Categorygithub.com/armosec/utils-k8s-gosecrethandling
package
0.0.30
Repository: https://github.com/armosec/utils-k8s-go.git
Documentation: pkg.go.dev
Overview
Versions
1
Dependencies
14
Dependents
2
Files
696 SLOC

# Functions

EditEncryptionSecretPolicy remove subsecret name from sid.
GenerateDefaultNamespacePolicy generate default secret access policy based on namespace.
GetFieldsToDecrypt get encrypted secret fields.
GetFieldsToEncrypt get fields from secret data to encrypt.
GetFieldsToEncryptFromSecretPolicy -.
GetNativeSID get native secret is.
No description provided by the author
GetSecretContent -.
GetSecretIDsFromPolicy list secret-ids from a secret policy.
GetSecretIDsFromPolicyList list secret-ids from a list of policies.
GetSecretTLVLength return TLV length.
GetSID get secret is.
GetSIDCluster get cluster name from secret-id.
GetSIDLevel0 get level0 name from secret-id.
GetSIDLevel1 get level1 name from secret-id.
GetSIDName get secret name from secret-id.
GetSIDNamespace get namespace name from secret-id.
GetSIDSubsecret get subsecret name from secret-id, if not found, return empty string.
GetSubSecretFromAnnotation extract from annotation tag the desired sub-secret name.
GetSubSecretKeyIDFromAnnotation extract from annotation value the desired key id.
HasSecretTLV is the byte slice an encrypted secret.
IsKindK8S returns true if kind is a k8s.
IsSecretTypeSupported does Armo support protection on this type of secret.
IsSIDK8s get secret kind.
No description provided by the author
ReadSecret -.
RemoveSIDSubsecret get subsecret name from secret-id, if not found, return empty string.
SplitSecretID splits the secret id string into cluster, namespace, secret-name [,sub-secret-name].
SubsecretToEncrypt check if the given subsecret should be encrypted.
ValidateSecretAccessPolicy validate secret policy object.
ValidateSecretID test secret validation.

# Variables

Global variables to use in another packages.
Global variables to use in another packages.
Global variables to use in another packages.
Global variables to use in another packages.
API fields.
API fields.
API fields.
API fields.
API fields.
API fields.
API fields.
API fields.
SecretTLVTag the tlv tag.
API fields.
API fields.

# Structs

CAK8SMeta holds common metadata about k8s objects.
K8SSecret represents single k8s secret in cluster.
DEPRECATED - "github.com/armosec/capacketsgo/armotypes" PortalBase holds basic items data from portal BE.
DEPRECATED - "github.com/armosec/capacketsgo/armotypes" PortalDesignator represented single designation options.
PortalSecretDefinition defines a relation between keys and sub secrets of specific secret.
PortalSubSecretDefinition defines a relation between keyID and sub secret.
SecretAccessPolicy represent list od workloads allows to access some secrets Notice that in K8S, workload can use secret only in case they are in the same namespace.

# Type aliases

DockerConfigJsonstructure -.