[−][src]Struct credstash::CredStashClient
CredStash client. This Struct internally handles the KMS and DynamoDB client connections and their credentials. Note that the client will use the default credentials provider and tls client.
Methods
impl CredStashClient
[src]
pub fn new(
credential: CredStashCredential,
region: Option<Region>
) -> Result<CredStashClient, CredStashClientError>
[src]
credential: CredStashCredential,
region: Option<Region>
) -> Result<CredStashClient, CredStashClientError>
Creates a new client backend. Note that this uses the default AWS credential provider and the tls client.
pub fn list_secrets<'a>(
&'a self,
table_name: String
) -> impl Future<Item = Vec<CredstashKey>, Error = CredStashClientError> + 'a
[src]
&'a self,
table_name: String
) -> impl Future<Item = Vec<CredstashKey>, Error = CredStashClientError> + 'a
Returns all the Credential name stored in the DynamoDB table.
Arguments
table_name
: The name of the table from which to listCredstashKey
pub fn put_secret_auto_version<'a>(
&'a self,
table_name: String,
credential_name: String,
credential_value: String,
key_id: Option<String>,
encryption_context: Option<(String, String)>,
comment: Option<String>,
digest_algorithm: Algorithm
) -> impl Future<Item = PutItemOutput, Error = CredStashClientError> + 'a
[src]
&'a self,
table_name: String,
credential_name: String,
credential_value: String,
key_id: Option<String>,
encryption_context: Option<(String, String)>,
comment: Option<String>,
digest_algorithm: Algorithm
) -> impl Future<Item = PutItemOutput, Error = CredStashClientError> + 'a
Inserts new credential in the DynamoDB table. This is same as
put_secret
but it also increments the version of the
credential_name automatically.
Arguments
table_name
: Name of the DynamoDB table against which the API operates.credential_name
: Credential name to store.credential_value
: Credential secret value which has to be encrypted and stored securely.key_id
: The unique identifier for the customer master key (CMK) for which to cancel deletion. Specify the key ID or the Amazon Resource Name (ARN) of the CMK.For example:
-
Key ID:
1234abcd-12ab-34cd-56ef-1234567890ab
-
Key ARN:
arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab
To get the key ID and key ARN for a CMK, use ListKeys or DescribeKey.
-
encryption_context
: Name-value pair that specifies the encryption context to be used for authenticated encryption. If used here, the same value must be supplied to theDecrypt
API or decryption will fail. For more information, see Encryption Context.comment
: Optional comment to specify for the credential.digest_algorithm
: The digest algorithm that should be used for computing the HMAC of the encrypted text.
pub fn get_highest_version(
&self,
table_name: String,
credential_name: String
) -> impl Future<Item = u64, Error = CredStashClientError>
[src]
&self,
table_name: String,
credential_name: String
) -> impl Future<Item = u64, Error = CredStashClientError>
Get the latest version of the credential in the DynamoDB table. credential_name automatically.
Arguments
table_name
: Name of the DynamoDB table against which the API operates.credential_name
: Credential name to store.
pub fn delete_secret<'a>(
&'a self,
table_name: String,
credential_name: String
) -> impl Future<Item = Vec<DeleteItemOutput>, Error = CredStashClientError> + 'a
[src]
&'a self,
table_name: String,
credential_name: String
) -> impl Future<Item = Vec<DeleteItemOutput>, Error = CredStashClientError> + 'a
Delete the credential from the DynamoDB table.
Arguments
table_name
: Name of the DynamoDB table against which the API operates.credential_name
: Credential name to store.
pub fn put_secret<'a>(
&'a self,
table_name: String,
credential_name: String,
credential_value: String,
key_id: Option<String>,
encryption_context: Option<(String, String)>,
version: Option<u64>,
comment: Option<String>,
digest_algorithm: Algorithm
) -> impl Future<Item = PutItemOutput, Error = CredStashClientError> + 'a
[src]
&'a self,
table_name: String,
credential_name: String,
credential_value: String,
key_id: Option<String>,
encryption_context: Option<(String, String)>,
version: Option<u64>,
comment: Option<String>,
digest_algorithm: Algorithm
) -> impl Future<Item = PutItemOutput, Error = CredStashClientError> + 'a
Inserts new credential in the DynamoDB table.
