benchmarktests

package
v0.3.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Apr 29, 2024 License: MPL-2.0 Imports: 56 Imported by: 0

Documentation

Index

Constants

View Source
const (
	ApproleAuthTestType   = "approle_auth"
	ApproleAuthTestMethod = "POST"
)

Constants for test

View Source
const (
	AWSAuthTestType   = "aws_auth"
	AWSAuthTestMethod = "POST"
	AWSAuthAccessKey  = VaultBenchmarkEnvVarPrefix + "AWS_ACCESS_KEY"
	AWSAuthSecretKey  = VaultBenchmarkEnvVarPrefix + "AWS_SECRET_KEY"
)

Constants for test

View Source
const (
	AzureAuthTestType     = "azure_auth"
	AzureAuthTestMethod   = "POST"
	AzureAuthClientID     = VaultBenchmarkEnvVarPrefix + "AZURE_CLIENT_ID"
	AzureAuthClientSecret = VaultBenchmarkEnvVarPrefix + "AZURE_CLIENT_SECRET"
	AzureAuthJWT          = VaultBenchmarkEnvVarPrefix + "AZURE_JWT"
)

Constants for test

View Source
const (
	CertAuthTestType   = "cert_auth"
	CertAuthTestMethod = "POST"
)

Constants for test

View Source
const (
	GCPAuthTestType     = "gcp_auth"
	GCPAuthTestMethod   = "POST"
	IdentityMetadataURL = "http://metadata/computeMetadata/v1/instance/service-accounts/default/identity"
)

Constants for test

View Source
const (
	GitHubAuthTestType      = "github_auth"
	GitHubAuthTestMethod    = "POST"
	GitHubAuthTestUserToken = VaultBenchmarkEnvVarPrefix + "GITHUB_TOKEN"
)

Constants for test

View Source
const (
	JWTAuthTestType   = "jwt_auth"
	JWTAuthTestMethod = "POST"
)

Constants for test

View Source
const (
	KubeAuthTestType               = "kube_auth"
	KubeAuthTestMethod             = "POST"
	DefaultServiceAccountTokenPath = "/var/run/secrets/kubernetes.io/serviceaccount/token"
)

Constants for test

View Source
const (
	LDAPAuthTestType               = "ldap_auth"
	LDAPAuthTestMethod             = "POST"
	LDAPAuthTestUserNameEnvVar     = VaultBenchmarkEnvVarPrefix + "LDAP_TEST_USERNAME"
	LDAPAuthTestUserPasswordEnvVar = VaultBenchmarkEnvVarPrefix + "LDAP_TEST_PASSWORD"
	LDAPAuthBindPassEnvVar         = VaultBenchmarkEnvVarPrefix + "LDAP_BIND_PASS"
)

Constants for test

View Source
const (
	UserpassTestType       = "userpass_auth"
	UserpassAuthTestMethod = "POST"
)
View Source
const (
	AWSSecretTestType   = "aws_secret"
	AWSSecretTestMethod = "GET"
	AWSSecretAccessKey  = VaultBenchmarkEnvVarPrefix + "AWS_ACCESS_KEY"
	AWSSecretSecretKey  = VaultBenchmarkEnvVarPrefix + "AWS_SECRET_KEY"
)

Constants for test

View Source
const (
	AzureSecretTestType       = "azure_secret"
	AzureSecretTestMethod     = "GET"
	AzureSecretSubscriptionID = VaultBenchmarkEnvVarPrefix + "SUBSCRIPTION_ID"
	AzureSecretTenantID       = VaultBenchmarkEnvVarPrefix + "TENANT_ID"
	AzureSecretClientID       = VaultBenchmarkEnvVarPrefix + "CLIENT_ID"
	AzureSecretClientSecret   = VaultBenchmarkEnvVarPrefix + "CLIENT_SECRET"
	AzureSecretEnvironment    = VaultBenchmarkEnvVarPrefix + "ENVIRONMENT"
)

Constants for test

View Source
const (
	CassandraSecretTestType   = "cassandra_secret"
	CassandraSecretTestMethod = "GET"
	CassandraDBUsernameEnvVar = VaultBenchmarkEnvVarPrefix + "CASSANDRADB_USERNAME"
	CassandraDBPasswordEnvVar = VaultBenchmarkEnvVarPrefix + "CASSANDRADB_PASSWORD"
)

Constants for test

View Source
const (
	ConsulSecretTestType   = "consul_secret"
	ConsulSecretTestMethod = "GET"
	ConsulTokenEnvVar      = VaultBenchmarkEnvVarPrefix + "CONSUL_TOKEN"
)

Constants for test

View Source
const (
	CouchbaseSecretTestType   = "couchbase_secret"
	CouchbaseSecretTestMethod = "GET"
	CouchbaseUsernameEnvVar   = VaultBenchmarkEnvVarPrefix + "COUCHBASE_USERNAME"
	CouchbasePasswordEnvVar   = VaultBenchmarkEnvVarPrefix + "COUCHBASE_PASSWORD"
)
View Source
const (
	RedisDynamicSecretTestType         = "redis_dynamic_secret"
	RedisDynamicSecretTestMethod       = "GET"
	RedisDynamicSecretDBUsernameEnvVar = VaultBenchmarkEnvVarPrefix + "REDIS_USERNAME"
	RedisDynamicSecretDBPasswordEnvVar = VaultBenchmarkEnvVarPrefix + "REDIS_PASSWORD"
)

Constants for test

View Source
const (
	ElasticSearchSecretTestType   = "elasticsearch_secret"
	ElasticSearchSecretTestMethod = "GET"
	ElasticSearchUsernameEnvVar   = VaultBenchmarkEnvVarPrefix + "ELASTICSEARCH_USERNAME"
	ElasticSearchPasswordEnvVar   = VaultBenchmarkEnvVarPrefix + "ELASTICSEARCH_PASSWORD"
)

Constants for test

View Source
const (
	GCPSecretTestType     = "gcp_secret"
	GCPSecretTestMethod   = "GET"
	GCPSecretCredentials  = VaultBenchmarkEnvVarPrefix + "GCP_CREDENTIALS"
	GCPSecretBindings     = VaultBenchmarkEnvVarPrefix + "GCP_BINDINGS"
	GCPAccessTokenType    = "access_token"
	GCPServiceAccountType = "service_account_key"
)

Constants for test

View Source
const (
	GCPImpersonationSecretTestType            = "gcp_impersonation_secret"
	GCPImpersonationSecretTestMethod          = "GET"
	GCPImpersonationSecretServiceAccountEmail = VaultBenchmarkEnvVarPrefix + "GCP_SERVICE_ACCOUNT_EMAIL"
)

Constants for test

View Source
const (
	KVV1ReadTestType    = "kvv1_read"
	KVV1WriteTestType   = "kvv1_write"
	KVV1ReadTestMethod  = "GET"
	KVV1WriteTestMethod = "POST"
)

Constants for test

View Source
const (
	KVV2ReadTestType    = "kvv2_read"
	KVV2WriteTestType   = "kvv2_write"
	KVV2ReadTestMethod  = "GET"
	KVV2WriteTestMethod = "POST"
)
View Source
const (
	LDAPDynamicSecretTestType   = "ldap_dynamic_secret"
	LDAPDynamicSecretTestMethod = "GET"
	LDAPSecretBindPassEnvVar    = VaultBenchmarkEnvVarPrefix + "LDAP_BIND_PASS"
)

Constants for test

View Source
const (
	LDAPStaticSecretTestType       = "ldap_static_secret"
	LDAPStaticSecretTestMethod     = "POST"
	LDAPStaticSecretBindPassEnvVar = VaultBenchmarkEnvVarPrefix + "LDAP_BIND_PASS"
)

Constants for test

View Source
const (
	MongoDBSecretTestType   = "mongodb_secret"
	MongoDBSecretTestMethod = "GET"
	MongoDBUsernameEnvVar   = VaultBenchmarkEnvVarPrefix + "MONGODB_USERNAME"
	MongoDBPasswordEnvVar   = VaultBenchmarkEnvVarPrefix + "MONGODB_PASSWORD"
)
View Source
const (
	MongoDBAtlasSecretTestType   = "mongodb_atlas_secret"
	MongoDBAtlasSecretTestMethod = "GET"
	MongoDBAtlasPublicKey        = VaultBenchmarkEnvVarPrefix + "MONGODB_ATLAS_PUBLIC_KEY"
	MongoDBAtlasPrivateKey       = VaultBenchmarkEnvVarPrefix + "MONGODB_ATLAS_PRIVATE_KEY"
)
View Source
const (
	MSSQLSecretTestType   = "mssql_secret"
	MSSQLSecretTestMethod = "GET"
	MSSQLUsernameEnvVar   = VaultBenchmarkEnvVarPrefix + "MSSQL_USERNAME"
	MSSQLPasswordEnvVar   = VaultBenchmarkEnvVarPrefix + "MSSQL_PASSWORD"
)

Constants for test

View Source
const (
	MySQLSecretTestType   = "mysql_secret"
	MySQLSecretTestMethod = "GET"
	MySQLUsernameEnvVar   = VaultBenchmarkEnvVarPrefix + "MYSQL_USERNAME"
	MySQLPasswordEnvVar   = VaultBenchmarkEnvVarPrefix + "MYSQL_PASSWORD"
)

Constants for test

View Source
const (
	NomadSecretTestType   = "nomad_secret"
	NomadSecretTestMethod = "GET"
	NomadTokenEnvVar      = VaultBenchmarkEnvVarPrefix + "NOMAD_TOKEN"
)

Constants for test

View Source
const (
	PKIIssueTestType   = "pki_issue"
	PKIIssueTestMethod = "POST"
)
View Source
const (
	PKISignTestType   = "pki_sign"
	PKISignTestMethod = "POST"
)
View Source
const (
	PostgreSQLSecretTestType   = "postgresql_secret"
	PostgreSQLSecretTestMethod = "GET"
	PostgreSQLUsernameEnvVar   = VaultBenchmarkEnvVarPrefix + "POSTGRES_USERNAME"
	PostgreSQLPasswordEnvVar   = VaultBenchmarkEnvVarPrefix + "POSTGRES_PASSWORD"
)

Constants for test

View Source
const (
	RabbitMQSecretTestType   = "rabbitmq_secret"
	RabbitMQSecretTestMethod = "GET"
	RabbitMQUsernameEnvVar   = VaultBenchmarkEnvVarPrefix + "RABBITMQ_USERNAME"
	RabbitMQPasswordEnvVar   = VaultBenchmarkEnvVarPrefix + "RABBITMQ_PASSWORD"
)

Constants for test

View Source
const (
	SSHIssueTestType   = "ssh_issue"
	SSHIssueTestMethod = "POST"
)
View Source
const (
	SSHKeySignTestType   = "ssh_sign"
	SSHKeySignTestMethod = "POST"
)
View Source
const (
	RedisStaticSecretTestType       = "redis_static_secret"
	RedisStaticSecretTestMethod     = "GET"
	RedisStaticSecretUsernameEnvVar = VaultBenchmarkEnvVarPrefix + "STATIC_REDIS_USERNAME"
	RedisStaticSecretPasswordEnvVar = VaultBenchmarkEnvVarPrefix + "STATIC_REDIS_PASSWORD"
)

Constants for test

View Source
const (
	TransformTokenizationTestType   = "transform_tokenization"
	TransformTokenizationTestMethod = "POST"
	TransformStoreUsernameEnvVar    = VaultBenchmarkEnvVarPrefix + "TRANSIT_STORE_USERNAME"
	TransformStorePasswordEnvVar    = VaultBenchmarkEnvVarPrefix + "TRANSIT_STORE_PASSWORD"
)
View Source
const (
	TransitSignSecretTestType    = "transit_sign"
	TransitVerifySecretTestType  = "transit_verify"
	TransitEncryptSecretTestType = "transit_encrypt"
	TransitDecryptSecretTestType = "transit_decrypt"
	TransitSecretTestMethod      = "POST"
)
View Source
const (
	SyncEvents            = "events"
	SyncAssociationsWrite = "associations_write"
	SyncAssociationsRead  = "associations_read"
)
View Source
const (
	HAStatusTestType   = "ha_status"
	SealStatusTestType = "seal_status"
	MetricsTestType    = "metrics"
	StatusTestMethod   = "GET"
)
View Source
const (
	VaultBenchmarkEnvVarPrefix = "VAULT_BENCHMARK_"
)

Variables

View Source
var (
	ErrIsDirectory = errors.New("location is a directory, not a file")
)
View Source
var (
	TestList = make(map[string]func() BenchmarkBuilder)
)

Functions

func GenerateCert

func GenerateCert(caCertTemplate *x509.Certificate, caSigner crypto.Signer) (string, string, error)

GenerateCert creates a new leaf cert from provided CA template and signer

func IsFile

func IsFile(path string) (bool, error)

Types

type AWSAuth added in v0.2.0

type AWSAuth struct {
	// contains filtered or unexported fields
}

func (*AWSAuth) Cleanup added in v0.2.0

func (a *AWSAuth) Cleanup(client *api.Client) error

func (*AWSAuth) Flags added in v0.2.0

func (a *AWSAuth) Flags(fs *flag.FlagSet)

Func Flags accepts a flag set to assign additional flags defined in the function

func (*AWSAuth) GetTargetInfo added in v0.2.0

func (a *AWSAuth) GetTargetInfo() TargetInfo

func (*AWSAuth) ParseConfig added in v0.2.0

func (a *AWSAuth) ParseConfig(body hcl.Body) error

func (*AWSAuth) Setup added in v0.2.0

func (a *AWSAuth) Setup(client *api.Client, mountName string, topLevelConfig *TopLevelTargetConfig) (BenchmarkBuilder, error)

func (*AWSAuth) Target added in v0.2.0

func (a *AWSAuth) Target(client *api.Client) vegeta.Target

type AWSAuthConfig added in v0.2.0

type AWSAuthConfig struct {
	MaxRetries             int      `hcl:"max_retries,optional"`
	AccessKey              string   `hcl:"access_key,optional"`
	SecretKey              string   `hcl:"secret_key,optional"`
	Endpoint               string   `hcl:"endpoint,optional"`
	IAMEndpoint            string   `hcl:"iam_endpoint,optional"`
	STSEndpoint            string   `hcl:"sts_endpoint,optional"`
	STSRegion              string   `hcl:"sts_region,optional"`
	IAMServerIDHeaderValue string   `hcl:"iam_server_id_header_value,optional"`
	AllowedSTSHeaderValues []string `hcl:"allowed_sts_header_values,optional"`
}

type AWSAuthTestConfig added in v0.2.0

type AWSAuthTestConfig struct {
	AWSAuthConfig     *AWSAuthConfig     `hcl:"auth,block"`
	AWSTestUserConfig *AWSTestUserConfig `hcl:"test_user,block"`
}

type AWSConnectionConfig added in v0.2.0

type AWSConnectionConfig struct {
	MaxRetries       int    `hcl:"max_retries,optional"`
	AccessKey        string `hcl:"access_key,optional"`
	SecretKey        string `hcl:"secret_key,optional"`
	Region           string `hcl:"region,optional"`
	IAMEndpoint      string `hcl:"iam_endpoint,optional"`
	STSEndpoint      string `hcl:"sts_endpoint,optional"`
	UsernameTemplate string `hcl:"username_template,optional"`
}

type AWSRoleConfig added in v0.2.0

type AWSRoleConfig struct {
	Name                   string `hcl:"name,optional"`
	CredentialType         string `hcl:"credential_type,optional"`
	RoleARNs               string `hcl:"role_arns,optional"`
	PolicyARNs             string `hcl:"policy_arns,optional"`
	PolicyDocument         string `hcl:"policy_document,optional"`
	IAM_groups             string `hcl:"iam_groups,optional"`
	IAM_tags               string `hcl:"iam_tags,optional"`
	DefaultSTSTTL          string `hcl:"default_sts_ttl,optional"`
	MaxSTSTTL              string `hcl:"max_sts_ttl,optional"`
	UserPath               string `hcl:"user_path,optional"`
	PermissionsBoundaryARN string `hcl:"permissions_boundary_arn,optional"`
}

type AWSSecretTestConfig added in v0.2.0

type AWSSecretTestConfig struct {
	AWSConnectionConfig *AWSConnectionConfig `hcl:"connection,block"`
	AWSRoleConfig       *AWSRoleConfig       `hcl:"role,block"`
}

