Remove structs package from auth/aws
This commit is contained in:
parent
6cd6a7b773
commit
c695023bab
|
@ -4,7 +4,6 @@ import (
|
|||
"context"
|
||||
|
||||
"github.com/aws/aws-sdk-go/aws"
|
||||
"github.com/fatih/structs"
|
||||
"github.com/hashicorp/vault/logical"
|
||||
"github.com/hashicorp/vault/logical/framework"
|
||||
)
|
||||
|
@ -115,7 +114,15 @@ func (b *backend) pathConfigClientRead(ctx context.Context, req *logical.Request
|
|||
}
|
||||
|
||||
return &logical.Response{
|
||||
Data: structs.New(clientConfig).Map(),
|
||||
Data: map[string]interface{}{
|
||||
"access_key": clientConfig.AccessKey,
|
||||
"secret_key": clientConfig.SecretKey,
|
||||
"endpoint": clientConfig.Endpoint,
|
||||
"iam_endpoint": clientConfig.IAMEndpoint,
|
||||
"sts_endpoint": clientConfig.STSEndpoint,
|
||||
"iam_server_id_header_value": clientConfig.IAMServerIdHeaderValue,
|
||||
"max_retries": clientConfig.MaxRetries,
|
||||
},
|
||||
}, nil
|
||||
}
|
||||
|
||||
|
@ -261,12 +268,12 @@ func (b *backend) pathConfigClientCreateUpdate(ctx context.Context, req *logical
|
|||
// Struct to hold 'aws_access_key' and 'aws_secret_key' that are required to
|
||||
// interact with the AWS EC2 API.
|
||||
type clientConfig struct {
|
||||
AccessKey string `json:"access_key" structs:"access_key" mapstructure:"access_key"`
|
||||
SecretKey string `json:"secret_key" structs:"secret_key" mapstructure:"secret_key"`
|
||||
Endpoint string `json:"endpoint" structs:"endpoint" mapstructure:"endpoint"`
|
||||
IAMEndpoint string `json:"iam_endpoint" structs:"iam_endpoint" mapstructure:"iam_endpoint"`
|
||||
STSEndpoint string `json:"sts_endpoint" structs:"sts_endpoint" mapstructure:"sts_endpoint"`
|
||||
IAMServerIdHeaderValue string `json:"iam_server_id_header_value" structs:"iam_server_id_header_value" mapstructure:"iam_server_id_header_value"`
|
||||
AccessKey string `json:"access_key" mapstructure:"access_key"`
|
||||
SecretKey string `json:"secret_key" mapstructure:"secret_key"`
|
||||
Endpoint string `json:"endpoint" mapstructure:"endpoint"`
|
||||
IAMEndpoint string `json:"iam_endpoint" mapstructure:"iam_endpoint"`
|
||||
STSEndpoint string `json:"sts_endpoint" mapstructure:"sts_endpoint"`
|
||||
IAMServerIdHeaderValue string `json:"iam_server_id_header_value" mapstructure:"iam_server_id_header_value"`
|
||||
MaxRetries int `json:"max_retries"`
|
||||
}
|
||||
|
||||
|
|
|
@ -4,14 +4,13 @@ import (
|
|||
"context"
|
||||
"fmt"
|
||||
|
||||
"github.com/fatih/structs"
|
||||
"github.com/hashicorp/vault/logical"
|
||||
"github.com/hashicorp/vault/logical/framework"
|
||||
)
|
||||
|
||||
// awsStsEntry is used to store details of an STS role for assumption
|
||||
type awsStsEntry struct {
|
||||
StsRole string `json:"sts_role" structs:"sts_role" mapstructure:"sts_role"`
|
||||
StsRole string `json:"sts_role" mapstructure:"sts_role"`
|
||||
}
|
||||
|
||||
func pathListSts(b *backend) *framework.Path {
|
||||
|
