Package dynamo implements DynamoDB storage backend for Teleport auth service, similar to etcd backend.

Package etcdbk implements Etcd powered backend.

Package firestoreFirestoreBackend implements Firestore storage backend for Teleport auth service, similar to DynamoDB backend.

Package kubernetes implements Kubernetes Secret backend used for persisting identity and state for agent's running in Kubernetes clusters.

Package lite implements SQLite backend used for local persistent caches in proxies and nodes and for standalone auth service deployments.

Package memory implements backend interface using a combination of Minheap (to store expiring items) and B-Tree for storing sorted dictionary of items.

Package test contains a backend acceptance test suite that is backend implementation independent each backend will use the suite to test itself.

AcquireLock grabs a lock that will be released automatically in TTL.

BacklogGracePeriod sets the amount of time a watcher with a backlog will be tolerated.

BufferCapacity sets the event capacity of the circular buffer.

BufferClock sets a custom clock for the buffer (used in tests).

Clone copies all items from a source to a destination [Backend].

CreateRevision generates a new identifier to be used as a resource revision.

CreationGracePeriod sets the amount of time delay after watcher creation before it will be considered for removal due to backlog.

Delete builds an action that removes the target key.

EarliestExpiry returns first of the otherwise returns empty.

ExactKey is like [NewKey], except a [Separator] is appended to the result path of [Key].

Exists builds a condition that asserts the target key exists.

Expiry converts ttl to expiry time, if ttl is 0 returns empty time.

GetPaginationKey returns the pagination key given item.

IsKeySafe checks if the passed in key conforms to whitelist.

IterateRange is a helper for stepping over a range.

KeyFromString creates a [Key] from a textual representation of the [Key].

MaskKeyName masks the given key name.

MustRegister registers a [Backend] implementation, panicking if it has already been registered.

New initializes a new [Backend] implementation based on the service config.

NewCircularBuffer returns a new uninitialized instance of circular buffer.

NewKey joins parts into path separated by [Separator], makes sure path always starts with [Separator].

NewLease creates a lease for the provided [Item].

NewReporter returns a new Reporter.

NewReporterWatcher creates new reporter watcher instance.

NewSanitizer returns a new Sanitizer.

NewWrapper returns a new Wrapper.

NextPaginationKey returns the next pagination key.

Nop builds an action that does nothing.

NotExists builds a condition that asserts the target key does not exist.

Put builds an action that writes the provided item to the target key.

RangeEnd returns end of the range for given key.

RemoveRedundantPrefixes will remove redundant prefixes from the given prefix list.

Revision builds a condition that asserts the target key has the specified revision.

RunWhileLocked allows you to run a function while a lock is held.

StreamRange constructs a Stream for the given key range.

TTL returns TTL in duration units, rounds up to one second.

ValidateAtomicWrite verifies that the supplied group of conditional actions are a valid input for atomic application.

Whatever builds a condition that matches any current key state.

DefaultBacklogGracePeriod is the default amount of time that the circular buffer will tolerate an event backlog in one of its watchers.

DefaultBufferCapacity is a default circular buffer size used by backends to fan out events.

DefaultCreationGracePeriod is the default amount of time time that the circular buffer will wait before enforcing the backlog grace period.

DefaultEventsTTL is a default events TTL period.

DefaultPollStreamPeriod is a default event poll stream period.

DefaultRangeLimit is used to specify some very large limit when limit is not specified explicitly to prevent OOM due to infinite loops or other issues along those lines.

Forever means that object TTL will not expire unless deleted.

KindDelete indicates that any item at the target key should be removed.

KindExists asserts that an item exists at the target key.

KindNop indicates that no action should be taken.

KindNotExists asserts that no item exists at the target key.

KindPut indicates that the associated item should be written to the target key.

KindRevision asserts the exact current revision of the target key.

KindWhatever indicates that no condition should be evaluated.

MaxAtomicWriteSize is the maximum number of conditional actions that may be applied via a single atomic write.

NoLimit specifies no limits.

Separator is used as a separator between key parts.

SeparatorString is string representation of Separator.

BlankRevision is a placeholder revision to be used by backends when the revision of the item in the backend is empty.

ErrConditionFailed is returned from AtomicWrite when one or more conditions failed to hold.

ErrIncorrectRevision is returned from conditional operations when revisions do not match the expected value.

Action specifies an action to be taken against a backend item.

BufferWatcher is a watcher connected to the buffer and receiving fan-out events from the watcher.

CircularBuffer implements in-memory circular buffer of predefined size, that is capable of fan-out of the backend events.

CloneConfig contains the configuration for cloning a [Backend].

Condition specifies some requirement that a backend item must meet.

ConditionalAction specifies a condition and an action associated with a given key.

Config is used for 'storage' config section.

Event is a event containing operation with item.

GetResult provides the result of GetRange request.

Item is a key value item.

Key is the unique identifier for an [Item].

Lease represents a lease on the item that can be used to extend item's TTL without updating its contents.

Reporter wraps a Backend implementation and reports statistics about the backend operations.

ReporterConfig configures reporter wrapper.

ReporterWatcher is a wrapper around backend watcher that reports events.

RunWhileLockedConfig is configuration for RunWhileLocked function.

Sanitizer wraps a [Backend] implementation to make sure all [Key]s written to the backend are allowed.

Watch specifies watcher parameters.

Wrapper wraps a Backend implementation that can fail on demand.

Backend implements abstraction over local or remote storage backend.

HostID is a derivation of a KeyedItem that allows the host id to be included in the key.

KeyedItem represents an item from which a pagination key can be derived.

Watcher returns watcher.

ActionKind marks the kind of an action to be taken.

AtomicWriterBackend was used to extend the backend interface with the AtomicWrite method prior to all backends implementing AtomicWrite.

ConditionKind marks the kind of condition to be evaluated.

Items is a sortable list of backend items.

Params type defines a flexible unified back-end configuration API.