Cloud-Key-Client is a Golang client that connects up to cloud providers either to collect details of Service Account keys, or manipulate them.
go get -u github.com/ovotech/cloud-key-clientpackage main
import (
"fmt"
keys "github.com/ovotech/cloud-key-client"
)
func main() {
providers := []keys.Provider{}
// create a GCP provider
gcpProvider := keys.Provider{
GcpProject: "my-gcp-project-id",
Provider: "gcp",
}
// create an AWS provider
awsProvider := keys.Provider{
// no need to specify any account ID here
Provider: "aws",
}
// create an Aiven provider
aivenProvider := keys.Provider{
Provider: "aiven",
Token: "my-aiven-api-token"
}
// add both providers to the slice
providers = append(providers, gcpProvider)
providers = append(providers, awsProvider)
providers = append(providers, aivenProvider)
// use the cloud-key-client
keys, err := keys.Keys(providers, true)
if err != nil {
fmt.Print(err)
return
}
for _, key := range keys {
fmt.Printf("%s, ID: ****%s, Age: %dd, Status: %s\n",
key.Account,
key.ID[len(key.ID)-4:],
int(key.Age/1440),
key.Status)
}
}This client could be useful for obtaining key metadata, such as age, and performing create and delete operations for key rotation. Multiple providers can be accessed through a single interface.
The following cloud providers have been integrated:
- AWS
- Aiven
- GCP
No config is required, you simply need to pass a slice of Provider structs to
the keys() func.
Authentication is handled by the Default Credential Provider Chains for both GCP and AWS.