MasterKey is an AWS KMS key used to encrypt and decrypt SOPS' data key using AWS SDK for Go V2.
| 55 | // MasterKey is an AWS KMS key used to encrypt and decrypt SOPS' data key using |
| 56 | // AWS SDK for Go V2. |
| 57 | type MasterKey struct { |
| 58 | // Arn associated with the AWS KMS key. |
| 59 | Arn string |
| 60 | // Role ARN used to assume a role through AWS STS. |
| 61 | Role string |
| 62 | // EncryptedKey stores the data key in it's encrypted form. |
| 63 | EncryptedKey string |
| 64 | // CreationDate is when this MasterKey was created. |
| 65 | CreationDate time.Time |
| 66 | // EncryptionContext provides additional context about the data key. |
| 67 | // Ref: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#encrypt_context |
| 68 | EncryptionContext map[string]*string |
| 69 | // AwsProfile is the profile to use for loading configuration and credentials. |
| 70 | // Ref: https://aws.github.io/aws-sdk-go-v2/docs/configuring-sdk/#specifying-profiles |
| 71 | AwsProfile string |
| 72 | |
| 73 | // credentialsProvider is used to configure the AWS client config with |
| 74 | // credentials. It can be injected by a (local) keyservice.KeyServiceServer |
| 75 | // using CredentialsProvider.ApplyToMasterKey. If nil, the default client is used |
| 76 | // which utilizes runtime environmental values. |
| 77 | credentialsProvider aws.CredentialsProvider |
| 78 | // baseEndpoint can be used to override the endpoint the AWS client resolves |
| 79 | // to by default. This is mostly used for testing purposes as it can not be |
| 80 | // injected using e.g. an environment variable. The field is not publicly |
| 81 | // exposed, nor configurable. |
| 82 | baseEndpoint string |
| 83 | // httpClient is used to override the default HTTP client used by the AWS client. |
| 84 | httpClient *http.Client |
| 85 | } |
| 86 | |
| 87 | // NewMasterKey creates a new MasterKey from an ARN, role and context, setting |
| 88 | // the creation date to the current date. |
nothing calls this directly
no outgoing calls
no test coverage detected