@ -170,7 +169,9 @@ func (b *backend) pathConfigStsRead(ctx context.Context, req *logical.Request, d
|
|||
}
|
||||
|
||||
return &logical.Response{
|
||||
Data: structs.New(stsEntry).Map(),
|
||||
Data: map[string]interface{}{
|
||||
"sts_role": stsEntry.StsRole,
|
||||
},
|
||||
}, nil
|
||||
}
|
||||
|
||||
|
|
|
@ -4,7 +4,6 @@ import (
|
|||
"context"
|
||||
"fmt"
|
||||
|
||||
"github.com/fatih/structs"
|
||||
"github.com/hashicorp/vault/logical"
|
||||
"github.com/hashicorp/vault/logical/framework"
|
||||
)
|
||||
|
@ -123,7 +122,10 @@ func (b *backend) pathConfigTidyIdentityWhitelistRead(ctx context.Context, req *
|
|||
}
|
||||
|
||||
return &logical.Response{
|
||||
Data: structs.New(clientConfig).Map(),
|
||||
Data: map[string]interface{}{
|
||||
"safety_buffer": clientConfig.SafetyBuffer,
|
||||
"disable_periodic_tidy": clientConfig.DisablePeriodicTidy,
|
||||
},
|
||||
}, nil
|
||||
}
|
||||
|
||||
|
@ -135,8 +137,8 @@ func (b *backend) pathConfigTidyIdentityWhitelistDelete(ctx context.Context, req
|
|||
}
|
||||
|
||||
type tidyWhitelistIdentityConfig struct {
|
||||
SafetyBuffer int `json:"safety_buffer" structs:"safety_buffer" mapstructure:"safety_buffer"`
|
||||
DisablePeriodicTidy bool `json:"disable_periodic_tidy" structs:"disable_periodic_tidy" mapstructure:"disable_periodic_tidy"`
|
||||
SafetyBuffer int `json:"safety_buffer" mapstructure:"safety_buffer"`
|
||||
DisablePeriodicTidy bool `json:"disable_periodic_tidy" mapstructure:"disable_periodic_tidy"`
|
||||
}
|
||||
|
||||
const pathConfigTidyIdentityWhitelistHelpSyn = `
|
||||
|
|
|
@ -4,7 +4,6 @@ import (
|
|||
"context"
|
||||
"fmt"
|
||||
|
||||
"github.com/fatih/structs"
|
||||
"github.com/hashicorp/vault/logical"
|
||||
"github.com/hashicorp/vault/logical/framework"
|
||||
)
|
||||
|
@ -124,7 +123,10 @@ func (b *backend) pathConfigTidyRoletagBlacklistRead(ctx context.Context, req *l
|
|||
}
|
||||
|
||||
return &logical.Response{
|
||||
Data: structs.New(clientConfig).Map(),
|
||||
Data: map[string]interface{}{
|
||||
"safety_buffer": clientConfig.SafetyBuffer,
|
||||
"disable_periodic_tidy": clientConfig.DisablePeriodicTidy,
|
||||
},
|
||||
}, nil
|
||||
}
|
||||
|
||||
|
@ -136,8 +138,8 @@ func (b *backend) pathConfigTidyRoletagBlacklistDelete(ctx context.Context, req
|
|||
}
|
||||
|
||||
type tidyBlacklistRoleTagConfig struct {
|
||||
SafetyBuffer int `json:"safety_buffer" structs:"safety_buffer" mapstructure:"safety_buffer"`
|
||||
DisablePeriodicTidy bool `json:"disable_periodic_tidy" structs:"disable_periodic_tidy" mapstructure:"disable_periodic_tidy"`
|
||||
SafetyBuffer int `json:"safety_buffer" mapstructure:"safety_buffer"`
|
||||
DisablePeriodicTidy bool `json:"disable_periodic_tidy" mapstructure:"disable_periodic_tidy"`
|
||||
}
|
||||
|
||||
const pathConfigTidyRoletagBlacklistHelpSyn = `
|
||||
|
|
|
@ -4,7 +4,6 @@ import (
|
|||
"context"
|
||||
"time"
|
||||
|
||||
"github.com/fatih/structs"
|
||||
"github.com/hashicorp/vault/logical"
|
||||
"github.com/hashicorp/vault/logical/framework"