Main Config Struct

type AWSTest added in v0.2.0

type AWSTest struct {
	// contains filtered or unexported fields
}

func (*AWSTest) Cleanup added in v0.2.0

func (a *AWSTest) Cleanup(client *api.Client) error

func (*AWSTest) Flags added in v0.2.0

func (a *AWSTest) Flags(fs *flag.FlagSet)

func (*AWSTest) GetTargetInfo added in v0.2.0

func (a *AWSTest) GetTargetInfo() TargetInfo

func (*AWSTest) ParseConfig added in v0.2.0

func (a *AWSTest) ParseConfig(body hcl.Body) error

func (*AWSTest) Setup added in v0.2.0

func (a *AWSTest) Setup(client *api.Client, mountName string, topLevelConfig *TopLevelTargetConfig) (BenchmarkBuilder, error)

func (*AWSTest) Target added in v0.2.0

func (a *AWSTest) Target(client *api.Client) vegeta.Target

type AWSTestUserConfig added in v0.2.0

type AWSTestUserConfig struct {
	Role                       string `hcl:"role"`
	AuthType                   string `hcl:"auth_type,optional"`
	BoundAMIID                 string `hcl:"bound_ami_id,optional"`
	BoundAccountID             string `hcl:"bound_account_id,optional"`
	BoundRegion                string `hcl:"bound_region,optional"`
	BoundVPCID                 string `hcl:"bound_vpc_id,optional"`
	BoundSubnetID              string `hcl:"bound_subnet_id,optional"`
	BoundIAMRoleARN            string `hcl:"bound_iam_role_arn,optional"`
	BoundIAMInstanceProfileARN string `hcl:"bound_iam_instance_profile_arn,optional"`
	BoundEC2InstanceARN        string `hcl:"bound_ec2_instance_arn,optional"`
	RoleTag                    string `hcl:"role_tag,optional"`
	BoundIAMPrincipalARN       string `hcl:"bound_iam_principal_arn,optional"`
	InferredEntityType         string `hcl:"inferred_entity_type,optional"`
	InferredAWSRegion          string `hcl:"inferred_aws_region,optional"`
	ResolveAWSUniqueIDs        bool   `hcl:"resolve_aws_unique_ids,optional"`
	AllowInstanceMigration     bool   `hcl:"allow_instance_migration,optional"`
	DisallowReauthentication   bool   `hcl:"disallow_reauthentication,optional"`
	TokenTTL                   string `hcl:"token_ttl,optional"`
	TokenMaxTTL                string `hcl:"token_max_ttl,optional"`
	TokenPolicies              string `hcl:"token_policies,optional"`
	Policies                   string `hcl:"policies,optional"`
	TokenBoundCIDRs            string `hcl:"token_bound_cidrs,optional"`
	TokenExplicitMaxTTL        string `hcl:"token_explicit_max_ttl,optional"`
	TokenNoDefaultPolicy       bool   `hcl:"token_no_default_policy,optional"`
	TokenNumUses               int    `hcl:"token_num_uses,optional"`
	TokenPeriod                string `hcl:"token_period,optional"`
	TokenType                  string `hcl:"token_type,optional"`
}

type ApproleAuth

type ApproleAuth struct {
	// contains filtered or unexported fields
}

Approle Auth Test Struct

func (*ApproleAuth) Cleanup

func (a *ApproleAuth) Cleanup(client *api.Client) error

func (*ApproleAuth) Flags

func (l *ApproleAuth) Flags(fs *flag.FlagSet)

func (*ApproleAuth) GetTargetInfo

func (a *ApproleAuth) GetTargetInfo() TargetInfo

func (*ApproleAuth) ParseConfig

func (a *ApproleAuth) ParseConfig(body hcl.Body) error

ParseConfig parses the passed in hcl.Body into Configuration structs for use during test configuration in Vault. Any default configuration definitions for required parameters will be set here.

func (*ApproleAuth) Setup

func (a *ApproleAuth) Setup(client *api.Client, mountName string, topLevelConfig *TopLevelTargetConfig) (BenchmarkBuilder, error)

func (*ApproleAuth) Target

func (a *ApproleAuth) Target(client *api.Client) vegeta.Target

type ApproleAuthTestConfig

type ApproleAuthTestConfig struct {
	RoleConfig     *RoleConfig     `hcl:"role,block"`
	SecretIDConfig *SecretIDConfig `hcl:"secret_id,block"`
}

Main Config Struct

type AzureAuth added in v0.2.0

type AzureAuth struct {
	// contains filtered or unexported fields
}

func (*AzureAuth) Cleanup added in v0.2.0

func (a *AzureAuth) Cleanup(client *api.Client) error

func (*AzureAuth) Flags added in v0.2.0

func (a *AzureAuth) Flags(fs *flag.FlagSet)

Func Flags accepts a flag set to assign additional flags defined in the function

func (*AzureAuth) GetTargetInfo added in v0.2.0

func (a *AzureAuth) GetTargetInfo() TargetInfo

func (*AzureAuth) ParseConfig added in v0.2.0

func (a *AzureAuth) ParseConfig(body hcl.Body) error

func (*AzureAuth) Setup added in v0.2.0

func (a *AzureAuth) Setup(client *api.Client, mountName string, topLevelConfig *TopLevelTargetConfig) (BenchmarkBuilder, error)

func (*AzureAuth) Target added in v0.2.0

func (a *AzureAuth) Target(client *api.Client) vegeta.Target

type AzureAuthConfig added in v0.2.0

type AzureAuthConfig struct {
	TenantID     string `hcl:"tenant_id"`
	Resource     string `hcl:"resource"`
	Environment  string `hcl:"environment,optional"`
	ClientID     string `hcl:"client_id,optional"`
	ClientSecret string `hcl:"client_secret,optional"`
}

type AzureAuthRole added in v0.2.0

type AzureAuthRole struct {
	Name                     string   `hcl:"string,optional"`
	BoundServicePrincipalIDs []string `hcl:"bound_service_principal_ids,optional"`
	BoundGroupIDs            []string `hcl:"bound_group_ids,optional"`
	BoundLocations           []string `hcl:"bound_locations,optional"`
	BoundSubscriptionIDs     []string `hcl:"bound_subscription_ids,optional"`
	BoundResourceGroups      []string `hcl:"bound_resource_groups,optional"`
	BoundScaleSets           []string `hcl:"bound_scale_sets,optional"`
	TokenTTL                 string   `hcl:"token_ttl,optional"`
	TokenMaxTTL              string   `hcl:"token_max_ttl,optional"`
	TokenPolicies            []string `hcl:"token_policies,optional"`
	Policies                 []string `hcl:"policies,optional"`
	TokenBoundCidrs          []string `hcl:"token_bound_cidrs,optional"`
	TokenExplicitMaxTTL      string   `hcl:"token_explicit_max_ttl,optional"`
	TokenNoDefaultPolicy     bool     `hcl:"token_no_default_policy,optional"`
	TokenNumUses             int      `hcl:"token_num_uses,optional"`
	TokenPeriod              string   `hcl:"token_period,optional"`
	TokenType                string   `hcl:"token_type,optional"`
}

type AzureAuthTestConfig added in v0.2.0

type AzureAuthTestConfig struct {
	AzureAuthConfig *AzureAuthConfig `hcl:"config,block"`
	AzureAuthRole   *AzureAuthRole   `hcl:"role,block"`
	AzureAuthUser   *AzureAuthUser   `hcl:"user,block"`
}

type AzureAuthUser added in v0.2.0

type AzureAuthUser struct {
	Role              string `hcl:"role,optional"`
	JWT               string `hcl:"jwt,optional"`
	SubscriptionID    string `hcl:"subscription_id"`
	ResourceGroupName string `hcl:"resource_group_name"`
	VMName            string `hcl:"vm_name,optional"`
	VMSSName          string `hcl:"vmss_name,optional"`
	ResourceID        string `hcl:"resource_id,optional"`
}

type AzureSecretConfig added in v0.2.0

type AzureSecretConfig struct {
	SubscriptionId  string `hcl:"subscription_id,optional"`
	TenantId        string `hcl:"tenant_id,optional"`
	ClientId        string `hcl:"client_id,optional"`
	ClientSecret    string `hcl:"client_secret,optional"`
	Environment     string `hcl:"environment,optional"`
	PasswordPolicy  string `hcl:"password_policy,optional"`
	RootPasswordTTL string `hcl:"root_password_ttl,optional"`
}

type AzureSecretRole added in v0.2.0

type AzureSecretRole struct {
	Name                string `hcl:"name,optional"`
	AzureRoles          string `hcl:"azure_roles,optional"`
	AzureGroups         string `hcl:"azure_groups,optional"`
	ApplicationObjectId string `hcl:"application_object_id,optional"`
	PersistApp          bool   `hcl:"persist_app,optional"`
	TTL                 string `hcl:"ttl,optional"`
	MaxTTL              string `hcl:"max_ttl,optional"`
	PermanentlyDelete   bool   `hcl:"permanently_delete,optional"`
}

type AzureSecretTestConfig added in v0.2.0

type AzureSecretTestConfig struct {
	AzureConfig *AzureSecretConfig `hcl:"azure,block"`
	AzureRole   *AzureSecretRole   `hcl:"role,block"`
}

type AzureTest added in v0.2.0

type AzureTest struct {
	// contains filtered or unexported fields
}

func (*AzureTest) Cleanup added in v0.2.0

func (a *AzureTest) Cleanup(client *api.Client) error

func (*AzureTest) Flags added in v0.2.0

func (a *AzureTest) Flags(fs *flag.FlagSet)

func (*AzureTest) GetTargetInfo added in v0.2.0

func (a *AzureTest) GetTargetInfo() TargetInfo

func (*AzureTest) ParseConfig added in v0.2.0

func (a *AzureTest) ParseConfig(body hcl.Body) error

func (*AzureTest) Setup added in v0.2.0

func (a *AzureTest) Setup(client *api.Client, mountName string, topLevelConfig *TopLevelTargetConfig) (BenchmarkBuilder, error)

func (*AzureTest) Target added in v0.2.0

func (a *AzureTest) Target(client *api.Client) vegeta.Target

type BenchmarkBuilder

type BenchmarkBuilder interface {
	// Target generates and returns a vegeta.Target struct which is used for the attack
	Target(client *api.Client) vegeta.Target

	// Setup uses the passed in client and configuration to create the necessary test resources
	// in Vault, and retrieve any necessary information needed to perform the test itself. Setup
	// returns a test struct type which satisfies this BenchmarkBuilder interface.
	Setup(client *api.Client, mountName string, config *TopLevelTargetConfig) (BenchmarkBuilder, error)

	// Cleanup uses the passed in client to clean up any created resources used as part of the test
	Cleanup(client *api.Client) error

	// ParseConfig accepts an hcl.Body and parses it into the underlying test struct
	ParseConfig(body hcl.Body) error

	// GetTargetInfo retrieves specific Target information required to pass on to Attack
	GetTargetInfo() TargetInfo

	// Flags allows tests to define flags in the passed in command flag set
	Flags(fs *flag.FlagSet)
}

type BenchmarkTarget

type BenchmarkTarget struct {
	Builder    BenchmarkBuilder
	Target     func(*api.Client) vegeta.Target
	Remain     hcl.Body `hcl:",remain"`
	Type       string   `hcl:"type,label"`
	Name       string   `hcl:"name,label"`
	MountName  string   `hcl:"mount_name,optional"`
	Method     string
	PathPrefix string
	Weight     int `hcl:"weight,optional"`
}

func (*BenchmarkTarget) ConfigureTarget

func (bt *BenchmarkTarget) ConfigureTarget(client *api.Client)

type CaCert

type CaCert struct {
	PEM      string
	Template *x509.Certificate
	Signer   crypto.Signer
}

func GenerateCA

func GenerateCA() (*CaCert, error)

GenerateCA generates a new self-signed CA cert and returns a CaCert struct containing the PEM encoded cert, X509 Certificate Template, and crypto.Signer

type CassandraDBConfig

type CassandraDBConfig struct {
	Name                   string   `hcl:"name,optional"`
	PluginName             string   `hcl:"plugin_name,optional"`
	PluginVersion          string   `hcl:"plugin_version,optional"`
	VerifyConnection       *bool    `hcl:"verify_connection"`
	AllowedRoles           []string `hcl:"allowed_roles,optional"`
	RootRotationStatements []string `hcl:"root_rotation_statements,optional"`
	PasswordPolicy         string   `hcl:"password_policy,optional"`
	Hosts                  string   `hcl:"hosts"`
	Port                   int      `hcl:"port,optional"`
	ProtocolVersion        int      `hcl:"protocol_version"`
	Username               string   `hcl:"username,optional"`
	Password               string   `hcl:"password,optional"`
	TLS                    *bool    `hcl:"tls,optional"`
	InsecureTLS            bool     `hcl:"insecure_tls,optional"`
	PEMBundle              string   `hcl:"pem_bundle,optional"`
	TLSServerName          string   `hcl:"tls_server_name,optional"`
	PEMhcl                 string   `hcl:"pem_hcl,optional"`
	SkipVerification       bool     `hcl:"skip_verification,optional"`
	ConnectTimeout         string   `hcl:"connect_timeout,optional"`
	LocalDatacenter        string   `hcl:"local_datacenter,optional"`
	SocketKeepAlive        string   `hcl:"socket_keep_alive,optional"`
	Consistency            string   `hcl:"consistency,optional"`
	UsernameTemplate       string   `hcl:"username_template,optional"`
}

Cassandra DB Config

type CassandraRoleConfig

type CassandraRoleConfig struct {
	Name                   string   `hcl:"name,optional"`
	DBName                 string   `hcl:"db_name,optional"`
	DefaultTTL             string   `hcl:"default_ttl,optional"`
	MaxTTL                 string   `hcl:"max_ttl,optional"`
	CreationStatements     []string `hcl:"creation_statements"`
	RevocationStatements   []string `hcl:"revocation_statements,optional"`
	RollbackStatements     []string `hcl:"rollback_statements,optional"`
	RootRotationStatements []string `hcl:"root_rotation_statements,optional"`
}

Cassandra Role Config

type CassandraSecret

type CassandraSecret struct {
	// contains filtered or unexported fields
}

Cassandra Secret Test Struct

func (*CassandraSecret) Cleanup

func (c *CassandraSecret) Cleanup(client *api.Client) error

func (*CassandraSecret) Flags

func (c *CassandraSecret) Flags(fs *flag.FlagSet)

func (*CassandraSecret) GetTargetInfo

func (c *CassandraSecret) GetTargetInfo() TargetInfo

func (*CassandraSecret) ParseConfig

func (c *CassandraSecret) ParseConfig(body hcl.Body) error

ParseConfig parses the passed in hcl.Body into Configuration structs for use during test configuration in Vault. Any default configuration definitions for required parameters will be set here.

func (*CassandraSecret) Setup

func (c *CassandraSecret) Setup(client *api.Client, mountName string, topLevelConfig *TopLevelTargetConfig) (BenchmarkBuilder, error)

func (*CassandraSecret) Target

func (c *CassandraSecret) Target(client *api.Client) vegeta.Target

type CassandraSecretTestConfig

type CassandraSecretTestConfig struct {
	CassandraDBConfig   *CassandraDBConfig   `hcl:"db_connection,block"`
	CassandraRoleConfig *CassandraRoleConfig `hcl:"role,block"`
}

