scottk/vault
1
0
Fork 0
mirror of https://github.com/optim-enterprises-bv/vault.git synced 2025-10-30 02:02:43 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
66e78db4259500810c551cb09db3d1aa252f8cb0
vault/ui/app/models/sync/destinations/aws-sm.js
Angel Garbarino 66e78db425 Mask obfuscated Secret sync create/edit fields (#27348) 
* wip not working on edit view

* changelog

* vercel and fix tests

* need conditional to not break all the things:

* create test coverage and add for other obfustcaed fonts, still missing one.

* Update 27348.txt

* remove meep

* comment

* test coverage
2024-06-18 14:20:22 -06:00

77 lines
2.3 KiB
JavaScript
Raw Blame History

/**
* Copyright (c) HashiCorp, Inc.
* SPDX-License-Identifier: BUSL-1.1
*/
import SyncDestinationModel from '../destination';
import { attr } from '@ember-data/model';
import { withFormFields } from 'vault/decorators/model-form-fields';
const displayFields = [
// connection details
'name',
'region',
'accessKeyId',
'secretAccessKey',
'roleArn',
'externalId',
// sync config options
'granularity',
'secretNameTemplate',
'customTags',
];
const formFieldGroups = [
{
default: ['name', 'region', 'roleArn', 'externalId', 'granularity', 'secretNameTemplate', 'customTags'],
},
{ Credentials: ['accessKeyId', 'secretAccessKey'] },
];
@withFormFields(displayFields, formFieldGroups)
export default class SyncDestinationsAwsSecretsManagerModel extends SyncDestinationModel {
@attr('string', {
label: 'Access key ID',
subText:
'Access key ID to authenticate against the secrets manager. If empty, Vault will use the AWS_ACCESS_KEY_ID environment variable if configured.',
sensitive: true,
noCopy: true,
})
accessKeyId; // obfuscated, never returned by API
@attr('string', {
label: 'Secret access key',
subText:
'Secret access key to authenticate against the secrets manager. If empty, Vault will use the AWS_SECRET_ACCESS_KEY environment variable if configured.',
sensitive: true,
noCopy: true,
})
secretAccessKey; // obfuscated, never returned by API
@attr('string', {
subText:
'For AWS secrets manager, the name of the region must be supplied, something like “us-west-1.” If empty, Vault will use the AWS_REGION environment variable if configured.',
editDisabled: true,
})
region;
@attr('object', {
subText:
'An optional set of informational key-value pairs added as additional metadata on secrets synced to this destination. Custom tags are merged with built-in tags.',
editType: 'kv',
})
customTags;
@attr('string', {
label: 'Role ARN',
subText:
'Specifies a role to assume when connecting to AWS. When assuming a role, Vault uses temporary STS credentials to authenticate.',
})
roleArn;
@attr('string', {
label: 'External ID',
subText:
'Optional extra protection that must match the trust policy granting access to the AWS IAM role ARN. We recommend using a different random UUID per destination.',
})
externalId;
}
Reference in New Issue View Git Blame Copy Permalink