools",
"revision": "aec43c9721368e8a28bfac4ad3b450d4c77efce3",
"revisionTime": "2018-08-16T20:09:44Z"
"revision": "90acf238c385792939aade0286fcb941d9899435",
"revisionTime": "2018-08-22T21:26:04Z"
},
{
"checksumSHA1": "ojr0r/jmutGEhftDXiHthCCwpIA=",
@ -1369,16 +1375,16 @@
"revisionTime": "2018-08-16T20:11:31Z"
},
{
"checksumSHA1": "JUXORFc1mMn3GR1Jbd/yTbThB1w=",
"checksumSHA1": "DezgN3BHtzu7NO6tiTHaWc3YTkg=",
"path": "github.com/hashicorp/vault-plugin-auth-gcp/plugin",
"revision": "1d90f74b1b8af3b05b88ee465ea5624a60cd18d9",
"revisionTime": "2018-08-16T20:13:19Z"
"revision": "a00186a9031fc8db194e9b6002eed76db0ded90c",
"revisionTime": "2018-08-27T19:24:31Z"
},
{
"checksumSHA1": "9xYGzwnImQsjRCHPOHd4/c3rSRU=",
"checksumSHA1": "YFH1mRVe/J2zVQ0myuWRDrv5BxQ=",
"path": "github.com/hashicorp/vault-plugin-auth-jwt",
"revision": "7f5b553d68478cb0e60a99c384cfb1cb113c3e34",
"revisionTime": "2018-08-16T20:14:11Z"
"revision": "fb9c940ad0ebccbd4dcaeed816bc1e6e6a4744f3",
"revisionTime": "2018-08-21T19:10:38Z"
},
{
"checksumSHA1": "hrJZzU9iG2ixRu2hOdPgN7wa48c=",
@ -1389,20 +1395,20 @@
{
"checksumSHA1": "pNERL2s72vwnApekzTLxGsvkyNU=",
"path": "github.com/hashicorp/vault-plugin-secrets-ad/plugin",
"revision": "8c6b5413b569441491d04dcb798a9eb16e28cd22",
"revisionTime": "2018-08-16T20:17:55Z"
"revision": "d8a0991deac4006068826a99b82d8274aa119161",
"revisionTime": "2018-08-20T22:27:10Z"
},
{
"checksumSHA1": "GOxdFElG31lXWgKFG9aqpDcG47M=",
"path": "github.com/hashicorp/vault-plugin-secrets-ad/plugin/client",
"revision": "8c6b5413b569441491d04dcb798a9eb16e28cd22",
"revisionTime": "2018-08-16T20:17:55Z"
"revision": "d8a0991deac4006068826a99b82d8274aa119161",
"revisionTime": "2018-08-20T22:27:10Z"
},
{
"checksumSHA1": "RaH2xTkjaToCk+RoPhap7I66ibo=",
"path": "github.com/hashicorp/vault-plugin-secrets-ad/plugin/util",
"revision": "8c6b5413b569441491d04dcb798a9eb16e28cd22",
"revisionTime": "2018-08-16T20:17:55Z"
"revision": "d8a0991deac4006068826a99b82d8274aa119161",
"revisionTime": "2018-08-20T22:27:10Z"
},
{
"checksumSHA1": "fTT9z8zhrp0abUWgB326BeEWFbI=",
@ -1413,23 +1419,23 @@
{
"checksumSHA1": "zkmWfxanMFQXWQIAboXj/jqF12g=",
"path": "github.com/hashicorp/vault-plugin-secrets-gcp/plugin",
"revision": "68d42fd7e379030c1de3b86840fad7950b926eab",
"revisionTime": "2018-08-16T20:19:41Z"
"revision": "ba74744a1fcfcd9c5f3635571a0734e6a13ce349",
"revisionTime": "2018-08-17T20:56:55Z"
},
{
"checksumSHA1": "Dmpy+AguiGWfVg43Me5HB3+eDsk=",
"checksumSHA1": "zwKMP2eBB2fKeOXMf0afsbw1bS0=",
"path": "github.com/hashicorp/vault-plugin-secrets-gcp/plugin/iamutil",
"revision": "68d42fd7e379030c1de3b86840fad7950b926eab",
"revisionTime": "2018-08-16T20:19:41Z"
"revision": "ba74744a1fcfcd9c5f3635571a0734e6a13ce349",
"revisionTime": "2018-08-17T20:56:55Z"
},
{
"checksumSHA1": "81kYL49zTBoj1NYczxB2Xbr2d6Y=",
"path": "github.com/hashicorp/vault-plugin-secrets-gcp/plugin/util",
"revision": "68d42fd7e379030c1de3b86840fad7950b926eab",
"revisionTime": "2018-08-16T20:19:41Z"
"revision": "ba74744a1fcfcd9c5f3635571a0734e6a13ce349",
"revisionTime": "2018-08-17T20:56:55Z"
},
{
"checksumSHA1": "52hRfCsr1X3d+JAkqPazeVRmJA4=",
"checksumSHA1": "FkppDRdkWTF4Ry+olqZT8L0Stb8=",
"path": "github.com/hashicorp/vault-plugin-secrets-kv",
"revision": "5a464a61f7def5e5688e5c77b60d1a655d11a633",
"revisionTime": "2018-08-25T21:53:24Z"