Main Config Struct

type CertAuth

type CertAuth struct {
	// contains filtered or unexported fields
}

func (*CertAuth) Cleanup

func (c *CertAuth) Cleanup(client *api.Client) error

func (*CertAuth) Flags

func (c *CertAuth) Flags(fs *flag.FlagSet)

func (*CertAuth) GetTargetInfo

func (c *CertAuth) GetTargetInfo() TargetInfo

func (*CertAuth) ParseConfig

func (c *CertAuth) ParseConfig(body hcl.Body) error

func (*CertAuth) Setup

func (c *CertAuth) Setup(client *api.Client, mountName string, topLevelConfig *TopLevelTargetConfig) (BenchmarkBuilder, error)

func (*CertAuth) Target

func (c *CertAuth) Target(client *api.Client) vegeta.Target

type CertAuthRoleConfig

type CertAuthRoleConfig struct {
	Name                       string   `hcl:"name,optional"`
	Certificate                string   `hcl:"certificate,optional"`
	AllowedNames               string   `hcl:"allowed_names,optional"`
	AllowedCommonNames         []string `hcl:"allowed_common_names,optional"`
	AllowedDNSSANS             []string `hcl:"allowed_dns_sans,optional"`
	AllowedEmailSANS           []string `hcl:"allowed_email_sans,optional"`
	AllowedURISANS             []string `hcl:"allowed_uri_sans,optional"`
	AllowedOrganizationalUnits []string `hcl:"allowed_organizational_units,optional"`
	RequiredExtensions         []string `hcl:"required_extensions,optional"`
	AllowedMetadataExtensions  []string `hcl:"allowed_metadata_extensions,optional"`
	DisplayName                string   `hcl:"display_name,optional"`
	TokenTTL                   string   `hcl:"token_ttl,optional"`
	TokenMaxTTL                string   `hcl:"token_max_ttl,optional"`
	TokenPolicies              []string `hcl:"token_policies,optional"`
	Policies                   []string `hcl:"policies,optional"`
	TokenBoundCIDRs            []string `hcl:"token_bound_cidrs,optional"`
	TokenExplicitMaxTTL        string   `hcl:"token_explicit_max_ttl,optional"`
	TokenNoDefaultPolicy       bool     `hcl:"token_no_default_policy,optional"`
	TokenNumUses               int      `hcl:"token_num_uses,optional"`
	TokenPeriod                string   `hcl:"token_period,optional"`
	TokenType                  string   `hcl:"token_type,optional"`
}

Main config struct

type ConsulConfig

type ConsulConfig struct {
	Address    string `hcl:"address"`
	Scheme     string `hcl:"scheme,optional"`
	Token      string `hcl:"token,optional"`
	CaCert     string `hcl:"ca_cert,optional"`
	ClientCert string `hcl:"client_cert,optional"`
	ClientKey  string `hcl:"client_key,optional"`
}

type ConsulRoleConfig

type ConsulRoleConfig struct {
	Partition         string   `hcl:"partition,optional"`
	NodeIdentities    []string `hcl:"node_identities,optional"`
	ConsulNamespace   string   `hcl:"consul_namespace,optional"`
	ServiceIdentities []string `hcl:"service_identities,optional"`
	ConsulRoles       []string `hcl:"consul_roles,optional"`
	Name              string   `hcl:"name,optional"`
	TokenType         string   `hcl:"token_type,optional"`
	Policy            string   `hcl:"policy,optional"`
	Policies          []string `hcl:"policies,optional"`
	ConsulPolicies    []string `hcl:"consul_policies,optional"`
	Local             bool     `hcl:"local,optional"`
	TTL               string   `hcl:"ttl,optional"`
	MaxTTL            string   `hcl:"max_ttl,optional"`
	Lease             string   `hcl:"lease,optional"`
}

type ConsulSecretTestConfig

type ConsulSecretTestConfig struct {
	Version          string            `hcl:"version,optional"`
	ConsulConfig     *ConsulConfig     `hcl:"consul,block"`
	ConsulRoleConfig *ConsulRoleConfig `hcl:"role,block"`
}

type ConsulTest

type ConsulTest struct {
	// contains filtered or unexported fields
}

func (*ConsulTest) Cleanup

func (c *ConsulTest) Cleanup(client *api.Client) error

func (*ConsulTest) Flags

func (c *ConsulTest) Flags(fs *flag.FlagSet)

func (*ConsulTest) GetTargetInfo

func (c *ConsulTest) GetTargetInfo() TargetInfo

func (*ConsulTest) ParseConfig

func (c *ConsulTest) ParseConfig(body hcl.Body) error

func (*ConsulTest) Setup

func (c *ConsulTest) Setup(client *api.Client, mountName string, topLevelConfig *TopLevelTargetConfig) (BenchmarkBuilder, error)

func (*ConsulTest) Target

func (c *ConsulTest) Target(client *api.Client) vegeta.Target

type CouchbaseConfig

type CouchbaseConfig struct {
	// Common
	Name             string   `hcl:"name,optional"`
	PluginName       string   `hcl:"plugin_name,optional"`
	PluginVersion    string   `hcl:"plugin_version,optional"`
	VerifyConnection *bool    `hcl:"verify_connection,optional"`
	AllowedRoles     []string `hcl:"allowed_roles,optional"`
	PasswordPolicy   string   `hcl:"password_policy,optional"`
	Username         string   `hcl:"username,optional"`
	Password         string   `hcl:"password,optional"`
	DisableEscaping  bool     `hcl:"disable_escaping,optional"`

	// Couchbase Specific
	Hosts            string `hcl:"hosts"`
	TLS              bool   `hcl:"tls,optional"`
	InsecureTLS      bool   `hcl:"insecure_tls,optional"`
	UsernameTemplate string `hcl:"username_template,optional"`
	Base64PEM        string `hcl:"base64pem,optional"`
	BucketName       string `hcl:"bucket_name"`
}

type CouchbaseRoleConfig

type CouchbaseRoleConfig struct {
	Name               string   `hcl:"name,optional"`
	DBName             string   `hcl:"db_name,optional"`
	DefaultTTL         string   `hcl:"default_ttl,optional"`
	MaxTTL             string   `hcl:"max_ttl,optional"`
	CreationStatements []string `hcl:"creation_statements,optional"`
}

type CouchbaseSecretTest

type CouchbaseSecretTest struct {
	// contains filtered or unexported fields
}

func (*CouchbaseSecretTest) Cleanup

func (c *CouchbaseSecretTest) Cleanup(client *api.Client) error

func (*CouchbaseSecretTest) Flags

func (c *CouchbaseSecretTest) Flags(fs *flag.FlagSet)

func (*CouchbaseSecretTest) GetTargetInfo

func (c *CouchbaseSecretTest) GetTargetInfo() TargetInfo

func (*CouchbaseSecretTest) ParseConfig

func (c *CouchbaseSecretTest) ParseConfig(body hcl.Body) error

func (*CouchbaseSecretTest) Setup

func (c *CouchbaseSecretTest) Setup(client *api.Client, mountName string, topLevelConfig *TopLevelTargetConfig) (BenchmarkBuilder, error)

func (*CouchbaseSecretTest) Target

func (c *CouchbaseSecretTest) Target(client *api.Client) vegeta.Target

type CouchbaseSecretTestConfig added in v0.2.0

type CouchbaseSecretTestConfig struct {
	DBConfig   *CouchbaseConfig     `hcl:"db_connection,block"`
	RoleConfig *CouchbaseRoleConfig `hcl:"role,block"`
}

type ElasticSearchConfig

type ElasticSearchConfig struct {
	Name                   string   `hcl:"name,optional"`
	PluginName             string   `hcl:"plugin_name,optional"`
	PluginVersion          string   `hcl:"plugin_version,optional"`
	VerifyConnectioon      *bool    `hcl:"verify_connection,optional"`
	AllowedRoles           []string `hcl:"allowed_roles,optional"`
	RootRotationStatements []string `hcl:"root_rotation_statements,optional"`
	PasswordPolicy         string   `hcl:"password_policy,optional"`
	URL                    string   `hcl:"url"`
	Username               string   `hcl:"username,optional"`
	Password               string   `hcl:"password,optional"`
	CACert                 string   `hcl:"ca_cert,optional"`
	CAPath                 string   `hcl:"ca_path,optional"`
	ClientCert             string   `hcl:"client_cert,optional"`
	ClientKey              string   `hcl:"client_key,optional"`
	TLSServerName          string   `hcl:"tls_server_name,optional"`
	Insecure               bool     `hcl:"insecure,optional"`
	UsernameTemplate       string   `hcl:"username_template,optional"`
	UseOldXPack            bool     `hcl:"use_old_xpack,optional"`
}

type ElasticSearchRoleConfig

type ElasticSearchRoleConfig struct {
	RoleName           string   `hcl:"name,optional"`
	DBName             string   `hcl:"db_name,optional"`
	DefaultTTL         string   `hcl:"default_ttl,optional"`
	MaxTTL             string   `hcl:"max_ttl,optional"`
	CreationStatements []string `hcl:"creation_statements,optional"`
}

type ElasticSearchSecretTestConfig

type ElasticSearchSecretTestConfig struct {
	ElasticSearchConfig     *ElasticSearchConfig     `hcl:"db_connection,block"`
	ElasticSearchRoleConfig *ElasticSearchRoleConfig `hcl:"role,block"`
}

type ElasticSearchTest

type ElasticSearchTest struct {
	// contains filtered or unexported fields
}

func (*ElasticSearchTest) Cleanup

func (e *ElasticSearchTest) Cleanup(client *api.Client) error

func (*ElasticSearchTest) Flags

func (e *ElasticSearchTest) Flags(fs *flag.FlagSet)

func (*ElasticSearchTest) GetTargetInfo

func (e *ElasticSearchTest) GetTargetInfo() TargetInfo

func (*ElasticSearchTest) ParseConfig

func (e *ElasticSearchTest) ParseConfig(body hcl.Body) error

func (*ElasticSearchTest) Setup

func (e *ElasticSearchTest) Setup(client *api.Client, mountName string, topLevelConfig *TopLevelTargetConfig) (BenchmarkBuilder, error)

func (*ElasticSearchTest) Target

func (e *ElasticSearchTest) Target(client *api.Client) vegeta.Target

type GCPAuth added in v0.2.0

type GCPAuth struct {
	// contains filtered or unexported fields
}

func (*GCPAuth) Cleanup added in v0.2.0

func (g *GCPAuth) Cleanup(client *api.Client) error

func (*GCPAuth) Flags added in v0.2.0

func (g *GCPAuth) Flags(fs *flag.FlagSet)

Func Flags accepts a flag set to assign additional flags defined in the function

func (*GCPAuth) GetTargetInfo added in v0.2.0

func (g *GCPAuth) GetTargetInfo() TargetInfo

func (*GCPAuth) ParseConfig added in v0.2.0

func (g *GCPAuth) ParseConfig(body hcl.Body) error

func (*GCPAuth) Setup added in v0.2.0

func (g *GCPAuth) Setup(client *api.Client, mountName string, topLevelConfig *TopLevelTargetConfig) (BenchmarkBuilder, error)

func (*GCPAuth) Target added in v0.2.0

func (g *GCPAuth) Target(client *api.Client) vegeta.Target

type GCPAuthConfig added in v0.2.0

type GCPAuthConfig struct {
	Credentials    string `hcl:"credentials"`
	IAMAlias       string `hcl:"iam_alias,optional"`
	IAMMetadata    string `hcl:"iam_metadata,optional"`
	GCEAlias       string `hcl:"gce_alias,optional"`
	GCEMetadata    string `hcl:"gce_metadata,optional"`
	CustomEndpoint string `hcl:"custom_endpoint,optional"`
}

type GCPAuthTestConfig added in v0.2.0

type GCPAuthTestConfig struct {
	GCPAuthConfig     *GCPAuthConfig     `hcl:"auth,block"`
	GCPTestRoleConfig *GCPTestRoleConfig `hcl:"role,block"`
}

type GCPImpersonate added in v0.2.0

type GCPImpersonate struct {
	Name                string   `hcl:"name,optional"`
	ServiceAccountEmail string   `hcl:"service_account_email,optional"`
	TTL                 string   `hcl:"ttl,optional"`
	TokenScopes         []string `hcl:"token_scopes,optional"`
}

type GCPImpersonationSecretTestConfig added in v0.2.0

type GCPImpersonationSecretTestConfig struct {
	GCPConfig      *GCPSecretConfig `hcl:"gcp,block"`
	GCPImpersonate *GCPImpersonate  `hcl:"impersonate,block"`
}

type GCPImpersonationTest added in v0.2.0

type GCPImpersonationTest struct {
	// contains filtered or unexported fields
}

func (*GCPImpersonationTest) Cleanup added in v0.2.0

func (g *GCPImpersonationTest) Cleanup(client *api.Client) error

func (*GCPImpersonationTest) Flags added in v0.2.0

func (a *GCPImpersonationTest) Flags(fs *flag.FlagSet)

func (*GCPImpersonationTest) GetTargetInfo added in v0.2.0

func (g *GCPImpersonationTest) GetTargetInfo() TargetInfo

func (*GCPImpersonationTest) ParseConfig added in v0.2.0

func (g *GCPImpersonationTest) ParseConfig(body hcl.Body) error

func (*GCPImpersonationTest) Setup added in v0.2.0

func (g *GCPImpersonationTest) Setup(client *api.Client, mountName string, topLevelConfig *TopLevelTargetConfig) (BenchmarkBuilder, error)

func (*GCPImpersonationTest) Target added in v0.2.0

func (g *GCPImpersonationTest) Target(client *api.Client) vegeta.Target

type GCPSecretConfig added in v0.2.0

type GCPSecretConfig struct {
	Credentials string `hcl:"credentials,optional"`
	TTL         string `hcl:"ttl,optional"`
	MaxTTL      string `hcl:"max_ttl,optional"`
}

type GCPSecretRoleset added in v0.2.0

type GCPSecretRoleset struct {
	Name        string   `hcl:"name,optional"`
	SecretType  string   `hcl:"secret_type,optional"`
	Project     string   `hcl:"project"`
	Bindings    string   `hcl:"bindings,optional"`
	TokenScopes []string `hcl:"token_scopes,optional"`
}

type GCPSecretTestConfig added in v0.2.0

type GCPSecretTestConfig struct {
	GCPConfig  *GCPSecretConfig  `hcl:"gcp,block"`
	GCPRoleset *GCPSecretRoleset `hcl:"roleset,block"`
}

type GCPTest added in v0.2.0

type GCPTest struct {
	// contains filtered or unexported fields
}

func (*GCPTest) Cleanup added in v0.2.0

func (g *GCPTest) Cleanup(client *api.Client) error

func (*GCPTest) Flags added in v0.2.0

func (g *GCPTest) Flags(fs *flag.FlagSet)

func (*GCPTest) GetTargetInfo added in v0.2.0

func (g *GCPTest) GetTargetInfo() TargetInfo

func (*GCPTest) ParseConfig added in v0.2.0

func (g *GCPTest) ParseConfig(body hcl.Body) error

func (*GCPTest) Setup added in v0.2.0

func (g *GCPTest) Setup(client *api.Client, mountName string, topLevelConfig *TopLevelTargetConfig) (BenchmarkBuilder, error)

func (*GCPTest) Target added in v0.2.0

func (g *GCPTest) Target(client *api.Client) vegeta.Target

type GCPTestRoleConfig added in v0.2.0

type GCPTestRoleConfig struct {
	Name                 string   `hcl:"name"`
	Type                 string   `hcl:"type"`
	AddGroupAliases      bool     `hcl:"add_group_aliases,optional"`
	AllowGCEInference    bool     `hcl:"allow_gce_inference,optional"`
	BoundServiceAccounts []string `hcl:"bound_service_accounts,optional"`
	BoundProjects        []string `hcl:"bound_projects,optional"`
	BoundZones           []string `hcl:"bound_zones,optional"`
	BoundRegions         []string `hcl:"bound_regions,optional"`
	BoundInstanceGroups  []string `hcl:"bound_instance_groups,optional"`
	BoundLabels          []string `hcl:"bound_labels,optional"`
	MaxJWTExp            string   `hcl:"max_jwt_exp,optional"`
	TokenBoundCIDRs      []string `hcl:"token_bound_cidrs,optional"`
	TokenExplicitMaxTTL  string   `hcl:"token_explicit_max_ttl,optional"`
	TokenMaxTTL          string   `hcl:"token_max_ttl,optional"`
	TokenNoDefaultPolicy bool     `hcl:"token_no_default_policy,optional"`
	TokenNumUses         int      `hcl:"token_num_uses,optional"`
	TokenPolicies        []string `hcl:"token_policies,optional"`
	TokenPeriod          string   `hcl:"token_period,optional"`
	TokenTTL             string   `hcl:"token_ttl,optional"`
	TokenType            string   `hcl:"token_type,optional"`
}

type GitHubAuth added in v0.2.0

type GitHubAuth struct {
	// contains filtered or unexported fields
}

func (*GitHubAuth) Cleanup added in v0.2.0

func (g *GitHubAuth) Cleanup(client *api.Client) error

func (*GitHubAuth) Flags added in v0.2.0

func (g *GitHubAuth) Flags(fs *flag.FlagSet)

