mirrors/ceph-csi
1
0
Fork 0
mirror of https://github.com/ceph/ceph-csi.git synced 2025-06-13 18:43:34 +00:00
Code Issues Packages Projects Releases Wiki Activity

rbd: add aws-sts-metdata encryption type

Browse Source 
With Amazon STS and kubernetes cluster is configured with
OIDC identity provider, credentials to access Amazon KMS
can be fetched using oidc-token(serviceaccount token).
Each tenant/namespace needs to create a secret with aws region,
role and CMK ARN.
Ceph-CSI will assume the given role with oidc token and access
aws KMS, with given CMK to encrypt/decrypt DEK which will stored
in the image metdata.

Refer: https://docs.aws.amazon.com/STS/latest/APIReference/welcome.html
Resolves: #2879

Signed-off-by: Rakshith R <rar@redhat.com>
This commit is contained in:
Rakshith R
2022-03-02 16:00:48 +05:30
committed by mergify[bot]
parent 13dcc89ac8
commit 4f0bb2315b
217 changed files with 24757 additions and 72 deletions
Download Patch File Download Diff File Expand all files Collapse all files

53
vendor/github.com/aws/smithy-go/encoding/xml/map.go generated vendored Normal file
View File

@ -0,0 +1,53 @@
package xml
// mapEntryWrapper is the default member wrapper start element for XML Map entry
var mapEntryWrapper = StartElement{
Name: Name{Local: "entry"},
}
// Map represents the encoding of a XML map type
type Map struct {
w writer
scratch *[]byte
// member start element is the map entry wrapper start element
memberStartElement StartElement
// isFlattened returns true if the map is a flattened map
isFlattened bool
}
// newMap returns a map encoder which sets the default map
// entry wrapper to `entry`.
//
// A map `someMap : {{key:"abc", value:"123"}}` is represented as
// `<someMap><entry><key>abc<key><value>123</value></entry></someMap>`.
func newMap(w writer, scratch *[]byte) *Map {
return &Map{
w: w,
scratch: scratch,
memberStartElement: mapEntryWrapper,
}
}
// newFlattenedMap returns a map encoder which sets the map
// entry wrapper to the passed in memberWrapper`.
//
// A flattened map `someMap : {{key:"abc", value:"123"}}` is represented as
// `<someMap><key>abc<key><value>123</value></someMap>`.
func newFlattenedMap(w writer, scratch *[]byte, memberWrapper StartElement) *Map {
return &Map{
w: w,
scratch: scratch,
memberStartElement: memberWrapper,
isFlattened: true,
}
}
// Entry returns a Value encoder with map's element.
// It writes the member wrapper start tag for each entry.
func (m *Map) Entry() Value {
v := newValue(m.w, m.scratch, m.memberStartElement)
v.isFlattened = m.isFlattened
return v
}