|
||||
)
|
||||
|
@ -109,25 +108,28 @@ func (b *backend) pathIdentityWhitelistRead(ctx context.Context, req *logical.Re
|
|||
return nil, nil
|
||||
}
|
||||
|
||||
resp := &logical.Response{
|
||||
Data: structs.New(entry).Map(),
|
||||
}
|
||||
resp.Data["creation_time"] = entry.CreationTime.Format(time.RFC3339Nano)
|
||||
resp.Data["expiration_time"] = entry.ExpirationTime.Format(time.RFC3339Nano)
|
||||
resp.Data["last_updated_time"] = entry.LastUpdatedTime.Format(time.RFC3339Nano)
|
||||
|
||||
return resp, nil
|
||||
return &logical.Response{
|
||||
Data: map[string]interface{}{
|
||||
"role": entry.Role,
|
||||
"client_nonce": entry.ClientNonce,
|
||||
"creation_time": entry.CreationTime.Format(time.RFC3339Nano),
|
||||
"disallow_reauthentication": entry.DisallowReauthentication,
|
||||
"pending_time": entry.PendingTime,
|
||||
"expiration_time": entry.ExpirationTime.Format(time.RFC3339Nano),
|
||||
"last_updated_time": entry.LastUpdatedTime.Format(time.RFC3339Nano),
|
||||
},
|
||||
}, nil
|
||||
}
|
||||
|
||||
// Struct to represent each item in the identity whitelist.
|
||||
type whitelistIdentity struct {
|
||||
Role string `json:"role" structs:"role" mapstructure:"role"`
|
||||
ClientNonce string `json:"client_nonce" structs:"client_nonce" mapstructure:"client_nonce"`
|
||||
CreationTime time.Time `json:"creation_time" structs:"creation_time" mapstructure:"creation_time"`
|
||||
DisallowReauthentication bool `json:"disallow_reauthentication" structs:"disallow_reauthentication" mapstructure:"disallow_reauthentication"`
|
||||
PendingTime string `json:"pending_time" structs:"pending_time" mapstructure:"pending_time"`
|
||||
ExpirationTime time.Time `json:"expiration_time" structs:"expiration_time" mapstructure:"expiration_time"`
|
||||
LastUpdatedTime time.Time `json:"last_updated_time" structs:"last_updated_time" mapstructure:"last_updated_time"`
|
||||
Role string `json:"role" mapstructure:"role"`
|
||||
ClientNonce string `json:"client_nonce" mapstructure:"client_nonce"`
|
||||
CreationTime time.Time `json:"creation_time" mapstructure:"creation_time"`
|
||||
DisallowReauthentication bool `json:"disallow_reauthentication" mapstructure:"disallow_reauthentication"`
|
||||
PendingTime string `json:"pending_time" mapstructure:"pending_time"`
|
||||
ExpirationTime time.Time `json:"expiration_time" mapstructure:"expiration_time"`
|
||||
LastUpdatedTime time.Time `json:"last_updated_time" mapstructure:"last_updated_time"`
|
||||
}
|
||||
|
||||
const pathIdentityWhitelistSyn = `
|
||||
|
|
|
@ -6,7 +6,6 @@ import (
|
|||
"strings"
|
||||
"time"
|
||||
|
||||
"github.com/fatih/structs"
|
||||
"github.com/hashicorp/go-uuid"
|
||||
"github.com/hashicorp/vault/helper/policyutil"
|
||||
"github.com/hashicorp/vault/logical"
|
||||
|
@ -405,19 +404,29 @@ func (b *backend) pathRoleRead(ctx context.Context, req *logical.Request, data *
|
|||
return nil, nil
|
||||
}
|
||||
|
||||
// Prepare the map of all the entries in the roleEntry.