Func Flags accepts a flag set to assign additional flags defined in the function

func (*GitHubAuth) GetTargetInfo added in v0.2.0

func (g *GitHubAuth) GetTargetInfo() TargetInfo

func (*GitHubAuth) ParseConfig added in v0.2.0

func (g *GitHubAuth) ParseConfig(body hcl.Body) error

func (*GitHubAuth) Setup added in v0.2.0

func (g *GitHubAuth) Setup(client *api.Client, mountName string, topLevelConfig *TopLevelTargetConfig) (BenchmarkBuilder, error)

func (*GitHubAuth) Target added in v0.2.0

func (g *GitHubAuth) Target(client *api.Client) vegeta.Target

type GitHubAuthConfig added in v0.2.0

type GitHubAuthConfig struct {
	Organization         string `hcl:"organization"`
	OrganizationID       string `hcl:"organization_id,optional"`
	BaseURL              string `hcl:"base_url,optional"`
	TokenTTL             string `hcl:"token_ttl,optional"`
	TokenMaxTTL          string `hcl:"token_max_ttl,optional"`
	TokenPolicies        string `hcl:"token_policies,optional"`
	Policies             string `hcl:"policies,optional"`
	TokenBoundCIDRs      string `hcl:"token_bound_cidrs,optional"`
	TokenExplicitMaxTTL  string `hcl:"token_explicit_max_ttl,optional"`
	TokenNoDefaultPolicy bool   `hcl:"token_no_default_policy,optional"`
	TokenNumUses         string `hcl:"token_num_uses,optional"`
	TokenPeriod          string `hcl:"token_period,optional"`
	TokenType            string `hcl:"token_type,optional"`
}

type GitHubAuthTestConfig added in v0.2.0

type GitHubAuthTestConfig struct {
	GitHubAuthConfig     *GitHubAuthConfig     `hcl:"auth,block"`
	GitHubTestUserConfig *GitHubTestUserConfig `hcl:"test_user,block"`
}

type GitHubTestUserConfig added in v0.2.0

type GitHubTestUserConfig struct {
	Token string `hcl:"token,optional"`
}

type JWTAuth

type JWTAuth struct {
	// contains filtered or unexported fields
}

JWT Auth Test Struct

func (*JWTAuth) Cleanup

func (j *JWTAuth) Cleanup(client *api.Client) error

func (*JWTAuth) Flags

func (j *JWTAuth) Flags(fs *flag.FlagSet)

func (*JWTAuth) GetTargetInfo

func (j *JWTAuth) GetTargetInfo() TargetInfo

func (*JWTAuth) ParseConfig

func (j *JWTAuth) ParseConfig(body hcl.Body) error

ParseConfig parses the passed in hcl.Body into Configuration structs for use during test configuration in Vault. Any default configuration definitions for required parameters will be set here.

func (*JWTAuth) Setup

func (j *JWTAuth) Setup(client *api.Client, mountName string, topLevelConfig *TopLevelTargetConfig) (BenchmarkBuilder, error)

func (*JWTAuth) Target

func (j *JWTAuth) Target(client *api.Client) vegeta.Target

type JWTAuthConfig

type JWTAuthConfig struct {
	OIDCDiscoveryUrl     string   `hcl:"oidc_discovery_url,optional"`
	OIDCDiscoveryCaPEM   string   `hcl:"oidc_discovery_ca_pem,optional"`
	OIDCClientId         string   `hcl:"oidc_client_id,optional"`
	OIDCClientSecret     string   `hcl:"oidc_client_secret,optional"`
	OIDCResponseMode     string   `hcl:"oidc_response_mode,optional"`
	OIDCResponseTypes    []string `hcl:"oidc_response_types,optional"`
	JWKSUrl              string   `hcl:"jwks_url,optional"`
	JWKSCaPEM            string   `hcl:"jwks_ca_pem,optional"`
	JWTValidationPubKeys []string `hcl:"jwt_validation_pubkeys,optional"`
	BoundIssuer          string   `hcl:"bound_issuer,optional"`
	JWTSupportedAlgs     []string `hcl:"jwt_supported_algs,optional"`
	DefaultRole          string   `hcl:"default_role,optional"`
	ProviderConfig       string   `hcl:"provider_config,optional"`
	NamespaceInState     *bool    `hcl:"namespace_in_state,optional"`
}

JWT Auth Config

type JWTAuthTestConfig

type JWTAuthTestConfig struct {
	JWTAuthConfig *JWTAuthConfig `hcl:"auth,block"`
	JWTRoleConfig *JWTRoleConfig `hcl:"role,block"`
}

Main Config Struct

type JWTRoleConfig

type JWTRoleConfig struct {
	Name                 string                 `hcl:"name,optional"`
	RoleType             string                 `hcl:"role_type,optional"`
	BoundAudiences       []string               `hcl:"bound_audiences,optional"`
	UserClaim            string                 `hcl:"user_claim,optional"`
	UserClaimJSONPointer string                 `hcl:"user_claim_json_pointer,optional"`
	ClockSkewLeeway      int                    `hcl:"clock_skew_leeway,optional"`
	ExpirationLeeway     int                    `hcl:"expiration_leeway,optional"`
	NotBeforeLeeway      int                    `hcl:"not_before_leeway,optional"`
	BoundSubject         string                 `hcl:"bound_subject,optional"`
	BoundClaims          map[string]interface{} `hcl:"bound_claims,optional"`
	BoundClaimsType      string                 `hcl:"bound_claims_type,optional"`
	GroupsClaim          string                 `hcl:"groups_claim,optional"`
	ClaimMappings        map[string]string      `hcl:"claim_mappings,optional"`
	OIDCScopes           []string               `hcl:"oidc_scopes,optional"`
	AllowedRedirectUris  []string               `hcl:"allowed_redirect_uris,optional"`
	VerboseOIDCLogging   bool                   `hcl:"verbose_oidc_logging,optional"`
	MaxAge               int                    `hcl:"max_age,optional"`
	TokenTTL             string                 `hcl:"token_ttl,optional"`
	TokenMaxTTL          string                 `hcl:"token_max_ttl,optional"`
	TokenPolicies        []string               `hcl:"token_policies,optional"`
	Policies             []string               `hcl:"policies,optional"`
	TokenBoundCidrs      []string               `hcl:"token_bound_cidrs,optional"`
	TokenExplicitMaxTTL  string                 `hcl:"token_explicit_max_ttl,optional"`
	TokenNoDefaultPolicy bool                   `hcl:"token_no_default_policy,optional"`
	TokenNumUses         int                    `hcl:"token_num_uses,optional"`
	TokenPeriod          string                 `hcl:"token_period,optional"`
	TokenType            string                 `hcl:"token_type,optional"`
}

JWT Role Config

type KVV1SecretTestConfig added in v0.2.0

type KVV1SecretTestConfig struct {
	KVSize int `hcl:"kvsize,optional"`
	NumKVs int `hcl:"numkvs,optional"`
}

type KVV1Test

type KVV1Test struct {
	// contains filtered or unexported fields
}

func (*KVV1Test) Cleanup

func (k *KVV1Test) Cleanup(client *api.Client) error

func (*KVV1Test) Flags

func (k *KVV1Test) Flags(fs *flag.FlagSet)

func (*KVV1Test) GetTargetInfo

func (k *KVV1Test) GetTargetInfo() TargetInfo

func (*KVV1Test) ParseConfig

func (k *KVV1Test) ParseConfig(body hcl.Body) error

func (*KVV1Test) Setup

func (k *KVV1Test) Setup(client *api.Client, mountName string, topLevelConfig *TopLevelTargetConfig) (BenchmarkBuilder, error)

func (*KVV1Test) Target

func (k *KVV1Test) Target(client *api.Client) vegeta.Target

type KVV2SecretTestConfig added in v0.2.0

type KVV2SecretTestConfig struct {
	KVSize int `hcl:"kvsize,optional"`
	NumKVs int `hcl:"numkvs,optional"`
}

type KVV2Test

type KVV2Test struct {
	// contains filtered or unexported fields
}

func (*KVV2Test) Cleanup

func (k *KVV2Test) Cleanup(client *api.Client) error

func (*KVV2Test) Flags

func (k *KVV2Test) Flags(fs *flag.FlagSet)

func (*KVV2Test) GetTargetInfo

func (k *KVV2Test) GetTargetInfo() TargetInfo

func (*KVV2Test) ParseConfig

func (k *KVV2Test) ParseConfig(body hcl.Body) error

func (*KVV2Test) Setup

func (k *KVV2Test) Setup(client *api.Client, mountName string, topLevelConfig *TopLevelTargetConfig) (BenchmarkBuilder, error)

func (*KVV2Test) Target

func (k *KVV2Test) Target(client *api.Client) vegeta.Target

type KubeAuth

type KubeAuth struct {
	// contains filtered or unexported fields
}

func (*KubeAuth) Cleanup

func (k *KubeAuth) Cleanup(client *api.Client) error

func (*KubeAuth) Flags

func (k *KubeAuth) Flags(fs *flag.FlagSet)

Func Flags accepts a flag set to assign additional flags defined in the function

func (*KubeAuth) GetTargetInfo

func (k *KubeAuth) GetTargetInfo() TargetInfo

func (*KubeAuth) ParseConfig

func (k *KubeAuth) ParseConfig(body hcl.Body) error

func (*KubeAuth) Setup

func (k *KubeAuth) Setup(client *api.Client, mountName string, topLevelConfig *TopLevelTargetConfig) (BenchmarkBuilder, error)

func (*KubeAuth) Target

func (k *KubeAuth) Target(client *api.Client) vegeta.Target

type KubeAuthConfig

type KubeAuthConfig struct {
	KubernetesHost    string   `hcl:"kubernetes_host"`
	KubernetesCACert  string   `hcl:"kubernetes_ca_cert,optional"`
	TokenReviewerJWT  string   `hcl:"token_reviewer_jwt,optional"`
	PEMKeys           []string `hcl:"pem_keys,optional"`
	DisableLocalCAJWT bool     `hcl:"disable_local_ca_jwt,optional"`

	// Deprecated Parameters (Including for older versions of Vault)
	DisableISSValidation bool   `hcl:"disable_iss_validation,optional"`
	Issuer               string `hcl:"issuer,optional"`
}

type KubeAuthTestConfig

type KubeAuthTestConfig struct {
	KubeAuthConfig     *KubeAuthConfig     `hcl:"auth,block"`
	KubeTestRoleConfig *KubeTestRoleConfig `hcl:"role,block"`
}

type KubeTestRoleConfig

type KubeTestRoleConfig struct {
	Name                          string   `hcl:"name"`
	BoundServiceAccountNames      []string `hcl:"bound_service_account_names"`
	BoundServiceAccountNamespaces []string `hcl:"bound_service_account_namespaces"`
	Audience                      string   `hcl:"audience,optional"`
	AliasNameSource               string   `hcl:"alias_name_source,optional"`
	TokenTTL                      string   `hcl:"token_ttl,optional"`
	TokenMaxTTL                   string   `hcl:"token_max_ttl,optional"`
	TokenPolicies                 []string `hcl:"token_policies,optional"`
	TokenBoundCIDRs               []string `hcl:"token_bound_cidrs,optional"`
	TokenExplicitMaxTTL           string   `hcl:"token_explicit_max_ttl,optional"`
	TokenNoDefaultPolicy          bool     `hcl:"token_no_default_policy,optional"`
	TokenNumUses                  int      `hcl:"token_num_uses,optional"`
	TokenPeriod                   string   `hcl:"token_period,optional"`
	TokenType                     string   `hcl:"token_type,optional"`
}

type LDAPAuth

type LDAPAuth struct {
	// contains filtered or unexported fields
}

func (*LDAPAuth) Cleanup

func (l *LDAPAuth) Cleanup(client *api.Client) error

func (*LDAPAuth) Flags

func (l *LDAPAuth) Flags(fs *flag.FlagSet)

Func Flags accepts a flag set to assign additional flags defined in the function

func (*LDAPAuth) GetTargetInfo

func (l *LDAPAuth) GetTargetInfo() TargetInfo

func (*LDAPAuth) ParseConfig

func (l *LDAPAuth) ParseConfig(body hcl.Body) error

func (*LDAPAuth) Setup

func (l *LDAPAuth) Setup(client *api.Client, mountName string, topLevelConfig *TopLevelTargetConfig) (BenchmarkBuilder, error)

func (*LDAPAuth) Target

func (l *LDAPAuth) Target(client *api.Client) vegeta.Target

type LDAPAuthConfig

type LDAPAuthConfig struct {
	URL                  string   `hcl:"url"`
	CaseSensitiveNames   bool     `hcl:"case_sensitive_names,optional"`
	RequestTimeout       int      `hcl:"request_timeout,optional"`
	StartTLS             bool     `hcl:"starttls,optional"`
	TLSMinVersion        string   `hcl:"tls_min_version,optional"`
	TLSMaxVersion        string   `hcl:"tls_max_version,optional"`
	InsecureTLS          bool     `hcl:"insecure_tls,optional"`
	Certificate          string   `hcl:"certificate,optional"`
	ClientTLSCert        string   `hcl:"client_tls_cert,optional"`
	ClientTLSKey         string   `hcl:"client_tls_key,optional"`
	BindDN               string   `hcl:"binddn,optional"`
	BindPass             string   `hcl:"bindpass,optional"`
	UserDN               string   `hcl:"userdn,optional"`
	UserAttr             string   `hcl:"userattr,optional"`
	DiscoverDN           string   `hcl:"discoverdn,optional"`
	DenyNullBind         *bool    `hcl:"deny_null_bind,optional"`
	UPNDomain            string   `hcl:"upndomain,optional"`
	UserFilter           string   `hcl:"userfilter,optional"`
	AnonymousGroupSearch bool     `hcl:"anonymous_group_search,optional"`
	GroupFilter          string   `hcl:"groupfilter,optional"`
	GroupDN              string   `hcl:"groupdn,optional"`
	GroupAttr            string   `hcl:"groupattr,optional"`
	UsernameAsAlias      bool     `hcl:"username_as_alias,optional"`
	TokenTTL             int      `hcl:"token_ttl,optional"`
	TokenMaxTTL          int      `hcl:"token_max_ttl,optional"`
	TokenPolicies        []string `hcl:"token_policies,optional"`
	TokenBoundCIDRs      []string `hcl:"token_bound_cidrs,optional"`
	TokenExplicitMaxTTL  int      `hcl:"token_explicit_max_ttl,optional"`
	TokenNoDefaultPolicy bool     `hcl:"token_no_default_policy,optional"`
	TokenNumUses         int      `hcl:"token_num_uses,optional"`
	TokenPeriod          string   `hcl:"token_period,optional"`
	TokenType            string   `hcl:"token_type,optional"`
	MaxPageSize          string   `hcl:"max_page_size,optional"`
}

type LDAPAuthTestConfig

type LDAPAuthTestConfig struct {
	LDAPAuthConfig     *LDAPAuthConfig     `hcl:"auth,block"`
	LDAPTestUserConfig *LDAPTestUserConfig `hcl:"test_user,block"`
}

type LDAPDynamicConfig added in v0.2.0

type LDAPDynamicConfig struct {
	BindDN            string `hcl:"binddn"`
	BindPass          string `hcl:"bindpass,optional"`
	URL               string `hcl:"url,optional"`
	PasswordPolicy    string `hcl:"password_policy,optional"`
	Schema            string `hcl:"schema,optional"`
	UserDN            string `hcl:"userdn,optional"`
	UserAttr          string `hcl:"userattr,optional"`
	UPNDomain         string `hcl:"upndomain,optional"`
	ConnectionTimeout int    `hcl:"connection_timeout,optional"`
	RequestTimeout    int    `hcl:"request_timeout,optional"`
	StartTLS          bool   `hcl:"starttls,optional"`
	InsecureTLS       bool   `hcl:"insecure_tls,optional"`
	Certificate       string `hcl:"certificate,optional"`
	ClientTLSCert     string `hcl:"client_tls_cert,optional"`
	ClientTLSKey      string `hcl:"client_tls_key,optional"`
}

type LDAPDynamicRoleConfig added in v0.2.0

type LDAPDynamicRoleConfig struct {
	RoleName         string `hcl:"role_name,optional"`
	CreationLDIF     string `hcl:"creation_ldif"`
	DeletionLDIF     string `hcl:"deletion_ldif"`
	RollbackLDIF     string `hcl:"rollback_ldif,optional"`
	UsernameTemplate string `hcl:"username_template,optional"`
	DefaultTTL       int    `hcl:"default_ttl,optional"`
	MaxTTL           int    `hcl:"max_ttl,optional"`
}

type LDAPDynamicSecretTest added in v0.2.0

type LDAPDynamicSecretTest struct {
	// contains filtered or unexported fields
}

func (*LDAPDynamicSecretTest) Cleanup added in v0.2.0

func (r *LDAPDynamicSecretTest) Cleanup(client *api.Client) error

func (*LDAPDynamicSecretTest) Flags added in v0.2.0

func (m *LDAPDynamicSecretTest) Flags(fs *flag.FlagSet)

func (*LDAPDynamicSecretTest) GetTargetInfo added in v0.2.0

func (r *LDAPDynamicSecretTest) GetTargetInfo() TargetInfo

func (*LDAPDynamicSecretTest) ParseConfig added in v0.2.0

func (r *LDAPDynamicSecretTest) ParseConfig(body hcl.Body) error

func (*LDAPDynamicSecretTest) Setup added in v0.2.0

func (r *LDAPDynamicSecretTest) Setup(client *api.Client, mountName string, topLevelConfig *TopLevelTargetConfig) (BenchmarkBuilder, error)

func (*LDAPDynamicSecretTest) Target added in v0.2.0

func (r *LDAPDynamicSecretTest) Target(client *api.Client) vegeta.Target

type LDAPDynamicSecretTestConfig added in v0.2.0

type LDAPDynamicSecretTestConfig struct {
	LDAPDynamicConfig     *LDAPDynamicConfig     `hcl:"secret,block"`
	LDAPDynamicRoleConfig *LDAPDynamicRoleConfig `hcl:"role,block"`
}