Arguments
table_name
: Name of the DynamoDB table against which the API operates.credential_name
: Credential name to store.credential_value
: Credential secret value which has to be encrypted and stored securely.key_id
: The unique identifier for the customer master key (CMK) for which to cancel deletion. Specify the key ID or the Amazon Resource Name (ARN) of the CMK.For example:
-
Key ID:
1234abcd-12ab-34cd-56ef-1234567890ab
-
Key ARN:
arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab
To get the key ID and key ARN for a CMK, use ListKeys or DescribeKey.
-
encryption_context
: Name-value pair that specifies the encryption context to be used for authenticated encryption. If used here, the same value must be supplied to theDecrypt
API or decryption will fail. For more information, see Encryption Context.comment
: Optional comment to specify for the credential.digest_algorithm
: The digest algorithm that should be used for computing the HMAC of the encrypted text.
pub fn create_db_table<'a>(
&'a self,
table_name: String,
tags: Option<Vec<(String, String)>>
) -> impl Future<Item = CreateTableOutput, Error = CredStashClientError> + 'a
[src]
&'a self,
table_name: String,
tags: Option<Vec<(String, String)>>
) -> impl Future<Item = CreateTableOutput, Error = CredStashClientError> + 'a
Creates the necessary table for the credential to be stored in future. Note that this API is an asynchronous operatio. Upon receiving a CreateTable request, DynamoDB immediately returns a response with a TableStatus of CREATING. After the table is created, DynamoDB sets the TableStatus to ACTIVE. You can perform read and write operations only on an ACTIVE table.
Arguments
table_name
: Name of the DynamoDB table against which the API operates.tags
: Tags to associate with the table.
pub fn get_all_secrets<'a>(
&'a self,
table_name: String,
encryption_context: Option<(String, String)>,
version: Option<u64>
) -> impl Future<Item = Vec<CredstashItem>, Error = CredStashClientError> + 'a
[src]
&'a self,
table_name: String,
encryption_context: Option<(String, String)>,
version: Option<u64>
) -> impl Future<Item = Vec<CredstashItem>, Error = CredStashClientError> + 'a
Get all the secrets present in the DynamoDB table.
Arguments
table_name
: Name of the DynamoDB table against which the API operates.encryption_context
: Name-value pair that specifies the encryption context to be used for authenticated encryption. If used here, the same value must be supplied to theDecrypt
API or decryption will fail. For more information, see Encryption Context.version
: The version of the credential which has to be retrieved. By default, it will retrieve the latest version.
pub fn get_secret<'a>(
&'a self,
table_name: String,
credential_name: String,
encryption_context: Option<(String, String)>,
version: Option<u64>
) -> impl Future<Item = CredstashItem, Error = CredStashClientError> + 'a
[src]
&'a self,
table_name: String,
credential_name: String,
encryption_context: Option<(String, String)>,
version: Option<u64>
) -> impl Future<Item = CredstashItem, Error = CredStashClientError> + 'a
Get a specific secret present in the DynamoDB table.
Arguments
table_name
: Name of the DynamoDB table against which the API operates.credential_name
: Credential name which has to be retrieved.encryption_context
: Name-value pair that specifies the encryption context to be used for authenticated encryption. If used here, the same value must be supplied to theDecrypt
API or decryption will fail. For more information, see Encryption Context.version
: The version of the credential which has to be retrieved. By default, it will retrieve the latest version.
Auto Trait Implementations
impl !RefUnwindSafe for CredStashClient
impl Send for CredStashClient
impl Sync for CredStashClient
impl Unpin for CredStashClient
impl !UnwindSafe for CredStashClient
Blanket Implementations
impl<T> Any for T where
T: 'static + ?Sized,
[src]
T: 'static + ?Sized,
impl<T> Borrow<T> for T where
T: ?Sized,
[src]
T: ?Sized,
impl<T> BorrowMut<T> for T where
T: ?Sized,
[src]
T: ?Sized,
fn borrow_mut(&mut self) -> &mut T
[src]
impl<T> From<T> for T
[src]
impl<T, U> Into<U> for T where
U: From<T>,
[src]
U: From<T>,
impl<T> Same<T> for T
type Output = T
Should always be Self
impl<T, U> TryFrom<U> for T where
U: Into<T>,
[src]
U: Into<T>,
type Error = Infallible
The type returned in the event of a conversion error.
fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>
[src]
impl<T, U> TryInto<U> for T where
U: TryFrom<T>,
[src]
U: TryFrom<T>,