|
||||
respData := structs.New(roleEntry).Map()
|
||||
|
||||
// HMAC key belonging to the role should NOT be exported.
|
||||
delete(respData, "hmac_key")
|
||||
|
||||
// Display all the durations in seconds
|
||||
respData["ttl"] = roleEntry.TTL / time.Second
|
||||
respData["max_ttl"] = roleEntry.MaxTTL / time.Second
|
||||
respData["period"] = roleEntry.Period / time.Second
|
||||
|
||||
return &logical.Response{
|
||||
Data: respData,
|
||||
Data: map[string]interface{}{
|
||||
"auth_type": roleEntry.AuthType,
|
||||
"bound_ami_id": roleEntry.BoundAmiID,
|
||||
"bound_account_id": roleEntry.BoundAccountID,
|
||||
"bound_iam_principal_arn": roleEntry.BoundIamPrincipalARN,
|
||||
"bound_iam_principal_id": roleEntry.BoundIamPrincipalID,
|
||||
"bound_iam_role_arn": roleEntry.BoundIamRoleARN,
|
||||
"bound_iam_instance_profile_arn": roleEntry.BoundIamInstanceProfileARN,
|
||||
"bound_region": roleEntry.BoundRegion,
|
||||
"bound_subnet_id": roleEntry.BoundSubnetID,
|
||||
"bound_vpc_id": roleEntry.BoundVpcID,
|
||||
"inferred_entity_type": roleEntry.InferredEntityType,
|
||||
"inferred_aws_region": roleEntry.InferredAWSRegion,
|
||||
"resolve_aws_unique_ids": roleEntry.ResolveAWSUniqueIDs,
|
||||
"role_tag": roleEntry.RoleTag,
|
||||
"allow_instance_migration": roleEntry.AllowInstanceMigration,
|
||||
"ttl": roleEntry.TTL / time.Second,
|
||||
"max_ttl": roleEntry.MaxTTL / time.Second,
|
||||
"policies": roleEntry.Policies,
|
||||
"disallow_reauthentication": roleEntry.DisallowReauthentication,
|
||||
"period": roleEntry.Period / time.Second,
|
||||
},
|
||||
}, nil
|
||||
}
|
||||
|
||||
|
@ -744,27 +753,27 @@ func (b *backend) pathRoleCreateUpdate(ctx context.Context, req *logical.Request
|
|||
|
||||
// Struct to hold the information associated with an AMI ID in Vault.
|
||||
type awsRoleEntry struct {
|
||||
AuthType string `json:"auth_type" structs:"auth_type" mapstructure:"auth_type"`
|
||||
BoundAmiID string `json:"bound_ami_id" structs:"bound_ami_id" mapstructure:"bound_ami_id"`
|
||||
BoundAccountID string `json:"bound_account_id" structs:"bound_account_id" mapstructure:"bound_account_id"`
|
||||
BoundIamPrincipalARN string `json:"bound_iam_principal_arn" structs:"bound_iam_principal_arn" mapstructure:"bound_iam_principal_arn"`
|
||||
BoundIamPrincipalID string `json:"bound_iam_principal_id" structs:"bound_iam_principal_id" mapstructure:"bound_iam_principal_id"`
|
||||
BoundIamRoleARN string `json:"bound_iam_role_arn" structs:"bound_iam_role_arn" mapstructure:"bound_iam_role_arn"`
|
||||
BoundIamInstanceProfileARN string `json:"bound_iam_instance_profile_arn" structs:"bound_iam_instance_profile_arn" mapstructure:"bound_iam_instance_profile_arn"`
|
||||
BoundRegion string `json:"bound_region" structs:"bound_region" mapstructure:"bound_region"`
|
||||
BoundSubnetID string `json:"bound_subnet_id" structs:"bound_subnet_id" mapstructure:"bound_subnet_id"`
|
||||
BoundVpcID string `json:"bound_vpc_id" structs:"bound_vpc_id" mapstructure:"bound_vpc_id"`
|
||||