Main Config Struct

type LDAPStaticConfig added in v0.2.0

type LDAPStaticConfig struct {
	BindDN            string `hcl:"binddn"`
	BindPass          string `hcl:"bindpass,optional"`
	URL               string `hcl:"url,optional"`
	PasswordPolicy    string `hcl:"password_policy,optional"`
	Schema            string `hcl:"schema,optional"`
	UserDN            string `hcl:"userdn,optional"`
	UserAttr          string `hcl:"userattr,optional"`
	UPNDomain         string `hcl:"upndomain,optional"`
	ConnectionTimeout int    `hcl:"connection_timeout,optional"`
	RequestTimeout    int    `hcl:"request_timeout,optional"`
	StartTLS          bool   `hcl:"starttls,optional"`
	InsecureTLS       bool   `hcl:"insecure_tls,optional"`
	Certificate       string `hcl:"certificate,optional"`
	ClientTLSCert     string `hcl:"client_tls_cert,optional"`
	ClientTLSKey      string `hcl:"client_tls_key,optional"`
}

type LDAPStaticRoleConfig added in v0.2.0

type LDAPStaticRoleConfig struct {
	Username       string `hcl:"username"`
	DN             string `hcl:"dn,optional"`
	RotationPeriod string `hcl:"rotation_period"`
}

type LDAPStaticSecretTest added in v0.2.0

type LDAPStaticSecretTest struct {
	// contains filtered or unexported fields
}

func (*LDAPStaticSecretTest) Cleanup added in v0.2.0

func (r *LDAPStaticSecretTest) Cleanup(client *api.Client) error

func (*LDAPStaticSecretTest) Flags added in v0.2.0

func (m *LDAPStaticSecretTest) Flags(fs *flag.FlagSet)

func (*LDAPStaticSecretTest) GetTargetInfo added in v0.2.0

func (r *LDAPStaticSecretTest) GetTargetInfo() TargetInfo

func (*LDAPStaticSecretTest) ParseConfig added in v0.2.0

func (r *LDAPStaticSecretTest) ParseConfig(body hcl.Body) error

func (*LDAPStaticSecretTest) Setup added in v0.2.0

func (r *LDAPStaticSecretTest) Setup(client *api.Client, mountName string, topLevelConfig *TopLevelTargetConfig) (BenchmarkBuilder, error)

func (*LDAPStaticSecretTest) Target added in v0.2.0

func (r *LDAPStaticSecretTest) Target(client *api.Client) vegeta.Target

type LDAPStaticSecretTestConfig added in v0.2.0

type LDAPStaticSecretTestConfig struct {
	LDAPStaticConfig     *LDAPStaticConfig     `hcl:"secret,block"`
	LDAPStaticRoleConfig *LDAPStaticRoleConfig `hcl:"role,block"`
}

Main Config Struct

type LDAPTestUserConfig

type LDAPTestUserConfig struct {
	Username string `hcl:"username,optional"`
	Password string `hcl:"password,optional"`
}

type MSSQLDBConfig

type MSSQLDBConfig struct {
	Name                   string   `hcl:"name,optional"`
	PluginName             string   `hcl:"plugin_name,optional"`
	PluginVersion          string   `hcl:"plugin_version,optional"`
	VerifyConnection       *bool    `hcl:"verify_connection,optional"`
	AllowedRoles           []string `hcl:"allowed_roles,optional"`
	RootRotationStatements []string `hcl:"root_rotation_statements,optional"`
	PasswordPolicy         string   `hcl:"password_policy,optional"`
	ConnectionURL          string   `hcl:"connection_url"`
	Username               string   `hcl:"username,optional"`
	Password               string   `hcl:"password,optional"`
	DisableEscaping        bool     `hcl:"disable_escaping,optional"`
	MaxOpenConnections     int      `hcl:"max_open_connections,optional"`
	MaxIdleConnections     int      `hcl:"max_idle_connections,optional"`
	MaxConnectionLifetime  string   `hcl:"max_connection_lifetime,optional"`
	UsernameTemplate       string   `hcl:"username_template,optional"`
	ContainedDB            bool     `hcl:"contained_db,optional"`
}

MSSQL DB Config

type MSSQLRoleConfig

type MSSQLRoleConfig struct {
	Name                 string `hcl:"name,optional"`
	DBName               string `hcl:"db_name,optional"`
	DefaultTTL           string `hcl:"default_ttl,optional"`
	MaxTTL               string `hcl:"max_ttl,optional"`
	CreationStatements   string `hcl:"creation_statements"`
	RevocationStatements string `hcl:"revocation_statements,optional"`
}

MSSQL Role Config

type MSSQLSecret

type MSSQLSecret struct {
	// contains filtered or unexported fields
}

Postgres Secret Test Struct

func (*MSSQLSecret) Cleanup

func (m *MSSQLSecret) Cleanup(client *api.Client) error

func (*MSSQLSecret) Flags

func (m *MSSQLSecret) Flags(fs *flag.FlagSet)

func (*MSSQLSecret) GetTargetInfo

func (m *MSSQLSecret) GetTargetInfo() TargetInfo

func (*MSSQLSecret) ParseConfig

func (m *MSSQLSecret) ParseConfig(body hcl.Body) error

ParseConfig parses the passed in hcl.Body into Configuration structs for use during test configuration in Vault. Any default configuration definitions for required parameters will be set here.

func (*MSSQLSecret) Setup

func (m *MSSQLSecret) Setup(client *api.Client, mountName string, topLevelConfig *TopLevelTargetConfig) (BenchmarkBuilder, error)

func (*MSSQLSecret) Target

func (m *MSSQLSecret) Target(client *api.Client) vegeta.Target

type MSSQLSecretTestConfig

type MSSQLSecretTestConfig struct {
	MSSQLDBConfig   *MSSQLDBConfig   `hcl:"db_connection,block"`
	MSSQLRoleConfig *MSSQLRoleConfig `hcl:"role,block"`
}

Main Config Struct

type MongoDBAtlasConfig added in v0.3.0

type MongoDBAtlasConfig struct {
	Name             string   `hcl:"name,optional"`
	PluginName       string   `hcl:"plugin_name,optional"`
	PluginVersion    string   `hcl:"plugin_version,optional"`
	VerifyConnection *bool    `hcl:"verify_connection"`
	AllowedRoles     []string `hcl:"allowed_roles,optional"`
	PublicKey        string   `hcl:"public_key,optional"`
	PrivateKey       string   `hcl:"private_key,optional"`
	ProjectID        string   `hcl:"project_id,optional"`
	UsernameTemplate string   `hcl:"username_template,optional"`
}

type MongoDBAtlasRoleConfig added in v0.3.0

type MongoDBAtlasRoleConfig struct {
	Name               string `hcl:"name,optional"`
	DBName             string `hcl:"db_name,optional"`
	DefaultTTL         string `hcl:"default_ttl,optional"`
	MaxTTL             string `hcl:"max_ttl,optional"`
	CreationStatements string `hcl:"creation_statements,optional"`
}

type MongoDBAtlasSecretTestConfig added in v0.3.0

type MongoDBAtlasSecretTestConfig struct {
	MongoDBAtlasConfig     *MongoDBAtlasConfig     `hcl:"db_connection,block"`
	MongoDBAtlasRoleConfig *MongoDBAtlasRoleConfig `hcl:"role,block"`
}

type MongoDBAtlasTest added in v0.3.0

type MongoDBAtlasTest struct {
	// contains filtered or unexported fields
}

func (*MongoDBAtlasTest) Cleanup added in v0.3.0

func (m *MongoDBAtlasTest) Cleanup(client *api.Client) error

func (*MongoDBAtlasTest) Flags added in v0.3.0

func (m *MongoDBAtlasTest) Flags(fs *flag.FlagSet)

func (*MongoDBAtlasTest) GetTargetInfo added in v0.3.0

func (m *MongoDBAtlasTest) GetTargetInfo() TargetInfo

func (*MongoDBAtlasTest) ParseConfig added in v0.3.0

func (m *MongoDBAtlasTest) ParseConfig(body hcl.Body) error

func (*MongoDBAtlasTest) Setup added in v0.3.0

func (m *MongoDBAtlasTest) Setup(client *api.Client, mountName string, topLevelConfig *TopLevelTargetConfig) (BenchmarkBuilder, error)

func (*MongoDBAtlasTest) Target added in v0.3.0

func (m *MongoDBAtlasTest) Target(client *api.Client) vegeta.Target

type MongoDBConfig

type MongoDBConfig struct {
	Name              string   `hcl:"name,optional"`
	PluginName        string   `hcl:"plugin_name,optional"`
	PluginVersion     string   `hcl:"plugin_version,optional"`
	VerifyConnection  *bool    `hcl:"verify_connection"`
	AllowedRoles      []string `hcl:"allowed_roles,optional"`
	ConnectionURL     string   `hcl:"connection_url"`
	WriteConcern      string   `hcl:"write_concern,optional"`
	Username          string   `hcl:"username,optional"`
	Password          string   `hcl:"password,optional"`
	TLSCertificateKey string   `hcl:"tls_certificate_key,optional"`
	TLSCA             string   `hcl:"tls_ca,optional"`
	UsernameTemplate  string   `hcl:"username_template,optional"`
}

type MongoDBRoleConfig

type MongoDBRoleConfig struct {
	Name                 string `hcl:"name,optional"`
	DBName               string `hcl:"db_name,optional"`
	DefaultTTL           string `hcl:"default_ttl,optional"`
	MaxTTL               string `hcl:"max_ttl,optional"`
	CreationStatements   string `hcl:"creation_statements,optional"`
	RevocationStatements string `hcl:"revocation_statements,optional"`
}

type MongoDBSecretTestConfig

type MongoDBSecretTestConfig struct {
	MongoDBConfig     *MongoDBConfig     `hcl:"db_connection,block"`
	MongoDBRoleConfig *MongoDBRoleConfig `hcl:"role,block"`
}

type MongoDBTest

type MongoDBTest struct {
	// contains filtered or unexported fields
}

func (*MongoDBTest) Cleanup

func (m *MongoDBTest) Cleanup(client *api.Client) error

func (*MongoDBTest) Flags

func (m *MongoDBTest) Flags(fs *flag.FlagSet)

func (*MongoDBTest) GetTargetInfo

func (m *MongoDBTest) GetTargetInfo() TargetInfo

func (*MongoDBTest) ParseConfig

func (m *MongoDBTest) ParseConfig(body hcl.Body) error

func (*MongoDBTest) Setup

func (m *MongoDBTest) Setup(client *api.Client, mountName string, topLevelConfig *TopLevelTargetConfig) (BenchmarkBuilder, error)

func (*MongoDBTest) Target

func (m *MongoDBTest) Target(client *api.Client) vegeta.Target

type MySQLDBConfig added in v0.2.0

type MySQLDBConfig struct {
	Name                   string   `hcl:"name,optional"`
	PluginName             string   `hcl:"plugin_name,optional"`
	PluginVersion          string   `hcl:"plugin_version,optional"`
	VerifyConnection       *bool    `hcl:"verify_connection,optional"`
	AllowedRoles           []string `hcl:"allowed_roles,optional"`
	RootRotationStatements []string `hcl:"root_rotation_statements,optional"`
	PasswordPolicy         string   `hcl:"password_policy,optional"`
	ConnectionURL          string   `hcl:"connection_url"`
	Username               string   `hcl:"username,optional"`
	Password               string   `hcl:"password,optional"`
	DisableEscaping        bool     `hcl:"disable_escaping,optional"`
	MaxOpenConnections     int      `hcl:"max_open_connections,optional"`
	MaxIdleConnections     int      `hcl:"max_idle_connections,optional"`
	MaxConnectionLifetime  string   `hcl:"max_connection_lifetime,optional"`
	UsernameTemplate       string   `hcl:"username_template,optional"`
	TLSCertificateKey      string   `hcl:"tls_certificate_key,optional"`
	TLSCACertificate       string   `hcl:"tls_ca_certificate,optional"`
	TLSServerName          string   `hcl:"tls_server_name,optional"`
	TLSSkipVerify          bool     `hcl:"tls_skip_verify,optional"`
}

MySQL DB Config

type MySQLRoleConfig added in v0.2.0

type MySQLRoleConfig struct {
	Name                 string `hcl:"name,optional"`
	DBName               string `hcl:"db_name,optional"`
	DefaultTTL           string `hcl:"default_ttl,optional"`
	MaxTTL               string `hcl:"max_ttl,optional"`
	CreationStatements   string `hcl:"creation_statements"`
	RevocationStatements string `hcl:"revocation_statements,optional"`
}

MySQL Role Config

type MySQLSecret added in v0.2.0

type MySQLSecret struct {
	// contains filtered or unexported fields
}

Postgres Secret Test Struct

func (*MySQLSecret) Cleanup added in v0.2.0

func (m *MySQLSecret) Cleanup(client *api.Client) error

func (*MySQLSecret) Flags added in v0.2.0

func (m *MySQLSecret) Flags(fs *flag.FlagSet)

func (*MySQLSecret) GetTargetInfo added in v0.2.0

func (m *MySQLSecret) GetTargetInfo() TargetInfo

func (*MySQLSecret) ParseConfig added in v0.2.0

func (m *MySQLSecret) ParseConfig(body hcl.Body) error

ParseConfig parses the passed in hcl.Body into Configuration structs for use during test configuration in Vault. Any default configuration definitions for required parameters will be set here.

func (*MySQLSecret) Setup added in v0.2.0

func (m *MySQLSecret) Setup(client *api.Client, mountName string, topLevelConfig *TopLevelTargetConfig) (BenchmarkBuilder, error)

func (*MySQLSecret) Target added in v0.2.0

func (m *MySQLSecret) Target(client *api.Client) vegeta.Target

type MySQLSecretTestConfig added in v0.2.0

type MySQLSecretTestConfig struct {
	MySQLDBConfig   *MySQLDBConfig   `hcl:"db_connection,block"`
	MySQLRoleConfig *MySQLRoleConfig `hcl:"role,block"`
}

