DecomposeJSON decomposes an object into json fields marked with the `secret` struct tag.

ErrClassForStatus returns the exception class for a given remote status code.

GetClient gets a vault client on a context.

GetIAMAuthCredentials is a credential provider to be passed in as input into the AWSAuth struct.

New creates a new vault client with a default set of options.

NewAWSAuth creates a new AWS struct.

NewBufferPool returns a new BufferPool.

NewEvent returns a new event from a request.

NewEventListener returns a new logger listener for a given event.

NewMockHTTPClient returns a new mock http client.

OptAddr is an alias to OptRemote.

OptAWSAuthCredentialProvider sets the credential provider.

OptConfig sets the vault client from a given configuration.

OptConfigFromEnv sets the vault client from a given configuration read from the environment.

OptCreateTransitAllowPlaintextBackup - If set, enables taking backup of named key in the plaintext format.

OptCreateTransitConfig is a creation option for when you have a pre-defined struct.

OptCreateTransitConvergent - If enabled, the key will support convergent encryption, where the same plaintext creates the same ciphertext.

OptCreateTransitDerived - Specifies if key derivation is to be used.

OptCreateTransitExportable - Enables keys to be exportable.

OptCreateTransitType - specifies the type of key to create.

OptList adds a list parameter to the request.

OptLog sets the logger on the vault client.

OptMount sets the vault client mount.

OptRemote sets the client remote.

OptRootCAs sets the root ca pool for client requests.

OptTimeout sets the timeout to vault.

OptToken sets the vault client token.

OptTraceConfig allows you to provide the entire secret trace configuration.

OptTraceKeyName allows you to specify the name of the key being interacted with.

OptTracer allows you to configure a tracer on the vault client.

OptTraceVaultOperation allows you to set the VaultOperation being hit.

OptUpdateTransitAllowPlaintextBackup - If set, enables taking backup of named key in the plaintext format.

OptUpdateTransitConfig is an update option for when you have a pre-defined struct.

OptUpdateTransitDeletionAllowed - Specifies if the key is allowed to be deleted.

OptUpdateTransitExportable - Enables keys to be exportable.

OptUpdateTransitMinDecryptionVer - Specifies the minimum version of ciphertext allowed to be decrypted.

OptUpdateTransitMinEncryptionVer - Specifies the minimum version of the key that can be used to encrypt plaintext, sign payloads, or generate HMACs.

OptVersion adds a version to the request.

RestoreJSON restores an object from a given data bag as JSON.

WithClient sets the vault client on a given context.

AWSAuthLoginPath is the login path for aws iam auth.

ContentTypeApplicationJSON is a content type.

DefaultAddr is the default addr.

DefaultBufferPoolSize is the default buffer pool size.

DefaultMount is the default kv mount.

DefaultTimeout is the default timeout.

EnvVarVaultAddr is the environment variable for the vault address.

EnvVarVaultCertAuthorityPath is the environment variable for the vault certificate authority.

EnvVarVaultMount is the environment variable for the vault mount.

EnvVarVaultTimeout is the environment variable for how long to wait for vault to timeout.

EnvVarVaultToken is the environment variable for the vault token.

Common error codes.

Common error codes.

Common error codes.

Common error codes.

Common error codes.

Flag is the logger flag.

HeaderContentType is the content type header.

HeaderVaultToken is the vault token header.

MethodDelete is a request method.

MethodGet is a request method.

MethodList is a request method.

MethodPost is a request method.

MethodPut is a request method.

ReflectTagName is a reflect tag name.

Constants.

STSGetIdentityBody is the body of the post request.

STSURL is the url of the sts call.

These types are encryption algorithms that can be used when creating a transit key.

These types are encryption algorithms that can be used when creating a transit key.

These types are encryption algorithms that can be used when creating a transit key.

These types are encryption algorithms that can be used when creating a transit key.

These types are encryption algorithms that can be used when creating a transit key.

These types are encryption algorithms that can be used when creating a transit key.

Version1 is a constant.

Version2 is a constant.

APIClient is a client to talk to vault.

AWSAuth defines vault aws auth methods.

AWSAuthResponse is a response for github auth.

BatchTransitInput is the structure of batch encrypt / decrypt requests.

BatchTransitInputItem is a single item in a batch encrypt / decrypt request.

BatchTransitResult is the structure returned by vault for batch transit requests.

Buffer is a bytes.Buffer with a reference back to the buffer pool.

BufferPool is a sync.Pool of bytes.Buffer.

Config is the secrets config object.

CreateTransitKeyConfig is the configuration data for creating a TransitKey.

Event is an event.

GitHubAuthResponse is a response for github auth.

KeyData is used for lists.

KV1 defines key value version 1 interactions.

KV2 defines key value version 2 interactions.

MockHTTPClient is a mock http client.

MockTransitClient skips interactions with the vault for encryption/decryption.

Mount is a vault mount.

MountConfig is a vault mount config.

MountConfigInput is a vault mount config input.

MountInput is a vault mount input.

MountResponse is the result of a call to a mount.

SecretAuth is the structure containing auth information if we have it.

SecretData is used for puts.

SecretListV1 is the structure returned for a list of secret keys in vault.

SecretListV2 is the structure returned for every secret within Vault.

SecretTraceConfig are the options for sending trace messages for the secrets package.

SecretV1 is the structure returned for every secret within Vault.

SecretV2 is the structure returned for every secret within Vault.

SecretWrapInfo contains wrapping information if we have it.

Transit defines vault transit interactions.

TransitHmacResult is the structure returned by vault for transit hmac requests.

TransitKey is the structure returned for every transit key within Vault.

TransitResult is the structure returned by vault for transit requests.

UpdateTransitKeyConfig is the configuration data for modifying a TransitKey.

Client is the general interface for a Secrets client.

HTTPClient is a client that can send http requests.

IsZeroable is useful to test if we need to set a config field or not.

KV is a basic key value store.

TraceFinisher is a finisher for traces.

Tracer is a tracer for requests.

TransitClient is an interface for an encryption-as-a-service client.

AWSAuthOption mutates an AWSAuth instance.

CallOption a thing that we can do to modify a request.

CreateTransitKeyOption is an option type for transit key creation.

CredentialProvider defines the credential provider func interface.

KVClient is a basic key value store client.

Option is an option for a vault client.

TraceOption is an option type for secret trace.

UpdateTransitKeyOption is an option type for transit key creation.

Values is a bag of values.