InferredEntityType string `json:"inferred_entity_type" structs:"inferred_entity_type" mapstructure:"inferred_entity_type"`
|
||||
InferredAWSRegion string `json:"inferred_aws_region" structs:"inferred_aws_region" mapstructure:"inferred_aws_region"`
|
||||
ResolveAWSUniqueIDs bool `json:"resolve_aws_unique_ids" structs:"resolve_aws_unique_ids" mapstructure:"resolve_aws_unique_ids"`
|
||||
RoleTag string `json:"role_tag" structs:"role_tag" mapstructure:"role_tag"`
|
||||
AllowInstanceMigration bool `json:"allow_instance_migration" structs:"allow_instance_migration" mapstructure:"allow_instance_migration"`
|
||||
TTL time.Duration `json:"ttl" structs:"ttl" mapstructure:"ttl"`
|
||||
MaxTTL time.Duration `json:"max_ttl" structs:"max_ttl" mapstructure:"max_ttl"`
|
||||
Policies []string `json:"policies" structs:"policies" mapstructure:"policies"`
|
||||
DisallowReauthentication bool `json:"disallow_reauthentication" structs:"disallow_reauthentication" mapstructure:"disallow_reauthentication"`
|
||||
HMACKey string `json:"hmac_key" structs:"hmac_key" mapstructure:"hmac_key"`
|
||||
Period time.Duration `json:"period" mapstructure:"period" structs:"period"`
|
||||
AuthType string `json:"auth_type" mapstructure:"auth_type"`
|
||||
BoundAmiID string `json:"bound_ami_id" mapstructure:"bound_ami_id"`
|
||||
BoundAccountID string `json:"bound_account_id" mapstructure:"bound_account_id"`
|
||||
BoundIamPrincipalARN string `json:"bound_iam_principal_arn" mapstructure:"bound_iam_principal_arn"`
|
||||
BoundIamPrincipalID string `json:"bound_iam_principal_id" mapstructure:"bound_iam_principal_id"`
|
||||
BoundIamRoleARN string `json:"bound_iam_role_arn" mapstructure:"bound_iam_role_arn"`
|
||||
BoundIamInstanceProfileARN string `json:"bound_iam_instance_profile_arn" mapstructure:"bound_iam_instance_profile_arn"`
|
||||
BoundRegion string `json:"bound_region" mapstructure:"bound_region"`
|
||||
BoundSubnetID string `json:"bound_subnet_id" mapstructure:"bound_subnet_id"`
|
||||
BoundVpcID string `json:"bound_vpc_id" mapstructure:"bound_vpc_id"`
|
||||
InferredEntityType string `json:"inferred_entity_type" mapstructure:"inferred_entity_type"`
|
||||
InferredAWSRegion string `json:"inferred_aws_region" mapstructure:"inferred_aws_region"`
|
||||
ResolveAWSUniqueIDs bool `json:"resolve_aws_unique_ids" mapstructure:"resolve_aws_unique_ids"`
|
||||
RoleTag string `json:"role_tag" mapstructure:"role_tag"`
|
||||
AllowInstanceMigration bool `json:"allow_instance_migration" mapstructure:"allow_instance_migration"`
|
||||
TTL time.Duration `json:"ttl" mapstructure:"ttl"`
|
||||
MaxTTL time.Duration `json:"max_ttl" mapstructure:"max_ttl"`
|
||||
Policies []string `json:"policies" mapstructure:"policies"`
|
||||
DisallowReauthentication bool `json:"disallow_reauthentication" mapstructure:"disallow_reauthentication"`
|
||||
HMACKey string `json:"hmac_key" mapstructure:"hmac_key"`
|
||||
Period time.Duration `json:"period" mapstructure:"period"`
|
||||
}
|
||||
|
||||
const pathRoleSyn = `
|
||||
|
|
Loading…
Reference in New Issue