Main Config Struct

type NomadConfig added in v0.2.0

type NomadConfig struct {
	Address            string `hcl:"address"`
	Token              string `hcl:"token,optional"`
	MaxTokenNameLength int    `hcl:"max_token_name_length,optional"`
	CaCert             string `hcl:"ca_cert,optional"`
	ClientCert         string `hcl:"client_cert,optional"`
	ClientKey          string `hcl:"client_key,optional"`
}

type NomadRoleConfig added in v0.2.0

type NomadRoleConfig struct {
	Name     string   `hcl:"name,optional"`
	Policies []string `hcl:"policies,optional"`
	Global   bool     `hcl:"global,optional"`
	Type     string   `hcl:"type,optional"`
}

type NomadSecretTestConfig added in v0.2.0

type NomadSecretTestConfig struct {
	NomadConfig     *NomadConfig     `hcl:"nomad,block"`
	NomadRoleConfig *NomadRoleConfig `hcl:"role,block"`
}

type NomadTest added in v0.2.0

type NomadTest struct {
	// contains filtered or unexported fields
}

func (*NomadTest) Cleanup added in v0.2.0

func (c *NomadTest) Cleanup(client *api.Client) error

func (*NomadTest) Flags added in v0.2.0

func (c *NomadTest) Flags(fs *flag.FlagSet)

func (*NomadTest) GetTargetInfo added in v0.2.0

func (c *NomadTest) GetTargetInfo() TargetInfo

func (*NomadTest) ParseConfig added in v0.2.0

func (c *NomadTest) ParseConfig(body hcl.Body) error

func (*NomadTest) Setup added in v0.2.0

func (c *NomadTest) Setup(client *api.Client, mountName string, topLevelConfig *TopLevelTargetConfig) (BenchmarkBuilder, error)

func (*NomadTest) Target added in v0.2.0

func (c *NomadTest) Target(client *api.Client) vegeta.Target

type PKIIssueCertConfig

type PKIIssueCertConfig struct {
	Name              string `hcl:"name,optional"`
	CommonName        string `hcl:"common_name,optional"`
	AltNames          string `hcl:"alt_names,optional"`
	IPSANS            string `hcl:"ip_sans,optional"`
	URISANS           string `hcl:"uri_sans,optional"`
	OtherSANS         string `hcli:"other_sans,optional"`
	TTL               string `hcl:"ttl,optional"`
	Format            string `hcl:"format,optional"`
	PrivateKeyFormat  string `hcl:"private_key_format,optional"`
	ExcludeCNFromSANS bool   `hcl:"exclude_cn_from_sans,optional"`
	NotAfter          string `hcl:"not_after,optional"`
	UserIDs           string `hcl:"user_ids,optional"`
}

PKIIssueCertConfig is the configuration for the cert to be issued

/pki/issue/:name

type PKIIssueIntCAConfig

type PKIIssueIntCAConfig struct {
	CSR                 string `hcl:"csr,optional"`
	CommonName          string `hcl:"common_name,optional"`
	AltNames            string `hcl:"alt_names,optional"`
	IPSANS              string `hcl:"ip_sans,optional"`
	URISANS             string `hcl:"uri_sans,optional"`
	OtherSANS           string `hcl:"other_sans,optional"`
	TTL                 string `hcl:"ttl,optional"`
	Format              string `hcl:"format,optional"`
	MaxPathLength       int    `hcl:"max_path_length,optional"`
	UseCSRValues        bool   `hcl:"use_csr_values,optional"`
	PermittedDNSDomains string `hcl:"permitted_dns_domains,optional"`
	OU                  string `hcl:"ou,optional"`
	Organization        string `hcl:"organization,optional"`
	Country             string `hcl:"country,optional"`
	Locality            string `hcl:"locality,optional"`
	Province            string `hcl:"province,optional"`
	StreetAddress       string `hcl:"street_address,optional"`
	PostalCode          string `hcl:"postal_code,optional"`
	SerialNumber        string `hcl:"serial_number,optional"`
	NotBeforeDuration   string `hcl:"not_before_duration,optional"`
	NotAfter            string `hcl:"not_after,optional"`
	SignatureBits       int    `hcl:"signature_bits,optional"`
	SKID                string `hcl:"skid,optional"`
	UsePSS              bool   `hcl:"use_pss,optional"`
}

PKIIssueIntCAConfig is the configuration for the signing operation of the intermediate CA CSR.

/pki/root/sign-intermediate

type PKIIssueIntCSRConfig

type PKIIssueIntCSRConfig struct {
	Type                string `hcl:"type,optional"`
	CommonName          string `hcl:"common_name,optional"`
	AltNames            string `hcl:"alt_names,optional"`
	IPSANS              string `hcl:"ip_sans,optional"`
	URISANS             string `hcl:"uri_sans,optional"`
	OtherSANS           string `hcl:"other_sans,optional"`
	Format              string `hcl:"format,optional"`
	PrivateKeyFormat    string `hcl:"private_key_format,optional"`
	KeyType             string `hcl:"key_type,optional"`
	KeyBits             int    `hcl:"key_bits,optional"`
	KeyName             string `hcl:"key_name,optional"`
	KeyRef              string `hcl:"key_ref,optional"`
	SignatureBits       int    `hcl:"signature_bits,optional"`
	ExcludeCNFromSANS   bool   `hcl:"exclude_cn_from_sans,optional"`
	OU                  string `hcl:"ou,optional"`
	Organization        string `hcl:"organization,optional"`
	Country             string `hcl:"country,optional"`
	Locality            string `hcl:"locality,optional"`
	Province            string `hcl:"province,optional"`
	StreetAddress       string `hcl:"street_address,optional"`
	PostalCode          string `hcl:"postal_code,optional"`
	SerialNumber        string `hcl:"serial_number,optional"`
	AddBasicConstraints bool   `hcl:"add_basic_constraints,optional"`
	ManagedKeyName      string `hcl:"managed_key_name,optional"`
	ManagedKeyID        string `hcl:"managed_key_id,optional"`
}

PKIIssueIntConfig is the configuratio for the intermediate CSR to be generated for the test

/pki/intermediate/generate/:type

type PKIIssueRoleConfig

type PKIIssueRoleConfig struct {
	Name                         string   `hcl:"name,optional"`
	TTL                          string   `hcl:"ttl,optional"`
	MaxTTL                       string   `hcl:"max_ttl,optional"`
	AllowLocalhost               *bool    `hcl:"allow_localhost,optional"`
	AllowedDomains               []string `hcl:"allowed_domains,optional"`
	AllowedDomainsTemplate       bool     `hcl:"allowed_domain_template,optional"`
	AllowBareDomains             bool     `hcl:"allow_bare_domains,optional"`
	AllowSubdomains              bool     `hcl:"allow_subdomains,optional"`
	AllowGlobDomains             bool     `hcl:"allow_glob_domains,optional"`
	AllowWildcardCertificates    *bool    `hcl:"allow_wildcard_certificates,optional"`
	AllowAnyName                 bool     `hcl:"allow_any_name,optional"`
	EnforceHostnames             *bool    `hcl:"enforce_hostnames,optional"`
	AllowIPSANS                  *bool    `hcl:"allow_ip_sans,optional"`
	AllowedURISANS               string   `hcl:"allowed_uri_sans,optional"`
	AllowedURISANSTemplate       bool     `hcl:"allowed_uri_sans_template,optional"`
	AllowedOtherSANS             string   `hcl:"allowed_other_sans,optional"`
	AllowedSerialNumbers         string   `hcl:"allowed_serial_numbers,optional"`
	ServerFlag                   *bool    `hcl:"server_flag,optional"`
	ClientFlag                   *bool    `hcl:"client_flag,optional"`
	CodeSigningFlag              bool     `hcl:"code_signing_flag,optional"`
	EmailProtectionFlag          bool     `hcl:"email_protection_flag,optional"`
	KeyType                      string   `hcl:"key_type,optional"`
	KeyBits                      int      `hcl:"key_bits,optional"`
	SignatureBits                int      `hcl:"signature_bits,optional"`
	UsePSS                       bool     `hcl:"use_pss,optional"`
	KeyUsage                     []string `hcl:"key_usage,optional"`
	ExtKeyUsage                  []string `hcl:"ext_key_usage,optional"`
	ExtKeyUsageOIDS              string   `hcl:"ext_key_usage_oids,optional"`
	UseCSRCommonName             *bool    `hcl:"use_csr_common_name,optional"`
	UseCSRSANS                   *bool    `hcl:"use_csr_sans,optional"`
	OU                           string   `hcl:"ou,optional"`
	Organization                 string   `hcl:"organization,optional"`
	Country                      string   `hcl:"country,optional"`
	Locality                     string   `hcl:"locality,optional"`
	Province                     string   `hcl:"province,optional"`
	StreetAddress                string   `hcl:"street_address,optional"`
	PostalCode                   string   `hcl:"postal_code,optional"`
	GenerateLease                bool     `hcl:"generate_lease,optional"`
	NoStore                      bool     `hcl:"no_store,optional"`
	RequireCN                    *bool    `hcl:"require_cn,optional"`
	PolicyIdentifiers            []string `hcl:"policy_identifiers,optional"`
	BasicConstrainsValidForNonCA bool     `hcl:"basic_constraints_valid_for_non_ca,optional"`
	NotBeforeDuration            string   `hcl:"not_before_duration,optional"`
	NotAfter                     string   `hcl:"not_after,optional"`
	CNValidations                []string `hcl:"cn_validations,optional"`
	AllowedUserIDs               string   `hcl:"allowed_user_ids,optional"`
}

PKI Role config defining how the issued cert should be configured

/pki/roles/:name

type PKIIssueRootConfig

type PKIIssueRootConfig struct {
	Type                string `hcl:"type,optional"`
	IssuerName          string `hcl:"issuer_name,optional"`
	KeyName             string `hcl:"key_name,optional"`
	KeyRef              string `hcl:"key_ref,optional"`
	CommonName          string `hcl:"common_name,optional"`
	AltNames            string `hcl:"alt_names,optional"`
	IPSANS              string `hcl:"ip_sans,optional"`
	URISANS             string `hcl:"uri_sans,optional"`
	OtherSANS           string `hcl:"other_sans,optional"`
	TTL                 string `hcl:"ttl,optional"`
	Format              string `hcl:"format,optional"`
	PrivateKeyFormat    string `hcl:"private_key_format,optional"`
	KeyType             string `hcl:"key_type,optional"`
	KeyBits             int    `hcl:"key_bits,optional"`
	MaxPathLength       int    `hcl:"max_path_length,optional"`
	ExcludeCNFromSANS   bool   `hcl:"exclude_cn_from_sans,optional"`
	PermittedDNSDomains string `hcl:"permitted_dns_domains,optional"`
	OU                  string `hcl:"ou,optional"`
	Organization        string `hcl:"organization,optional"`
	Country             string `hcl:"country,optional"`
	Locality            string `hcl:"locality,optional"`
	Province            string `hcl:"province,optional"`
	StreetAddress       string `hcl:"street_address,optional"`
	PostalCode          string `hcl:"postal_code,optional"`
	SerialNumber        string `hcl:"serial_number,optional"`
	NotBeforeDuration   string `hcl:"not_before_duration,optional"`
	NotAfter            string `hcl:"not_after,optional"`
	ManagedKeyName      string `hcl:"managed_key_name,optional"`
	ManagedKeyID        string `hcl:"managed_key_id,optional"`
}

PKIIssueCAConfig is the configuration for the root CA cert to be generated for the test

/pki/root/generate/:type

type PKIIssueTest

type PKIIssueTest struct {
	// contains filtered or unexported fields
}

func (*PKIIssueTest) Cleanup

func (p *PKIIssueTest) Cleanup(client *api.Client) error

func (*PKIIssueTest) Flags

func (p *PKIIssueTest) Flags(fs *flag.FlagSet)

func (*PKIIssueTest) GetTargetInfo

func (p *PKIIssueTest) GetTargetInfo() TargetInfo

func (*PKIIssueTest) ParseConfig

func (p *PKIIssueTest) ParseConfig(body hcl.Body) error

func (*PKIIssueTest) Setup

func (p *PKIIssueTest) Setup(client *api.Client, mountName string, topLevelConfig *TopLevelTargetConfig) (BenchmarkBuilder, error)

func (*PKIIssueTest) Target

func (p *PKIIssueTest) Target(client *api.Client) vegeta.Target

type PKISecretIssueTestConfig

type PKISecretIssueTestConfig struct {
	SetupDelay            string                `hcl:"setup_delay,optional"`
	RootCAConfig          *PKIIssueRootConfig   `hcl:"root_ca,block"`
	IntermediateCSRConfig *PKIIssueIntCSRConfig `hcl:"intermediate_csr,block"`
	IntermediateCAConfig  *PKIIssueIntCAConfig  `hcl:"intermediate_ca,block"`
	RoleConfig            *PKIIssueRoleConfig   `hcl:"role,block"`
	IssueConfig           *PKIIssueCertConfig   `hcl:"issue,block"`
}

type PKISignTest

type PKISignTest struct {
	// contains filtered or unexported fields
}

func (*PKISignTest) Cleanup

func (p *PKISignTest) Cleanup(client *api.Client) error

func (*PKISignTest) Flags

func (p *PKISignTest) Flags(fs *flag.FlagSet)

func (*PKISignTest) GetTargetInfo

func (p *PKISignTest) GetTargetInfo() TargetInfo

func (*PKISignTest) ParseConfig

func (p *PKISignTest) ParseConfig(body hcl.Body) error

func (*PKISignTest) Setup

func (p *PKISignTest) Setup(client *api.Client, mountName string, topLevelConfig *TopLevelTargetConfig) (BenchmarkBuilder, error)

func (*PKISignTest) Target

func (p *PKISignTest) Target(client *api.Client) vegeta.Target

type PostgreSQLDBConfig

type PostgreSQLDBConfig struct {
	Name                   string   `hcl:"name,optional"`
	PluginName             string   `hcl:"plugin_name,optional"`
	PluginVersion          string   `hcl:"plugin_version,optional"`
	VerifyConnection       *bool    `hcl:"verify_connection,optional"`
	AllowedRoles           []string `hcl:"allowed_roles,optional"`
	RootRotationStatements []string `hcl:"root_rotation_statements,optional"`
	PasswordPolicy         string   `hcl:"password_policy,optional"`
	ConnectionURL          string   `hcl:"connection_url"`
	MaxOpenConnections     int      `hcl:"max_open_connections,optional"`
	MaxIdleConnections     int      `hcl:"max_idle_connections,optional"`
	MaxConnectionLifetime  string   `hcl:"max_connection_lifetime,optional"`
	Username               string   `hcl:"username,optional"`
	Password               string   `hcl:"password,optional"`
	UsernameTemplate       string   `hcl:"username_template,optional"`
	DisableEscaping        bool     `hcl:"disable_escaping,optional"`
}

PostgreSQL DB Config

type PostgreSQLRoleConfig

type PostgreSQLRoleConfig struct {
	Name                 string `hcl:"name,optional"`
	DBName               string `hcl:"db_name,optional"`
	DefaultTTL           string `hcl:"default_ttl,optional"`
	MaxTTL               string `hcl:"max_ttl,optional"`
	CreationStatements   string `hcl:"creation_statements"`
	RevocationStatements string `hcl:"revocation_statements,optional"`
	RollbackStatements   string `hcl:"rollback_statements,optional"`
	RenewStatements      string `hcl:"renew_statements,optional"`
	RotationStatements   string `hcl:"rotation_statements,optional"`
}

PostgreSQL Role Config

type PostgreSQLSecret

type PostgreSQLSecret struct {
	// contains filtered or unexported fields
}

Postgres Secret Test Struct

func (*PostgreSQLSecret) Cleanup

func (s *PostgreSQLSecret) Cleanup(client *api.Client) error

func (*PostgreSQLSecret) Flags

func (l *PostgreSQLSecret) Flags(fs *flag.FlagSet)

func (*PostgreSQLSecret) GetTargetInfo

func (s *PostgreSQLSecret) GetTargetInfo() TargetInfo

func (*PostgreSQLSecret) ParseConfig

func (s *PostgreSQLSecret) ParseConfig(body hcl.Body) error

ParseConfig parses the passed in hcl.Body into Configuration structs for use during test configuration in Vault. Any default configuration definitions for required parameters will be set here.

