mirrors/vault
1
0
Fork 0
mirror of https://github.com/hashicorp/vault.git synced 2025-08-24 08:01:07 +02:00
Code Issues Projects Releases Wiki Activity
vault/ui/app/models/aws/root-config.js
Angel Garbarino 088bb4b6b9
One WIF configuration component (#29367) 
* make one component and make one test file for that component. remove the two components and associated files the new component replaces

* make access type subtext dynamic based on model type

* clean up

* clean up

* remove model attr for display purposes

* split out lease to another second config model type and make is-wif-engine helper

* welp missed the old controller

* small removal of overkill comment

* pr feedback

* save lease config if only thing changed

* error handling in acceptance test

* test fix

* replace notOk with throw

* move back error message

* clean up focused largely on wif component test

* replace ok with true
2025-01-24 11:05:00 -07:00

100 lines
3.1 KiB
JavaScript
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

/**
* Copyright (c) HashiCorp, Inc.
* SPDX-License-Identifier: BUSL-1.1
*/
import Model, { attr } from '@ember-data/model';
import fieldToAttrs, { expandAttributeMeta } from 'vault/utils/field-to-attrs';
import { regions } from 'vault/helpers/aws-regions';
export default class AwsRootConfig extends Model {
@attr('string') backend; // dynamic path of secret -- set on response from value passed to queryRecord
// IAM only fields
@attr('string') accessKey;
@attr('string', { sensitive: true }) secretKey; // obfuscated, never returned by API
// WIF only fields
@attr('string', {
label: 'Role ARN',
subText: 'Role ARN to assume for plugin workload identity federation.',
})
roleArn;
@attr('string', {
subText:
'The audience claim value for plugin identity tokens. Must match an allowed audience configured for the target IAM OIDC identity provider.',
})
identityTokenAudience;
@attr({
label: 'Identity token TTL',
helperTextDisabled:
'The TTL of generated tokens. Defaults to 1 hour, turn on the toggle to specify a different value.',
helperTextEnabled: 'The TTL of generated tokens.',
editType: 'ttl',
})
identityTokenTtl;
// Fields that show regardless of access type
@attr('string', {
possibleValues: regions(),
subText:
'Specifies the AWS region. If not set it will use the AWS_REGION env var, AWS_DEFAULT_REGION env var, or us-east-1 in that order.',
})
region;
@attr('string', { label: 'IAM endpoint' })
iamEndpoint;
@attr('string', { label: 'STS endpoint' }) stsEndpoint;
@attr('number', {
subText: 'Number of max retries the client should use for recoverable errors. Default is -1.',
})
maxRetries;
configurableParams = [
'roleArn',
'identityTokenAudience',
'identityTokenTtl',
'accessKey',
'secretKey',
'region',
'iamEndpoint',
'stsEndpoint',
'maxRetries',
];
get isWifPluginConfigured() {
return !!this.identityTokenAudience || !!this.identityTokenTtl || !!this.roleArn;
}
get isAccountPluginConfigured() {
return !!this.accessKey;
}
get displayAttrs() {
const formFields = expandAttributeMeta(this, this.configurableParams);
return formFields.filter((attr) => attr.name !== 'secretKey');
}
// "filedGroupsWif" and "fieldGroupsAccount" are passed to the FormFieldGroups component to determine which group to show in the form (ex: @groupName="fieldGroupsWif")
get fieldGroupsWif() {
return fieldToAttrs(this, this.formFieldGroups('wif'));
}
get fieldGroupsAccount() {
return fieldToAttrs(this, this.formFieldGroups('account'));
}
formFieldGroups(accessType = 'account') {
const formFieldGroups = [];
if (accessType === 'wif') {
formFieldGroups.push({ default: ['roleArn', 'identityTokenAudience', 'identityTokenTtl'] });
}
if (accessType === 'account') {
formFieldGroups.push({ default: ['accessKey', 'secretKey'] });
}
formFieldGroups.push({
'Root config options': ['region', 'iamEndpoint', 'stsEndpoint', 'maxRetries'],
});
return formFieldGroups;
}
}
Reference in New Issue View Git Blame Copy Permalink