func (*PostgreSQLSecret) Setup

func (s *PostgreSQLSecret) Setup(client *api.Client, mountName string, topLevelConfig *TopLevelTargetConfig) (BenchmarkBuilder, error)

func (*PostgreSQLSecret) Target

func (s *PostgreSQLSecret) Target(client *api.Client) vegeta.Target

type PostgreSQLSecretTestConfig

type PostgreSQLSecretTestConfig struct {
	PostgreSQLDBConfig   *PostgreSQLDBConfig   `hcl:"db_connection,block"`
	PostgreSQLRoleConfig *PostgreSQLRoleConfig `hcl:"role,block"`
}

Main Config Struct

type RabbitMQConnectionConfig

type RabbitMQConnectionConfig struct {
	ConnectionURI    string `hcl:"connection_uri"`
	Username         string `hcl:"username,optional"`
	Password         string `hcl:"password,optional"`
	VerifyConnection *bool  `hcl:"verify_connection,optional"`
	PasswordPolicy   string `hcl:"password_policy,optional"`
	UsernameTemplate string `hcl:"username_template,optional"`
}

type RabbitMQRoleConfig

type RabbitMQRoleConfig struct {
	Name        string `hcl:"name,optional"`
	Tags        string `hcl:"tags,optional"`
	Vhosts      string `hcl:"vhosts"`
	VhostTopics string `hcl:"vhost_topics,optional"`
}

type RabbitMQSecretTestConfig

type RabbitMQSecretTestConfig struct {
	RabbitMQConnectionConfig *RabbitMQConnectionConfig `hcl:"connection,block"`
	RabbitMQRoleConfig       *RabbitMQRoleConfig       `hcl:"role,block"`
}

Main Config Struct

type RabbitMQTest

type RabbitMQTest struct {
	// contains filtered or unexported fields
}

func (*RabbitMQTest) Cleanup

func (r *RabbitMQTest) Cleanup(client *api.Client) error

func (*RabbitMQTest) Flags

func (m *RabbitMQTest) Flags(fs *flag.FlagSet)

func (*RabbitMQTest) GetTargetInfo

func (r *RabbitMQTest) GetTargetInfo() TargetInfo

func (*RabbitMQTest) ParseConfig

func (r *RabbitMQTest) ParseConfig(body hcl.Body) error

func (*RabbitMQTest) Setup

func (r *RabbitMQTest) Setup(client *api.Client, mountName string, topLevelConfig *TopLevelTargetConfig) (BenchmarkBuilder, error)

func (*RabbitMQTest) Target

func (r *RabbitMQTest) Target(client *api.Client) vegeta.Target

type RedisDBConfig

type RedisDBConfig struct {
	// Common
	Name             string   `hcl:"name,optional"`
	PluginName       string   `hcl:"plugin_name,optional"`
	PluginVersion    string   `hcl:"plugin_version,optional"`
	VerifyConnection *bool    `hcl:"verify_connection,optional"`
	AllowedRoles     []string `hcl:"allowed_roles,optional"`
	CACert           string   `hcl:"ca_cert,optional"`

	// Redis specific
	Host           string `hcl:"host"`
	Port           int    `hcl:"port"`
	Username       string `hcl:"username,optional"`
	Password       string `hcl:"password,optional"`
	PasswordPolicy string `hcl:"password_policy,optional"`
	TLS            bool   `hcl:"tls,optional"`
	InsecureTLS    bool   `hcl:"insecure_tls,optional"`
}

Redis DB Config

type RedisDynamicRoleConfig

type RedisDynamicRoleConfig struct {
	Name               string `hcl:"name,optional"`
	DBName             string `hcl:"db_name,optional"`
	DefaultTTL         string `hcl:"default_ttl,optional"`
	MaxTTL             string `hcl:"max_ttl,optional"`
	CreationStatements string `hcl:"creation_statements"`
}

type RedisDynamicSecret

type RedisDynamicSecret struct {
	// contains filtered or unexported fields
}

func (*RedisDynamicSecret) Cleanup

func (r *RedisDynamicSecret) Cleanup(client *api.Client) error

func (*RedisDynamicSecret) Flags

func (r *RedisDynamicSecret) Flags(fs *flag.FlagSet)

func (*RedisDynamicSecret) GetTargetInfo

func (r *RedisDynamicSecret) GetTargetInfo() TargetInfo

func (*RedisDynamicSecret) ParseConfig

func (r *RedisDynamicSecret) ParseConfig(body hcl.Body) error

ParseConfig parses the passed in hcl.Body into Configuration structs for use during test configuration in Vault. Any default configuration definitions for required parameters will be set here.

func (*RedisDynamicSecret) Setup

func (r *RedisDynamicSecret) Setup(client *api.Client, mountName string, topLevelConfig *TopLevelTargetConfig) (BenchmarkBuilder, error)

func (*RedisDynamicSecret) Target

func (r *RedisDynamicSecret) Target(client *api.Client) vegeta.Target

type RedisDynamicSecretTestConfig

type RedisDynamicSecretTestConfig struct {
	DBConfig   *RedisDBConfig          `hcl:"db_connection,block"`
	RoleConfig *RedisDynamicRoleConfig `hcl:"role,block"`
}

type RedisStaticRoleConfig

type RedisStaticRoleConfig struct {
	Name           string `hcl:"name,optional"`
	DBName         string `hcl:"db_name,optional"`
	RotationPeriod string `hcl:"rotation_period,optional"`
	Username       string `hcl:"username"`
	InsecureTLS    bool   `hcl:"insecure_tls,optional"`
}

type RedisStaticSecret

type RedisStaticSecret struct {
	// contains filtered or unexported fields
}

func (*RedisStaticSecret) Cleanup

func (r *RedisStaticSecret) Cleanup(client *api.Client) error

func (*RedisStaticSecret) Flags

func (r *RedisStaticSecret) Flags(fs *flag.FlagSet)

func (*RedisStaticSecret) GetTargetInfo

func (r *RedisStaticSecret) GetTargetInfo() TargetInfo

func (*RedisStaticSecret) ParseConfig

func (r *RedisStaticSecret) ParseConfig(body hcl.Body) error

ParseConfig parses the passed in hcl.Body into Configuration structs for use during test configuration in Vault. Any default configuration definitions for required parameters will be set here.

func (*RedisStaticSecret) Setup

func (r *RedisStaticSecret) Setup(client *api.Client, mountName string, topLevelConfig *TopLevelTargetConfig) (BenchmarkBuilder, error)

func (*RedisStaticSecret) Target

func (r *RedisStaticSecret) Target(client *api.Client) vegeta.Target

type RedisStaticSecretTestConfig

type RedisStaticSecretTestConfig struct {
	DBConfig   *RedisDBConfig         `hcl:"db_connection,block"`
	RoleConfig *RedisStaticRoleConfig `hcl:"role,block"`
}

type Reporter

type Reporter struct {
	// contains filtered or unexported fields
}

func Attack

func Attack(tm *TargetMulti, client *api.Client, duration time.Duration, rps int, workers int) (*Reporter, error)

func FromReader

func FromReader(r io.Reader) (*Reporter, error)

func (*Reporter) Add

func (r *Reporter) Add(result *vegeta.Result)

func (*Reporter) Close

func (r *Reporter) Close()

func (*Reporter) ReportJSON

func (r *Reporter) ReportJSON(w io.Writer) error

func (*Reporter) ReportTerse

func (r *Reporter) ReportTerse(w io.Writer) error

func (*Reporter) ReportVerbose

func (r *Reporter) ReportVerbose(w io.Writer) error

type RoleConfig

type RoleConfig struct {
	Name                 string   `hcl:"role_name,optional"`
	BindSecretID         *bool    `hcl:"bind_secret_id,optional"`
	SecretIDBoundCIDRS   []string `hcl:"secret_id_bound_cidrs,optional"`
	SecredIDNumUses      int      `hcl:"secret_id_num_uses,optional"`
	SecretIDTTL          string   `hcl:"secret_id_ttl,optional"`
	LocalSecretIDs       bool     `hcl:"local_secret_ids,optional"`
	TokenTTL             string   `hcl:"token_ttl,optional"`
	TokenMaxTTL          string   `hcl:"token_max_ttl,optional"`
	TokenPolicies        []string `hcl:"token_policies,optional"`
	Policies             []string `hcl:"policies,optional"`
	TokenBoundCIDRs      []string `hcl:"token_bound_cidrs,optional"`
	TokenExplicitMaxTTL  string   `hcl:"token_explicit_max_ttl,optional"`
	TokenNoDefaultPolicy bool     `hcl:"token_no_default_policy,optional"`
	TokenNumUses         int      `hcl:"token_num_uses,optional"`
	TokenPeriod          string   `hcl:"token_period,optional"`
	TokenType            string   `hcl:"token_type,optional"`
}

AppRole Role Config

type SSHCAConfig

type SSHCAConfig struct {
	PrivateKey         string `hcl:"private_key,optional"`
	PublicKey          string `hcl:"public_key,optional"`
	GenerateSigningKey *bool  `hcl:"generate_signing_key,optional"`
	KeyType            string `hcl:"key_type,optional"`
	KeyBits            int    `hcl:"key_bits,optional"`
}

type SSHIssueTest

type SSHIssueTest struct {
	// contains filtered or unexported fields
}

func (*SSHIssueTest) Cleanup

func (s *SSHIssueTest) Cleanup(client *api.Client) error

func (*SSHIssueTest) Flags

func (s *SSHIssueTest) Flags(fs *flag.FlagSet)

func (*SSHIssueTest) GetTargetInfo

func (s *SSHIssueTest) GetTargetInfo() TargetInfo

func (*SSHIssueTest) ParseConfig

func (s *SSHIssueTest) ParseConfig(body hcl.Body) error

func (*SSHIssueTest) Setup

func (s *SSHIssueTest) Setup(client *api.Client, mountName string, topLevelConfig *TopLevelTargetConfig) (BenchmarkBuilder, error)

func (*SSHIssueTest) Target

func (s *SSHIssueTest) Target(client *api.Client) vegeta.Target

type SSHIssueTestConfig

type SSHIssueTestConfig struct {
	CAConfig         *SSHCAConfig         `hcl:"ca,block"`
	RoleConfig       *SSHRoleConfig       `hcl:"role,block"`
	IssuedCertConfig *SSHIssuedCertConfig `hcl:"issued_cert,block"`
}

type SSHIssuedCertConfig

type SSHIssuedCertConfig struct {
	Name            string                 `hcl:"name,optional"`
	KeyType         string                 `hcl:"key_type,optional"`
	KeyBits         int                    `hcl:"key_bits,optional"`
	TTL             string                 `hcl:"ttl,optional"`
	ValidPrincipals string                 `hcl:"valid_principals,optional"`
	CertType        string                 `hcl:"cert_type,optional"`
	KeyID           string                 `hcl:"key_id,optional"`
	CriticalOptions map[string]interface{} `hcl:"critical_options,optional"`
	Extensions      map[string]interface{} `hcl:"extensions,optional"`
}

type SSHKeySignCAConfig

type SSHKeySignCAConfig struct {
	PrivateKey         string `hcl:"private_key,optional"`
	PublicKey          string `hcl:"public_key,optional"`
	GenerateSigningKey *bool  `hcl:"generate_signing_key,optional"`
	KeyType            string `hcl:"key_type,optional"`
	KeyBits            int    `hcl:"key_bits,optional"`
}

type SSHKeySignRoleConfig

type SSHKeySignRoleConfig struct {
	// Vault >= 1.13.x
	AllowedDomainsTemplate bool `hcl:"allowed_domains_template,optional"`

	// Vault <= 1.12.x
	Key            string   `hcl:"key,optional"`
	AdminUser      string   `hcl:"admin_user,optional"`
	KeyBits        int      `hcl:"key_bits,optional"`
	InstallScript  string   `hcl:"install_script,optional"`
	KeyOptionSpecs []string `hcl:"key_option_specs,optional"`

	// Common
	Name                   string                 `hcl:"name,optional"`
	DefaultUser            string                 `hcl:"default_user,optional"`
	DefaultUserTemplate    bool                   `hcl:"default_user_template,optional"`
	CIDRList               []string               `hcl:"cidr_list,optional"`
	ExcludeCIDRList        []string               `hcl:"exclude_cidr_list,optional"`
	Port                   int                    `hcl:"port,optional"`
	KeyType                string                 `hcl:"key_type,optional"`
	AllowedUsers           []string               `hcl:"allowed_users,optional"`
	AllowedUsersTemplate   bool                   `hcl:"allowed_users_template,optional"`
	AllowedDomains         []string               `hcl:"allowed_domains,optional"`
	TTL                    string                 `hcl:"ttl,optional"`
	MaxTTL                 string                 `hcl:"max_ttl,optional"`
	AllowedCriticalOptions []string               `hcl:"allowed_critical_options,optional"`
	AllowedExtensions      []string               `hcl:"allowed_extensions,optional"`
	DefaultCriticalOptions map[string]string      `hcl:"default_critical_options,optional"`
	DefaultExtensions      map[string]string      `hcl:"default_extensions,optional"`
	AllowUserCertificates  bool                   `hcl:"allow_user_certificates,optional"`
	AllowHostCertificates  bool                   `hcl:"allow_host_certificates,optional"`
	AllowBareDomains       bool                   `hcl:"allow_bare_domains,optional"`
	AllowSubdomains        bool                   `hcl:"allow_subdomains,optional"`
	AllowUserKeyIDs        bool                   `hcl:"allow_user_key_ids,optional"`
	KeyIDFormat            string                 `hcl:"key_id_format,optional"`
	AllowedUserKeyLengths  map[string]interface{} `hcl:"allowed_user_key_lengths,optional"`
	AlgorithmSigner        string                 `hcl:"algorithm_signer,optional"`
	NotBeforeDuration      string                 `hcl:"not_before_duration,optional"`
}

type SSHKeySignTest

type SSHKeySignTest struct {
	// contains filtered or unexported fields
}

func (*SSHKeySignTest) Cleanup

func (s *SSHKeySignTest) Cleanup(client *api.Client) error

func (*SSHKeySignTest) Flags

func (s *SSHKeySignTest) Flags(fs *flag.FlagSet)

func (*SSHKeySignTest) GetTargetInfo

func (s *SSHKeySignTest) GetTargetInfo() TargetInfo

func (*SSHKeySignTest) ParseConfig

func (s *SSHKeySignTest) ParseConfig(body hcl.Body) error

func (*SSHKeySignTest) Setup

func (s *SSHKeySignTest) Setup(client *api.Client, mountName string, topLevelConfig *TopLevelTargetConfig) (BenchmarkBuilder, error)

func (*SSHKeySignTest) Target

func (s *SSHKeySignTest) Target(client *api.Client) vegeta.Target

type SSHKeySignTestConfig

type SSHKeySignTestConfig struct {
	CAConfig         *SSHKeySignCAConfig   `hcl:"ca,block"`
	RoleConfig       *SSHKeySignRoleConfig `hcl:"role,block"`
	KeySigningConfig *SSHKeySigningConfig  `hcl:"key_signing,block"`
}

type SSHKeySigningConfig

type SSHKeySigningConfig struct {
	PublicKey       *string                `hcl:"public_key,optional"`
	TTL             string                 `hcl:"ttl,optional"`
	ValidPrincipals string                 `hcl:"valid_principals,optional"`
	CertType        string                 `hcl:"cert_type,optional"`
	KeyID           string                 `hcl:"key_id,optional"`
	CriticalOptions map[string]interface{} `hcl:"critical_options,optional"`
	Extensions      map[string]interface{} `hcl:"extensions,optional"`
}

type SSHRoleConfig

type SSHRoleConfig struct {
	// Vault >= 1.13.x
	AllowedDomainsTemplate bool `hcl:"allowed_domains_template,optional"`

	// Vault <= 1.12.x
	Key            string   `hcl:"key,optional"`
	AdminUser      string   `hcl:"admin_user,optional"`
	KeyBits        int      `hcl:"key_bits,optional"`
	InstallScript  string   `hcl:"install_script,optional"`
	KeyOptionSpecs []string `hcl:"key_option_specs,optional"`

	// Common
	Name                   string                 `hcl:"name,optional"`
	DefaultUser            string                 `hcl:"default_user,optional"`
	DefaultUserTemplate    bool                   `hcl:"default_user_template,optional"`
	CIDRList               []string               `hcl:"cidr_list,optional"`
	ExcludeCIDRList        []string               `hcl:"exclude_cidr_list,optional"`
	Port                   int                    `hcl:"port,optional"`
	KeyType                string                 `hcl:"key_type,optional"`
	AllowedUsers           []string               `hcl:"allowed_users,optional"`
	AllowedUsersTemplate   bool                   `hcl:"allowed_users_template,optional"`
	AllowedDomains         []string               `hcl:"allowed_domains,optional"`
	TTL                    string                 `hcl:"ttl,optional"`
	MaxTTL                 string                 `hcl:"max_ttl,optional"`
	AllowedCriticalOptions []string               `hcl:"allowed_critical_options,optional"`
	AllowedExtensions      []string               `hcl:"allowed_extensions,optional"`
	DefaultCriticalOptions map[string]string      `hcl:"default_critical_options,optional"`
	DefaultExtensions      map[string]string      `hcl:"default_extensions,optional"`
	AllowUserCertificates  bool                   `hcl:"allow_user_certificates,optional"`
	AllowHostCertificates  bool                   `hcl:"allow_host_certificates,optional"`
	AllowBareDomains       bool                   `hcl:"allow_bare_domains,optional"`
	AllowSubdomains        bool                   `hcl:"allow_subdomains,optional"`
	AllowUserKeyIDs        bool                   `hcl:"allow_user_key_ids,optional"`
	KeyIDFormat            string                 `hcl:"key_id_format,optional"`
	AllowedUserKeyLengths  map[string]interface{} `hcl:"allowed_user_key_lengths,optional"`
	AlgorithmSigner        string                 `hcl:"algorithm_signer,optional"`
	NotBeforeDuration      string                 `hcl:"not_before_duration,optional"`
}

type SecretIDConfig

type SecretIDConfig struct {
	Metadata        string   `hcl:"metadata,optional"`
	CIDRList        []string `hcl:"cidr_list,optional"`
	NumUses         int      `hcl:"num_uses,optional"`
	TTL             string   `hcl:"ttl,optional"`
	TokenBoundCIDRs []string `hcl:"token_bound_cidrs,optional"`
}

AppRole SecretID Config

type StatusCheck

type StatusCheck struct {
	// contains filtered or unexported fields
}

func (*StatusCheck) Cleanup

func (s *StatusCheck) Cleanup(client *api.Client) error

Cleanup is a no-op for this test

func (*StatusCheck) Flags

func (s *StatusCheck) Flags(fs *flag.FlagSet)

func (*StatusCheck) GetTargetInfo

func (s *StatusCheck) GetTargetInfo() TargetInfo

func (*StatusCheck) ParseConfig

func (s *StatusCheck) ParseConfig(body hcl.Body) error

func (*StatusCheck) Setup

func (s *StatusCheck) Setup(client *api.Client, mountName string, topLevelConfig *TopLevelTargetConfig) (BenchmarkBuilder, error)

func (*StatusCheck) Target

func (s *StatusCheck) Target(client *api.Client) vegeta.Target

type SyncAWSTest added in v0.3.0

type SyncAWSTest struct {
	// contains filtered or unexported fields
}

func (*SyncAWSTest) Cleanup added in v0.3.0

func (t *SyncAWSTest) Cleanup(client *api.Client) error

func (*SyncAWSTest) Flags added in v0.3.0

func (t *SyncAWSTest) Flags(_ *flag.FlagSet)

func (*SyncAWSTest) GetTargetInfo added in v0.3.0

func (t *SyncAWSTest) GetTargetInfo() TargetInfo

func (*SyncAWSTest) ParseConfig added in v0.3.0

func (t *SyncAWSTest) ParseConfig(body hcl.Body) error

func (*SyncAWSTest) Setup added in v0.3.0

func (t *SyncAWSTest) Setup(client *api.Client, mountName string, topLevelConfig *TopLevelTargetConfig) (BenchmarkBuilder, error)

func (*SyncAWSTest) Target added in v0.3.0

func (t *SyncAWSTest) Target(client *api.Client) vegeta.Target

type SyncAWSTestConfig added in v0.3.0

type SyncAWSTestConfig struct {
	NumAssociations   int               `hcl:"num_associations,optional"`
	DestinationType   string            `hcl:"destination_type"`
	DestinationName   string            `hcl:"destination_name,optional"`
	DestinationConfig map[string]string `hcl:"destination_config,optional"`
}

type TargetInfo

type TargetInfo struct {
	// contains filtered or unexported fields
}

type TargetMulti

type TargetMulti struct {
	// contains filtered or unexported fields
}

TargetMulti allows building a vegeta targetter that chooses between various operations randomly following a specified distribution.

func BuildTargets

func BuildTargets(client *api.Client, tests []*BenchmarkTarget, logger *hclog.Logger, config *TopLevelTargetConfig) (*TargetMulti, error)

func (TargetMulti) Cleanup

func (tm TargetMulti) Cleanup(client *api.Client) error

func (TargetMulti) DebugInfo

func (tm TargetMulti) DebugInfo(client *api.Client)

func (TargetMulti) Targeter

func (tm TargetMulti) Targeter(client *api.Client) (vegeta.Targeter, error)

type TopLevelTargetConfig added in v0.2.0

type TopLevelTargetConfig struct {
	Duration     time.Duration
	RandomMounts bool
}

Configuration that applies to all individual tests

type TransformInputConfig

type TransformInputConfig struct {
	Value          string        `hcl:"value,optional"`
	Transformation string        `hcl:"transformation,optional"`
	TTL            string        `hcl:"ttl,optional"`
	Metadata       string        `hcl:"metadata,optional"`
	Tweak          string        `hcl:"tweak,optional"`
	Reference      string        `hcl:"reference,optional"`
	BatchInput     []interface{} `hcl:"batch_input,optional"`
}

type TransformRoleConfig

type TransformRoleConfig struct {
	Name            string   `hcl:"name,optional"`
	Transformations []string `hcl:"transformations,optional"`
}

type TransformStoreConfig

type TransformStoreConfig struct {
	Name                     string   `hcl:"name"`
	Type                     string   `hcl:"type"`
	Driver                   string   `hcl:"driver"`
	ConnectionString         string   `hcl:"connection_string"`
	Username                 string   `hcl:"username"`
	Password                 string   `hcl:"password"`
	SupportedTransformations []string `hcl:"supported_transformations,optional"`
	Schema                   string   `hcl:"schema,optional"`
	MaxOpenConnections       int      `hcl:"max_open_connections,optional"`
	MaxIdleConnections       int      `hcl:"max_idle_connections,optional"`
	MaxConnectionLifetime    string   `hcl:"max_connection_lifetime,optional"`
}

type TransformStoreSchemaConfig

type TransformStoreSchemaConfig struct {
	Name               string `hcl:"name,optional"`
	Username           string `hcl:"username,optional"`
	Password           string `hcl:"password,optional"`
	TransformationType string `hcl:"transformation_type,optional"`
}

type TransformTokenizationConfig

type TransformTokenizationConfig struct {
	Name            string   `hcl:"name,optional"`
	MappingMode     string   `hcl:"mapping_mode,optional"`
	Convergent      bool     `hcl:"convergent,optional"`
	MaxTTL          string   `hcl:"max_ttl,optional"`
	AllowedRoles    []string `hcl:"allowed_roles,optional"`
	Stores          []string `hcl:"stores,optional"`
	DeletionAllowed bool     `hcl:"deletion_allowed,optional"`
}

type TransformTokenizationTest

type TransformTokenizationTest struct {
	// contains filtered or unexported fields
}

func (*TransformTokenizationTest) Cleanup

func (t *TransformTokenizationTest) Cleanup(client *api.Client) error

func (*TransformTokenizationTest) Flags

func (t *TransformTokenizationTest) Flags(fs *flag.FlagSet)

func (*TransformTokenizationTest) GetTargetInfo

func (t *TransformTokenizationTest) GetTargetInfo() TargetInfo

func (*TransformTokenizationTest) ParseConfig

func (t *TransformTokenizationTest) ParseConfig(body hcl.Body) error

func (*TransformTokenizationTest) Setup

func (t *TransformTokenizationTest) Setup(client *api.Client, mountName string, topLevelConfig *TopLevelTargetConfig) (BenchmarkBuilder, error)

func (*TransformTokenizationTest) Target

func (t *TransformTokenizationTest) Target(client *api.Client) vegeta.Target

type TransformTokenizationTestConfig

type TransformTokenizationTestConfig struct {
	StoreConfig        *TransformStoreConfig        `hcl:"store,block"`
	StoreSchemaConfig  *TransformStoreSchemaConfig  `hcl:"store_schema,block"`
	RoleConfig         *TransformRoleConfig         `hcl:"role,block"`
	TokenizationConfig *TransformTokenizationConfig `hcl:"tokenization,block"`
	InputConfig        *TransformInputConfig        `hcl:"input,block"`
}

type TransitConfigDecrypt

type TransitConfigDecrypt struct {
	Name                       string        `hcl:"name,optional"`
	Ciphertext                 string        `hcl:"ciphertext,optional"`
	AssociatedData             string        `hcl:"associated_data,optional"`
	Context                    string        `hcl:"context,optional"`
	Nonce                      string        `hcl:"nonce,optional"`
	Reference                  string        `hcl:"reference,optional"`
	BatchInput                 []interface{} `hcl:"batch_input,optional"`
	PartialFailureResponseCode int           `hcl:"partial_failure_response_code,optional"`
}

/transit/decrypt/:name

type TransitConfigEncrypt

type TransitConfigEncrypt struct {
	Name                       string        `hcl:"name,optional"`
	Plaintext                  string        `hcl:"plaintext,optional"`
	AssociatedData             string        `hcl:"associated_data,optional"`
	Context                    string        `hcl:"context,optional"`
	KeyVersion                 int           `hcl:"key_version,optional"`
	Nonce                      string        `hcl:"nonce,optional"`
	Reference                  string        `hcl:"reference,optional"`
	BatchInput                 []interface{} `hcl:"batch_input,optional"`
	Type                       string        `hcl:"type,optional"`
	ConvergentEncryption       bool          `hcl:"convergent_encryption,optional"`
	PartialFailureResponseCode int           `hcl:"partial_failure_response_code,optional"`
}

/transit/encrypt/:name

type TransitConfigKeys

type TransitConfigKeys struct {
	Name                 string `hcl:"name,optional"`
	ConvergentEncryption bool   `hcl:"convergent_encryption,optional"`
	Derived              bool   `hcl:"derived,optional"`
	Exportable           bool   `hcl:"exportable,optional"`
	AllowPlaintextBackup bool   `hcl:"allow_plaintext_backup,optional"`
	Type                 string `hcl:"type,optional"`
	KeySize              int    `hcl:"key_size,optional"`
	AutoRotatePeriod     string `hcl:"auto_rotate_period,optional"`
	ManagedKeyName       string `hcl:"managed_key_name,optional"`
	ManagedKeyID         string `hcl:"managed_key_id,optional"`
}

/transit/keys/:name

type TransitConfigSign

type TransitConfigSign struct {
	Name                string        `hcl:"name,optional"`
	KeyVersion          int           `hcl:"key_version,optional"`
	HashAlgorithm       string        `hcl:"hash_algorithm,optional"`
	Input               string        `hcl:"input,optional"`
	Reference           string        `hcl:"reference,optional"`
	BatchInput          []interface{} `hcl:"batch_input,optional"`
	Context             string        `hcl:"context,optional"`
	Prehashed           bool          `hcl:"prehashed,optional"`
	SignatureAlgorithm  string        `hcl:"signature_algorithm,optional"`
	MarshalingAlgorithm string        `hcl:"marshaling_algorithm,optional"`
	SaltLength          string        `hcl:"salt_length,optional"`
}

/transit/sign/:name

type TransitConfigVerify

type TransitConfigVerify struct {
	Name                string        `hcl:"name,optional"`
	HashAlgorithm       string        `hcl:"hash_algorithm,optional"`
	Input               string        `hcl:"input,optional"`
	Signature           string        `hcl:"signature,optional"`
	HMAC                string        `hcl:"hmac,optional"`
	Reference           string        `hcl:"reference,optional"`
	BatchInput          []interface{} `hcl:"batch_input,optional"`
	Context             string        `hcl:"context,optional"`
	Prehashed           bool          `hcl:"prehashed,optional"`
	SignatureAlgorithm  string        `hcl:"signature_algorithm,optional"`
	MarshalingAlgorithm string        `hcl:"marshaling_algorithm,optional"`
	SaltLength          string        `hcl:"salt_length,optional"`
}

/transit/verify/:name(/:hash_algorithm)

type TransitTest

type TransitTest struct {
	// contains filtered or unexported fields
}

func (*TransitTest) Cleanup

func (t *TransitTest) Cleanup(client *api.Client) error

func (*TransitTest) Flags

func (t *TransitTest) Flags(fs *flag.FlagSet)

func (*TransitTest) GetTargetInfo

func (t *TransitTest) GetTargetInfo() TargetInfo

func (*TransitTest) ParseConfig

func (t *TransitTest) ParseConfig(body hcl.Body) error

func (*TransitTest) Setup

func (t *TransitTest) Setup(client *api.Client, mountName string, topLevelConfig *TopLevelTargetConfig) (BenchmarkBuilder, error)

func (*TransitTest) Target

func (t *TransitTest) Target(client *api.Client) vegeta.Target

type TransitTestConfig

type TransitTestConfig struct {
	PayloadLen           int                   `hcl:"payload_len,optional"`
	ContextLen           int                   `hcl:"context_len,optional"`
	TransitConfigKeys    *TransitConfigKeys    `hcl:"keys,block"`
	TransitConfigSign    *TransitConfigSign    `hcl:"sign,block"`
	TransitConfigVerify  *TransitConfigVerify  `hcl:"verify,block"`
	TransitConfigEncrypt *TransitConfigEncrypt `hcl:"encrypt,block"`
	TransitConfigDecrypt *TransitConfigDecrypt `hcl:"decrypt,block"`
}

type UserpassAuth

type UserpassAuth struct {
	// contains filtered or unexported fields
}

func (*UserpassAuth) Cleanup

func (u *UserpassAuth) Cleanup(client *api.Client) error

func (*UserpassAuth) Flags

func (u *UserpassAuth) Flags(fs *flag.FlagSet)

func (*UserpassAuth) GetTargetInfo

func (u *UserpassAuth) GetTargetInfo() TargetInfo

func (*UserpassAuth) ParseConfig

func (u *UserpassAuth) ParseConfig(body hcl.Body) error

ParseConfig parses the passed in hcl.Body into Configuration structs for use during test configuration in Vault. Any default configuration definitions for required parameters will be set here.

func (*UserpassAuth) Setup

func (u *UserpassAuth) Setup(client *api.Client, mountName string, topLevelConfig *TopLevelTargetConfig) (BenchmarkBuilder, error)

func (*UserpassAuth) Target

func (u *UserpassAuth) Target(client *api.Client) vegeta.Target

type UserpassAuthConfig

type UserpassAuthConfig struct {
	Username             string   `hcl:"username,optional"`
	Password             string   `hcl:"password,optional"`
	TokenTTL             string   `hcl:"token_ttl,optional"`
	TokenMaxTTL          string   `hcl:"token_max_ttl,optional"`
	TokenPolicies        []string `hcl:"token_policies,optional"`
	TokenBoundCidrs      []string `hcl:"token_bound_cidrs,optional"`
	TokenExplicitMaxTTL  string   `hcl:"token_explicit_max_ttl,optional"`
	TokenNoDefaultPolicy bool     `hcl:"token_no_default_policy,optional"`
	TokenNumUses         int      `hcl:"token_num_uses,optional"`
	TokenPeriod          string   `hcl:"token_period,optional"`
	TokenType            string   `hcl:"token_type,optional"`
}

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL