confidant
6.6.2-1b4b1c
Announcement
Archiving Announcement
Basics
Installation
Quickstart for testing
Docker installation
To run confidant in Docker
To build the image
pip installation
Make a virtualenv and install pip requirements
Manual installation
Clone Confidant
Make a virtualenv and install pip requirements
Build the frontend
Run confidant
Configuration
Docker vs bash
Environment configuration
gunicorn configuration for SSL termination support
Google authentication configuration
SAML authentication configuration
User authentication session settings
Disabling credential conflict checks
statsd metrics
Sending graphite events
Google authentication user restrictions
Auth token lifetime
Frontend configuration
Development and testing settings
Bootstrapping Confidant’s own secrets
Multi-account authentication
KMS authentication for end-users
KMS grant management
Confidant client configuration
Maintenance mode settings
Confidant performance settings
Certificate Authority settings
Settings for local development
KMS key policy configuration
Confidant IAM role configuration
Confidant DynamoDB table configuration
Managing secrets and mappings
Using the resources view
Creating secrets
Mapping secrets to services
Finding credentials and services in the sidebar
Using the history view
Using the Confidant client
Installation
Configuration
Usage
Reformatting get_service output
Advanced
API
API route documentation
Access Controls (ACLs)
Design
ACL Hookpoints
Credentials
List credentials
Get credential metadata
Get credential
Create credential
Update credential
Revert credential
Services
List services
Get service metadata
Get service
Create service
Update service
Revert service
Server-blinded secrets
What are server-blinded secrets?
KMS keys and IAM policy examples for server-blinded secrets
Creating and updating server-blinded secrets using the confidant client
KMS authentication
Service-to-service authentication
IAM policy configuration for service-to-service auth
Passing encrypted data between services
User-to-service authentication
Multi-account KMS authentication
Threat model
Web client threat model
Assumptions
What an authenticated user can achieve
What compromise of an authenticated user’s computer can achieve
What an unauthenticated local network attacker who can observe network traffic can achieve
What an unauthenticated attacker from the Internet can achieve
Web server threat model
Assumptions
What an attacker can achieve through compromise of the Confidant web server
Service client threat model
Assumptions
What the service can achieve
What an attacker can achieve with a filesystem read vulnerability
Storage threat model
Assumptions
What an attacker with DynamoDB access can achieve
Contributing
Code of conduct
Contributing code
Sign the Contributor License Agreement (CLA)
File issues in Github
Submit pull requests
Development guide
Starting confidant
Running tests
DynamoDB Data Schema
At-rest encryption model
Maintenance
Permanantly archiving disabled credentials to a separate DynamoDB table
Restoring archived credentials back into the primary DynamoDB table
Upgrading
Upgrading to 2.0.0 or 3.0.0
Performing the data migration
Upgrading to 4.0.0
Peforming the data migration for 4.0.0
Changelog
6.6.2
6.6.1
6.5.8
6.4.0
6.3.0
6.2.0
6.1.0
6.0.0
5.2.0
5.1.0
5.0.1
5.0.0
4.4.0
4.3.1
4.3.0
4.2.0
4.1.0
4.0.0
3.0.0
2.0.1
2.0.0
1.11.0
1.10.1
1.10.0
1.9.0
1.8.0
1.7.0
1.6.0
1.5.1
1.5.0
1.4.0
1.3.0
1.2.0
1.1.21
1.1.20
1.1.19
1.1.16 - 1.1.18
1.1.15
1.1.14
1.1.13
Communication
Support
Reporting security vulnerabilities
confidant
Index
Index
_
|
A
|
B
|
C
|
D
|
E
|
F
|
G
|
H
|
I
|
J
|
L
|
M
|
N
|
O
|
P
|
R
|
S
|
T
|
U
|
W
_
_abc_impl (confidant.services.jwkmanager.JwtCache attribute)
(confidant.services.jwkmanager.LocalJwtCache attribute)
(confidant.services.jwkmanager.RedisCache attribute)
_attributes (confidant.models.blind_credential.BlindCredential attribute)
(confidant.models.credential.Credential attribute)
(confidant.models.credential.CredentialArchive attribute)
(confidant.models.credential.CredentialBase attribute)
(confidant.models.service.Service attribute)
(confidant.scripts.migrate.GeneralCredentialModel attribute)
(confidant.scripts.migrate.GeneralServiceModel attribute)
(confidant.scripts.migrate_bool.GenericCredential attribute)
_bootstrap() (confidant.encrypted_settings.EncryptedSettings method)
_build_actions() (in module confidant.scripts.migrate_bool)
_build_lba_filter_condition() (in module confidant.scripts.migrate_bool)
_class_to_load (confidant.schema.auto_build_schema.AutobuildSchema attribute)
(confidant.schema.blind_credentials.BlindCredentialResponseSchema attribute)
(confidant.schema.certificates.CertificateAuthoritiesResponseSchema attribute)
(confidant.schema.certificates.CertificateAuthorityResponseSchema attribute)
(confidant.schema.certificates.CertificateExpandedResponseSchema attribute)
(confidant.schema.certificates.CertificateResponseSchema attribute)
(confidant.schema.credentials.CredentialResponseSchema attribute)
(confidant.schema.credentials.CredentialsResponseSchema attribute)
(confidant.schema.credentials.RevisionsResponseSchema attribute)
(confidant.schema.jwks.JWKSListResponseSchema attribute)
(confidant.schema.jwks.JWKSResponseSchema attribute)
(confidant.schema.jwks.JWTResponseSchema attribute)
(confidant.schema.services.RevisionsResponseSchema attribute)
(confidant.schema.services.ServiceExpandedResponseSchema attribute)
(confidant.schema.services.ServiceResponseSchema attribute)
(confidant.schema.services.ServicesResponseSchema attribute)
_credential_in_service() (in module confidant.services.credentialmanager)
_current_saml_session_id() (confidant.authnz.userauth.SamlAuthenticator method)
_current_user_nameid() (confidant.authnz.userauth.SamlAuthenticator method)
_declared_fields (confidant.schema.auto_build_schema.AutobuildSchema attribute)
(confidant.schema.auto_build_schema.StrictSchema attribute)
(confidant.schema.blind_credentials.BlindCredentialResponseSchema attribute)
(confidant.schema.certificates.CertificateAuthoritiesResponseSchema attribute)
(confidant.schema.certificates.CertificateAuthorityResponseSchema attribute)
(confidant.schema.certificates.CertificateExpandedResponseSchema attribute)
(confidant.schema.certificates.CertificateResponseSchema attribute)
(confidant.schema.credentials.CredentialResponseSchema attribute)
(confidant.schema.credentials.CredentialsResponseSchema attribute)
(confidant.schema.credentials.RevisionsResponseSchema attribute)
(confidant.schema.jwks.JWKSListResponseSchema attribute)
(confidant.schema.jwks.JWKSResponseSchema attribute)
(confidant.schema.jwks.JWTResponseSchema attribute)
(confidant.schema.services.RevisionsResponseSchema attribute)
(confidant.schema.services.ServiceExpandedResponseSchema attribute)
(confidant.schema.services.ServiceResponseSchema attribute)
(confidant.schema.services.ServicesResponseSchema attribute)
_delete_credentials() (in module confidant.services.credentialmanager)
_diff_dict() (confidant.models.credential.Credential method)
_diff_list() (confidant.models.service.Service method)
_discriminator (confidant.models.blind_credential.BlindCredential attribute)
(confidant.models.credential.Credential attribute)
(confidant.models.credential.CredentialArchive attribute)
(confidant.models.credential.CredentialBase attribute)
(confidant.models.service.Service attribute)
(confidant.scripts.migrate.GeneralCredentialModel attribute)
(confidant.scripts.migrate.GeneralServiceModel attribute)
(confidant.scripts.migrate_bool.GenericCredential attribute)
_dynamo_to_python_attrs (confidant.models.blind_credential.BlindCredential attribute)
(confidant.models.credential.Credential attribute)
(confidant.models.credential.CredentialArchive attribute)
(confidant.models.credential.CredentialBase attribute)
(confidant.models.service.Service attribute)
(confidant.scripts.migrate.GeneralCredentialModel attribute)
(confidant.scripts.migrate.GeneralServiceModel attribute)
(confidant.scripts.migrate_bool.GenericCredential attribute)
_ensure_grants() (in module confidant.services.keymanager)
_get_active_kids() (confidant.services.jwkmanager.JWKManager method)
_get_at_rest_kms_client() (in module confidant.services.keymanager)
_get_auth_kms_client() (in module confidant.services.keymanager)
_get_boto_config() (in module confidant.services.keymanager)
_get_decrypted_credential_pairs() (confidant.models.credential.Credential method)
_get_iam_roles() (in module confidant.services.iamrolemanager)
_get_key() (confidant.services.jwkmanager.JWKManager method)
_get_kms_auth_data() (in module confidant.authnz)
_get_validator() (in module confidant.authnz)
_grants_exist() (in module confidant.services.keymanager)
_handle_update_exception() (in module confidant.scripts.migrate_bool)
_has_processors (confidant.schema.auto_build_schema.AutobuildSchema attribute)
(confidant.schema.auto_build_schema.StrictSchema attribute)
(confidant.schema.blind_credentials.BlindCredentialResponseSchema attribute)
(confidant.schema.certificates.CertificateAuthoritiesResponseSchema attribute)
(confidant.schema.certificates.CertificateAuthorityResponseSchema attribute)
(confidant.schema.certificates.CertificateExpandedResponseSchema attribute)
(confidant.schema.certificates.CertificateResponseSchema attribute)
(confidant.schema.credentials.CredentialResponseSchema attribute)
(confidant.schema.credentials.CredentialsResponseSchema attribute)
(confidant.schema.credentials.RevisionsResponseSchema attribute)
(confidant.schema.jwks.JWKSListResponseSchema attribute)
(confidant.schema.jwks.JWKSResponseSchema attribute)
(confidant.schema.jwks.JWTResponseSchema attribute)
(confidant.schema.services.RevisionsResponseSchema attribute)
(confidant.schema.services.ServiceExpandedResponseSchema attribute)
(confidant.schema.services.ServiceResponseSchema attribute)
(confidant.schema.services.ServicesResponseSchema attribute)
_hash_keyname (confidant.models.blind_credential.BlindCredential attribute)
(confidant.models.credential.Credential attribute)
(confidant.models.credential.CredentialArchive attribute)
(confidant.models.credential.CredentialBase attribute)
(confidant.models.service.Service attribute)
(confidant.scripts.migrate.GeneralCredentialModel attribute)
(confidant.scripts.migrate.GeneralServiceModel attribute)
(confidant.scripts.migrate_bool.GenericCredential attribute)
_indexes (confidant.models.blind_credential.BlindCredential attribute)
(confidant.models.credential.Credential attribute)
(confidant.models.credential.CredentialArchive attribute)
(confidant.models.credential.CredentialBase attribute)
(confidant.models.service.Service attribute)
(confidant.scripts.migrate.GeneralCredentialModel attribute)
(confidant.scripts.migrate.GeneralServiceModel attribute)
(confidant.scripts.migrate_bool.GenericCredential attribute)
_load_certificate_authorities() (confidant.services.jwkmanager.JWKManager method)
_load_rsa_for_saml() (confidant.authnz.userauth.SamlAuthenticator method)
_load_x509_for_saml() (confidant.authnz.userauth.SamlAuthenticator method)
_render_saml_errors_json() (confidant.authnz.userauth.SamlAuthenticator method)
_render_saml_settings_dict() (confidant.authnz.userauth.SamlAuthenticator method)
_rsa_private_key_bare_base64() (in module confidant.lib.cryptolib)
_saml_auth() (confidant.authnz.userauth.SamlAuthenticator method)
_saml_req_dict_from_request() (confidant.authnz.userauth.SamlAuthenticator method)
_save_credentials_to_archive() (in module confidant.services.credentialmanager)
_x509_certificate_bare_base64() (in module confidant.lib.cryptolib)
A
AbstractUserAuthenticator (class in confidant.authnz.userauth)
account (confidant.models.service.Service attribute)
account_for_key_alias() (in module confidant.authnz)
allowed_email_suffix (confidant.authnz.userauth.AbstractUserAuthenticator property)
allowed_email_whitelist (confidant.authnz.userauth.AbstractUserAuthenticator property)
archive_credential() (in module confidant.routes.credentials)
(in module tests.unit.confidant.routes.credentials_test)
archive_credentials() (in module confidant.services.credentialmanager)
archive_date (confidant.models.credential.CredentialArchive attribute)
ArchiveCredentials (class in confidant.scripts.archive)
ArchiveDataTypeDateIndex (class in confidant.models.credential)
ArchiveDataTypeDateIndex.Meta (class in confidant.models.credential)
assert_headers() (confidant.authnz.userauth.HeaderAuthenticator method)
attr_type (confidant.scripts.migrate.NewUnicodeSetAttribute attribute)
attributes (confidant.models.blind_credential.DataTypeDateIndex.Meta attribute)
(confidant.models.credential.ArchiveDataTypeDateIndex.Meta attribute)
(confidant.models.credential.DataTypeDateIndex.Meta attribute)
(confidant.models.service.DataTypeDateIndex.Meta attribute)
auth_type (confidant.authnz.userauth.AbstractUserAuthenticator property)
(confidant.authnz.userauth.GoogleOauthAuthenticator property)
(confidant.authnz.userauth.HeaderAuthenticator property)
(confidant.authnz.userauth.NullUserAuthenticator property)
(confidant.authnz.userauth.SamlAuthenticator property)
AuthenticationError
AutobuildSchema (class in confidant.schema.auto_build_schema)
aws_access_key_id (confidant.models.blind_credential.BlindCredential.Meta attribute)
(confidant.models.credential.Credential.Meta attribute)
(confidant.models.credential.CredentialArchive.Meta attribute)
(confidant.models.service.Service.Meta attribute)
(confidant.scripts.migrate_bool.GenericCredential.Meta attribute)
AWS_ACM_PCA (confidant.services.certificatemanager.CAType attribute)
aws_secret_access_key (confidant.models.blind_credential.BlindCredential.Meta attribute)
(confidant.models.credential.Credential.Meta attribute)
(confidant.models.credential.CredentialArchive.Meta attribute)
(confidant.models.service.Service.Meta attribute)
(confidant.scripts.migrate_bool.GenericCredential.Meta attribute)
aws_session_token (confidant.models.blind_credential.BlindCredential.Meta attribute)
(confidant.models.credential.Credential.Meta attribute)
(confidant.models.credential.CredentialArchive.Meta attribute)
(confidant.models.service.Service.Meta attribute)
(confidant.scripts.migrate_bool.GenericCredential.Meta attribute)
B
base_backoff_ms (confidant.models.blind_credential.BlindCredential.Meta attribute)
(confidant.models.credential.Credential.Meta attribute)
(confidant.models.credential.CredentialArchive.Meta attribute)
(confidant.models.service.Service.Meta attribute)
(confidant.scripts.migrate_bool.GenericCredential.Meta attribute)
blind_credentials (confidant.models.service.Service attribute)
(confidant.scripts.migrate.GeneralServiceModel attribute)
BlindCredential (class in confidant.models.blind_credential)
BlindCredential.DoesNotExist
BlindCredential.Meta (class in confidant.models.blind_credential)
BlindCredentialResponse (class in confidant.schema.blind_credentials)
BlindCredentialResponseSchema (class in confidant.schema.blind_credentials)
bool_env() (in module confidant.settings)
build_object() (confidant.schema.auto_build_schema.AutobuildSchema method)
C
cache_key() (confidant.services.jwkmanager.LocalJwtCache method)
(confidant.services.jwkmanager.RedisCache method)
CAType (class in confidant.services.certificatemanager)
CertificateAuthoritiesResponse (class in confidant.schema.certificates)
CertificateAuthoritiesResponseSchema (class in confidant.schema.certificates)
CertificateAuthorityResponse (class in confidant.schema.certificates)
CertificateAuthorityResponseSchema (class in confidant.schema.certificates)
CertificateExpandedResponseSchema (class in confidant.schema.certificates)
CertificateResponse (class in confidant.schema.certificates)
CertificateResponseSchema (class in confidant.schema.certificates)
check_authorization() (confidant.authnz.userauth.AbstractUserAuthenticator method)
(confidant.authnz.userauth.HeaderAuthenticator method)
(confidant.authnz.userauth.NullUserAuthenticator method)
check_credential_pair_values() (in module confidant.services.credentialmanager)
check_csrf_token() (confidant.authnz.userauth.AbstractUserAuthenticator method)
check_maintenance_mode() (in module confidant.utils.maintenance)
cipher_type (confidant.models.blind_credential.BlindCredential attribute)
cipher_version (confidant.models.blind_credential.BlindCredential attribute)
(confidant.models.credential.CredentialBase attribute)
CipherManager (class in confidant.services.ciphermanager)
CipherManagerError
clear_session() (confidant.authnz.userauth.AbstractUserAuthenticator method)
components() (in module confidant.routes.static_files)
confidant
module
confidant.app
module
confidant.authnz
module
confidant.authnz.errors
module
confidant.authnz.rbac
module
confidant.authnz.userauth
module
confidant.clients
module
confidant.encrypted_settings
module
confidant.lib
module
confidant.lib.cryptolib
module
confidant.models
module
confidant.models.blind_credential
module
confidant.models.credential
module
confidant.models.non_null_unicode_set_attribute
module
confidant.models.service
module
confidant.routes
module
confidant.routes.blind_credentials
module
confidant.routes.certificates
module
confidant.routes.credentials
module
confidant.routes.identity
module
confidant.routes.jwks
module
confidant.routes.saml
module
confidant.routes.services
module
confidant.routes.static_files
module
confidant.schema
module
confidant.schema.auto_build_schema
module
confidant.schema.blind_credentials
module
confidant.schema.certificates
module
confidant.schema.credentials
module
confidant.schema.jwks
module
confidant.schema.services
module
confidant.scripts
module
confidant.scripts.archive
module
confidant.scripts.bootstrap
module
confidant.scripts.manage
module
confidant.scripts.migrate
module
confidant.scripts.migrate_bool
module
confidant.scripts.restore
module
confidant.scripts.utils
module
confidant.services
module
confidant.services.certificatemanager
module
confidant.services.ciphermanager
module
confidant.services.credentialmanager
module
confidant.services.graphite
module
confidant.services.iamrolemanager
module
confidant.services.jwkmanager
module
confidant.services.keymanager
module
confidant.services.servicemanager
module
confidant.services.webhook
module
confidant.settings
module
confidant.utils
module
confidant.utils.dynamodb
module
confidant.utils.maintenance
module
confidant.utils.misc
module
confidant.wsgi
module
connect_timeout_seconds (confidant.models.blind_credential.BlindCredential.Meta attribute)
(confidant.models.credential.Credential.Meta attribute)
(confidant.models.credential.CredentialArchive.Meta attribute)
(confidant.models.service.Service.Meta attribute)
(confidant.scripts.migrate_bool.GenericCredential.Meta attribute)
consume_saml_assertion() (confidant.authnz.userauth.SamlAuthenticator method)
(in module confidant.routes.saml)
create_app() (in module confidant.app)
create_blind_credential() (in module confidant.routes.blind_credentials)
create_credential() (in module confidant.routes.credentials)
create_datakey() (in module confidant.lib.cryptolib)
(in module confidant.services.keymanager)
create_dynamodb_tables() (in module confidant.utils.dynamodb)
create_mock_datakey() (in module confidant.lib.cryptolib)
CreateDynamoTables (class in confidant.scripts.utils)
Credential (class in confidant.models.credential)
credential() (in module tests.unit.confidant.routes.credentials_test)
Credential.DoesNotExist
Credential.Meta (class in confidant.models.credential)
credential_exists() (confidant.scripts.restore.RestoreCredentials method)
credential_keys (confidant.models.blind_credential.BlindCredential attribute)
(confidant.models.credential.Credential property)
(confidant.scripts.migrate.GeneralCredentialModel attribute)
credential_list() (in module tests.unit.confidant.routes.credentials_test)
credential_pairs (confidant.models.blind_credential.BlindCredential attribute)
(confidant.models.credential.CredentialBase attribute)
CredentialArchive (class in confidant.models.credential)
CredentialArchive.DoesNotExist
CredentialArchive.Meta (class in confidant.models.credential)
CredentialBase (class in confidant.models.credential)
CredentialBase.DoesNotExist
CredentialResponse (class in confidant.schema.credentials)
CredentialResponseSchema (class in confidant.schema.credentials)
credentials (confidant.models.service.Service attribute)
(confidant.scripts.migrate.GeneralServiceModel attribute)
CredentialsResponse (class in confidant.schema.credentials)
CredentialsResponseSchema (class in confidant.schema.credentials)
current_email() (confidant.authnz.userauth.AbstractUserAuthenticator method)
current_first_name() (confidant.authnz.userauth.AbstractUserAuthenticator method)
current_last_name() (confidant.authnz.userauth.AbstractUserAuthenticator method)
current_user() (confidant.authnz.userauth.AbstractUserAuthenticator method)
(confidant.authnz.userauth.HeaderAuthenticator method)
(confidant.authnz.userauth.NullUserAuthenticator method)
CUSTOM_CA (confidant.services.certificatemanager.CAType attribute)
custom_images() (in module confidant.routes.static_files)
custom_modules() (in module confidant.routes.static_files)
custom_styles() (in module confidant.routes.static_files)
D
data_key (confidant.models.blind_credential.BlindCredential attribute)
(confidant.models.credential.CredentialBase attribute)
data_type (confidant.models.blind_credential.BlindCredential attribute)
(confidant.models.blind_credential.DataTypeDateIndex attribute)
(confidant.models.credential.ArchiveDataTypeDateIndex attribute)
(confidant.models.credential.CredentialBase attribute)
(confidant.models.credential.DataTypeDateIndex attribute)
(confidant.models.service.DataTypeDateIndex attribute)
(confidant.models.service.Service attribute)
data_type_date_index (confidant.models.blind_credential.BlindCredential attribute)
(confidant.models.credential.Credential attribute)
(confidant.models.credential.CredentialArchive attribute)
(confidant.models.service.Service attribute)
DataTypeDateIndex (class in confidant.models.blind_credential)
(class in confidant.models.credential)
(class in confidant.models.service)
DataTypeDateIndex.Meta (class in confidant.models.blind_credential)
(class in confidant.models.credential)
(class in confidant.models.service)
decode_last_evaluated_key() (in module confidant.utils.dynamodb)
decrypt() (confidant.services.ciphermanager.CipherManager method)
decrypt_datakey() (in module confidant.lib.cryptolib)
(in module confidant.services.keymanager)
decrypt_mock_datakey() (in module confidant.lib.cryptolib)
decrypted_credential_pairs (confidant.models.credential.Credential property)
DecryptSecretsBootstrap (class in confidant.scripts.bootstrap)
default_acl() (in module confidant.authnz.rbac)
deserialize() (confidant.scripts.migrate.NewUnicodeSetAttribute method)
(confidant.scripts.migrate.SetMixin method)
dev_wsgi
module
dict_deep_update() (in module confidant.utils.misc)
diff() (confidant.models.credential.Credential method)
(confidant.models.service.Service method)
diff_credential() (in module confidant.routes.credentials)
diff_service() (in module confidant.routes.services)
documentation (confidant.models.blind_credential.BlindCredential attribute)
(confidant.models.credential.CredentialBase attribute)
dump_session_info() (in module confidant.routes.saml)
E
element_deserialize() (confidant.scripts.migrate.NewUnicodeSetAttribute method)
element_serialize() (confidant.scripts.migrate.NewUnicodeSetAttribute method)
enabled (confidant.models.blind_credential.BlindCredential attribute)
(confidant.models.credential.CredentialBase attribute)
(confidant.models.service.Service attribute)
(confidant.scripts.migrate_bool.GenericCredential attribute)
encode_last_evaluated_key() (in module confidant.utils.dynamodb)
encode_next_page() (confidant.schema.credentials.CredentialsResponseSchema method)
(confidant.schema.credentials.RevisionsResponseSchema method)
(confidant.schema.services.RevisionsResponseSchema method)
(confidant.schema.services.ServicesResponseSchema method)
encrypt() (confidant.services.ciphermanager.CipherManager method)
encrypted_settings_mock() (in module tests.conftest)
EncryptedSettings (class in confidant.encrypted_settings)
ensure_grants() (in module confidant.routes.services)
(in module confidant.services.keymanager)
equals() (confidant.models.blind_credential.BlindCredential method)
(confidant.models.credential.Credential method)
(confidant.models.service.Service method)
exempt_from_rotation (confidant.models.credential.Credential property)
extra_headers (confidant.models.blind_credential.BlindCredential.Meta attribute)
(confidant.models.credential.Credential.Meta attribute)
(confidant.models.credential.CredentialArchive.Meta attribute)
(confidant.models.service.Service.Meta attribute)
(confidant.scripts.migrate_bool.GenericCredential.Meta attribute)
F
favicon() (in module confidant.routes.static_files)
float_env() (in module confidant.settings)
fonts() (in module confidant.routes.static_files)
from_archive_credential() (confidant.models.credential.Credential class method)
from_blind_credential() (confidant.schema.blind_credentials.BlindCredentialResponse class method)
from_cas() (confidant.schema.certificates.CertificateAuthoritiesResponse class method)
from_credential() (confidant.models.credential.CredentialArchive class method)
(confidant.schema.credentials.CredentialResponse class method)
from_credentials() (confidant.schema.credentials.CredentialsResponse class method)
(confidant.schema.credentials.RevisionsResponse class method)
from_service() (confidant.schema.services.ServiceResponse class method)
from_service_expanded() (confidant.schema.services.ServiceResponse class method)
from_services() (confidant.schema.services.RevisionsResponse class method)
(confidant.schema.services.ServicesResponse class method)
G
GeneralCredentialModel (class in confidant.scripts.migrate)
GeneralCredentialModel.DoesNotExist
GeneralCredentialModel.Meta (class in confidant.scripts.migrate)
GeneralServiceModel (class in confidant.scripts.migrate)
GeneralServiceModel.DoesNotExist
GeneralServiceModel.Meta (class in confidant.scripts.migrate)
generate_metadata() (confidant.authnz.userauth.SamlAuthenticator method)
generate_saml_login_redirect() (in module confidant.routes.saml)
generate_value() (in module confidant.routes.credentials)
GenerateSecretsBootstrap (class in confidant.scripts.bootstrap)
GenericCredential (class in confidant.scripts.migrate_bool)
GenericCredential.DoesNotExist
GenericCredential.Meta (class in confidant.scripts.migrate_bool)
get() (in module confidant.settings)
get_active_key() (confidant.services.jwkmanager.JWKManager method)
get_all_secrets() (confidant.encrypted_settings.EncryptedSettings method)
get_archive_blind_credential_list() (in module confidant.routes.blind_credentials)
get_archive_blind_credential_revisions() (in module confidant.routes.blind_credentials)
get_archive_credential_list() (in module confidant.routes.credentials)
get_archive_credential_revisions() (in module confidant.routes.credentials)
get_archive_service_list() (in module confidant.routes.services)
get_archive_service_revisions() (in module confidant.routes.services)
get_blind_credential() (in module confidant.routes.blind_credentials)
get_blind_credential_dependencies() (in module confidant.routes.blind_credentials)
get_blind_credential_list() (in module confidant.routes.blind_credentials)
get_blind_credentials() (in module confidant.services.credentialmanager)
get_boolean() (in module confidant.utils.misc)
get_boto_client() (in module confidant.clients)
get_boto_resource() (in module confidant.clients)
get_boto_session() (in module confidant.clients)
get_ca() (in module confidant.routes.certificates)
(in module confidant.services.certificatemanager)
get_certificate() (in module confidant.routes.certificates)
get_certificate_from_csr() (in module confidant.routes.certificates)
get_client_config() (in module confidant.routes.identity)
get_credential() (in module confidant.routes.credentials)
get_credential_dependencies() (in module confidant.routes.credentials)
get_credential_list() (in module confidant.routes.credentials)
get_credentials() (in module confidant.services.credentialmanager)
get_csrf_token() (confidant.authnz.userauth.AbstractUserAuthenticator method)
get_grants() (in module confidant.routes.services)
(in module confidant.services.keymanager)
get_iam_roles() (in module confidant.services.iamrolemanager)
get_iam_roles_list() (in module confidant.routes.services)
get_jwks() (confidant.services.jwkmanager.JWKManager method)
get_jwt() (confidant.services.jwkmanager.JWKManager method)
(confidant.services.jwkmanager.JwtCache method)
(confidant.services.jwkmanager.LocalJwtCache method)
(confidant.services.jwkmanager.RedisCache method)
get_key_id() (in module confidant.services.keymanager)
get_latest_blind_credential_revision() (in module confidant.services.credentialmanager)
get_latest_credential_revision() (in module confidant.services.credentialmanager)
get_latest_service_revision() (in module confidant.services.servicemanager)
get_logged_in_user() (in module confidant.authnz)
get_public_jwks() (in module confidant.routes.jwks)
get_revision_ids_for_credential() (in module confidant.services.credentialmanager)
get_saml_metadata() (in module confidant.routes.saml)
get_secret() (confidant.encrypted_settings.EncryptedSettings method)
get_service() (in module confidant.routes.services)
get_service_list() (in module confidant.routes.services)
get_service_map() (in module confidant.services.servicemanager)
get_services_for_blind_credential() (in module confidant.services.servicemanager)
get_services_for_credential() (in module confidant.services.servicemanager)
get_token() (in module confidant.routes.jwks)
get_user_info() (in module confidant.routes.identity)
goodbye() (in module confidant.routes.static_files)
GoogleOauthAuthenticator (class in confidant.authnz.userauth)
grants_exist() (in module confidant.services.keymanager)
H
HeaderAuthenticator (class in confidant.authnz.userauth)
healthcheck() (in module confidant.routes.static_files)
helper_jwt_parser() (in module tests.unit.confidant.services.jwkmanager_test)
host (confidant.models.blind_credential.BlindCredential.Meta attribute)
(confidant.models.credential.Credential.Meta attribute)
(confidant.models.credential.CredentialArchive.Meta attribute)
(confidant.models.service.Service.Meta attribute)
(confidant.scripts.migrate_bool.GenericCredential.Meta attribute)
I
id (confidant.models.blind_credential.BlindCredential attribute)
(confidant.models.credential.CredentialBase attribute)
(confidant.models.service.Service attribute)
(confidant.scripts.migrate.GeneralCredentialModel attribute)
(confidant.scripts.migrate.GeneralServiceModel attribute)
(confidant.scripts.migrate_bool.GenericCredential attribute)
images() (in module confidant.routes.static_files)
in_maintenance_mode() (in module confidant.utils.maintenance)
index() (in module confidant.routes.static_files)
index_name (confidant.models.blind_credential.DataTypeDateIndex.Meta attribute)
(confidant.models.credential.ArchiveDataTypeDateIndex.Meta attribute)
(confidant.models.credential.DataTypeDateIndex.Meta attribute)
(confidant.models.service.DataTypeDateIndex.Meta attribute)
init_user_auth_class() (in module confidant.authnz.userauth)
int_env() (in module confidant.settings)
is_authenticated() (confidant.authnz.userauth.AbstractUserAuthenticator method)
(confidant.authnz.userauth.HeaderAuthenticator method)
(confidant.authnz.userauth.NullUserAuthenticator method)
is_expired() (confidant.authnz.userauth.AbstractUserAuthenticator method)
(confidant.authnz.userauth.HeaderAuthenticator method)
(confidant.authnz.userauth.NullUserAuthenticator method)
is_old_unicode_set() (in module confidant.scripts.migrate)
J
JWKManager (class in confidant.services.jwkmanager)
JWKSListResponse (class in confidant.schema.jwks)
JWKSListResponseSchema (class in confidant.schema.jwks)
JWKSResponse (class in confidant.schema.jwks)
JWKSResponseSchema (class in confidant.schema.jwks)
JwtCache (class in confidant.services.jwkmanager)
JWTResponse (class in confidant.schema.jwks)
JWTResponseSchema (class in confidant.schema.jwks)
L
last_decrypted_date (confidant.models.credential.CredentialBase attribute)
last_rotation_date (confidant.models.credential.CredentialBase attribute)
list_cas() (in module confidant.routes.certificates)
(in module confidant.services.certificatemanager)
load_module() (in module confidant.utils.misc)
load_private_key_pem() (in module confidant.lib.cryptolib)
load_private_key_pem_as_bare_base64() (in module confidant.lib.cryptolib)
load_x509_certificate_pem() (in module confidant.lib.cryptolib)
load_x509_certificate_pem_as_bare_base64() (in module confidant.lib.cryptolib)
LocalJwtCache (class in confidant.services.jwkmanager)
log_in() (confidant.authnz.userauth.AbstractUserAuthenticator method)
(confidant.authnz.userauth.GoogleOauthAuthenticator method)
(confidant.authnz.userauth.HeaderAuthenticator method)
(confidant.authnz.userauth.NullUserAuthenticator method)
(confidant.authnz.userauth.SamlAuthenticator method)
(in module confidant.authnz)
log_out() (confidant.authnz.userauth.AbstractUserAuthenticator method)
(confidant.authnz.userauth.SamlAuthenticator method)
log_out_callback() (confidant.authnz.userauth.SamlAuthenticator method)
login() (in module confidant.routes.identity)
login_redirect_url() (confidant.authnz.userauth.SamlAuthenticator method)
lowercase_credential_pairs() (in module confidant.services.credentialmanager)
M
main() (in module confidant.scripts.manage)
manage
module
ManageGrants (class in confidant.scripts.utils)
map_service_credentials() (in module confidant.routes.services)
max_pool_connection (confidant.models.blind_credential.BlindCredential.Meta attribute)
(confidant.models.credential.Credential.Meta attribute)
(confidant.models.credential.CredentialArchive.Meta attribute)
(confidant.models.service.Service.Meta attribute)
(confidant.scripts.migrate_bool.GenericCredential.Meta attribute)
max_pool_connections (confidant.models.blind_credential.BlindCredential.Meta attribute)
(confidant.models.credential.Credential.Meta attribute)
(confidant.models.credential.CredentialArchive.Meta attribute)
(confidant.models.service.Service.Meta attribute)
(confidant.scripts.migrate_bool.GenericCredential.Meta attribute)
max_retry_attempts (confidant.models.blind_credential.BlindCredential.Meta attribute)
(confidant.models.credential.Credential.Meta attribute)
(confidant.models.credential.CredentialArchive.Meta attribute)
(confidant.models.service.Service.Meta attribute)
(confidant.scripts.migrate_bool.GenericCredential.Meta attribute)
metadata (confidant.models.blind_credential.BlindCredential attribute)
(confidant.models.credential.CredentialBase attribute)
migrate_boolean_attributes() (in module confidant.scripts.migrate_bool)
MigrateBlindCredentialSetAttribute (class in confidant.scripts.migrate)
MigrateBooleanAttribute (class in confidant.scripts.migrate_bool)
MigrateServiceSetAttribute (class in confidant.scripts.migrate)
mock_email_suffix() (in module tests.unit.confidant.authnz.authnz_test)
mock_header_auth() (in module tests.unit.confidant.authnz.authnz_test)
model (confidant.models.blind_credential.DataTypeDateIndex.Meta attribute)
(confidant.models.credential.ArchiveDataTypeDateIndex.Meta attribute)
(confidant.models.credential.DataTypeDateIndex.Meta attribute)
(confidant.models.service.DataTypeDateIndex.Meta attribute)
modified_by (confidant.models.blind_credential.BlindCredential attribute)
(confidant.models.credential.CredentialBase attribute)
(confidant.models.service.Service attribute)
modified_date (confidant.models.blind_credential.BlindCredential attribute)
(confidant.models.blind_credential.DataTypeDateIndex attribute)
(confidant.models.credential.ArchiveDataTypeDateIndex attribute)
(confidant.models.credential.CredentialBase attribute)
(confidant.models.credential.DataTypeDateIndex attribute)
(confidant.models.service.DataTypeDateIndex attribute)
(confidant.models.service.Service attribute)
module
confidant
confidant.app
confidant.authnz
confidant.authnz.errors
confidant.authnz.rbac
confidant.authnz.userauth
confidant.clients
confidant.encrypted_settings
confidant.lib
confidant.lib.cryptolib
confidant.models
confidant.models.blind_credential
confidant.models.credential
confidant.models.non_null_unicode_set_attribute
confidant.models.service
confidant.routes
confidant.routes.blind_credentials
confidant.routes.certificates
confidant.routes.credentials
confidant.routes.identity
confidant.routes.jwks
confidant.routes.saml
confidant.routes.services
confidant.routes.static_files
confidant.schema
confidant.schema.auto_build_schema
confidant.schema.blind_credentials
confidant.schema.certificates
confidant.schema.credentials
confidant.schema.jwks
confidant.schema.services
confidant.scripts
confidant.scripts.archive
confidant.scripts.bootstrap
confidant.scripts.manage
confidant.scripts.migrate
confidant.scripts.migrate_bool
confidant.scripts.restore
confidant.scripts.utils
confidant.services
confidant.services.certificatemanager
confidant.services.ciphermanager
confidant.services.credentialmanager
confidant.services.graphite
confidant.services.iamrolemanager
confidant.services.jwkmanager
confidant.services.keymanager
confidant.services.servicemanager
confidant.services.webhook
confidant.settings
confidant.utils
confidant.utils.dynamodb
confidant.utils.maintenance
confidant.utils.misc
confidant.wsgi
dev_wsgi
manage
tests
tests.conftest
tests.integration
tests.integration.confidant
tests.integration.confidant.authnz
tests.integration.confidant.authnz.authnz_test
tests.unit
tests.unit.confidant
tests.unit.confidant.authnz
tests.unit.confidant.authnz.authnz_test
tests.unit.confidant.authnz.rbac_test
tests.unit.confidant.encrypted_settings_test
tests.unit.confidant.models
tests.unit.confidant.models.credential_test
tests.unit.confidant.models.service_test
tests.unit.confidant.routes
tests.unit.confidant.routes.certificates_test
tests.unit.confidant.routes.credentials_test
tests.unit.confidant.routes.identity_test
tests.unit.confidant.routes.jwks_test
tests.unit.confidant.routes.services_test
tests.unit.confidant.services
tests.unit.confidant.services.ciphermanager_test
tests.unit.confidant.services.credentialmanager_test
tests.unit.confidant.services.jwkmanager_test
tests.unit.confidant.services.keymanager_test
tests.unit.confidant.services.servicemanager_test
modules() (in module confidant.routes.static_files)
N
name (confidant.models.blind_credential.BlindCredential attribute)
(confidant.models.credential.CredentialBase attribute)
NewUnicodeSetAttribute (class in confidant.scripts.migrate)
next_rotation_date (confidant.models.credential.Credential property)
no_acl() (in module confidant.authnz.rbac)
NonNullUnicodeSetAttribute (class in confidant.models.non_null_unicode_set_attribute)
not_found() (in module confidant.routes.static_files)
NotAuthorized
null (confidant.scripts.migrate.NewUnicodeSetAttribute attribute)
NullUserAuthenticator (class in confidant.authnz.userauth)
O
option_list (confidant.scripts.archive.ArchiveCredentials attribute)
(confidant.scripts.bootstrap.DecryptSecretsBootstrap attribute)
(confidant.scripts.bootstrap.GenerateSecretsBootstrap attribute)
(confidant.scripts.migrate_bool.MigrateBooleanAttribute attribute)
(confidant.scripts.restore.RestoreCredentials attribute)
opts (confidant.schema.auto_build_schema.AutobuildSchema attribute)
(confidant.schema.auto_build_schema.StrictSchema attribute)
(confidant.schema.blind_credentials.BlindCredentialResponseSchema attribute)
(confidant.schema.certificates.CertificateAuthoritiesResponseSchema attribute)
(confidant.schema.certificates.CertificateAuthorityResponseSchema attribute)
(confidant.schema.certificates.CertificateExpandedResponseSchema attribute)
(confidant.schema.certificates.CertificateResponseSchema attribute)
(confidant.schema.credentials.CredentialResponseSchema attribute)
(confidant.schema.credentials.CredentialsResponseSchema attribute)
(confidant.schema.credentials.RevisionsResponseSchema attribute)
(confidant.schema.jwks.JWKSListResponseSchema attribute)
(confidant.schema.jwks.JWKSResponseSchema attribute)
(confidant.schema.jwks.JWTResponseSchema attribute)
(confidant.schema.services.RevisionsResponseSchema attribute)
(confidant.schema.services.ServiceExpandedResponseSchema attribute)
(confidant.schema.services.ServiceResponseSchema attribute)
(confidant.schema.services.ServicesResponseSchema attribute)
P
pair_key_conflicts_for_credentials() (in module confidant.services.credentialmanager)
pair_key_conflicts_for_services() (in module confidant.services.servicemanager)
passes_email_suffix() (confidant.authnz.userauth.AbstractUserAuthenticator method)
passes_email_whitelist() (confidant.authnz.userauth.AbstractUserAuthenticator method)
prevent_xss_decorator() (in module confidant.utils.misc)
projection (confidant.models.blind_credential.DataTypeDateIndex.Meta attribute)
(confidant.models.credential.ArchiveDataTypeDateIndex.Meta attribute)
(confidant.models.credential.DataTypeDateIndex.Meta attribute)
(confidant.models.service.DataTypeDateIndex.Meta attribute)
R
read_capacity_units (confidant.models.blind_credential.DataTypeDateIndex.Meta attribute)
(confidant.models.credential.ArchiveDataTypeDateIndex.Meta attribute)
(confidant.models.credential.DataTypeDateIndex.Meta attribute)
(confidant.models.service.DataTypeDateIndex.Meta attribute)
read_timeout_seconds (confidant.models.blind_credential.BlindCredential.Meta attribute)
(confidant.models.credential.Credential.Meta attribute)
(confidant.models.credential.CredentialArchive.Meta attribute)
(confidant.models.service.Service.Meta attribute)
(confidant.scripts.migrate_bool.GenericCredential.Meta attribute)
redirect_to_goodbye() (confidant.authnz.userauth.AbstractUserAuthenticator method)
redirect_to_index() (confidant.authnz.userauth.AbstractUserAuthenticator method)
redirect_to_logout_if_no_auth() (in module confidant.authnz)
RedisCache (class in confidant.services.jwkmanager)
refresh_cache() (in module confidant.services.iamrolemanager)
region (confidant.models.blind_credential.BlindCredential.Meta attribute)
(confidant.models.credential.Credential.Meta attribute)
(confidant.models.credential.CredentialArchive.Meta attribute)
(confidant.models.service.Service.Meta attribute)
(confidant.scripts.migrate_bool.GenericCredential.Meta attribute)
register() (confidant.encrypted_settings.EncryptedSettings method)
registered() (confidant.encrypted_settings.EncryptedSettings method)
require_auth() (in module confidant.authnz)
require_csrf_token() (in module confidant.authnz)
require_logout_for_goodbye() (in module confidant.authnz)
restore() (confidant.scripts.restore.RestoreCredentials method)
RestoreCredentials (class in confidant.scripts.restore)
revert_blind_credential_to_revision() (in module confidant.routes.blind_credentials)
revert_credential_to_revision() (in module confidant.routes.credentials)
revert_service_to_revision() (in module confidant.routes.services)
revision (confidant.models.blind_credential.BlindCredential attribute)
(confidant.models.credential.CredentialBase attribute)
(confidant.models.service.Service attribute)
RevisionsResponse (class in confidant.schema.credentials)
(class in confidant.schema.services)
RevisionsResponseSchema (class in confidant.schema.credentials)
(class in confidant.schema.services)
RevokeGrants (class in confidant.scripts.utils)
robots() (in module confidant.routes.static_files)
run() (confidant.scripts.archive.ArchiveCredentials method)
(confidant.scripts.bootstrap.DecryptSecretsBootstrap method)
(confidant.scripts.bootstrap.GenerateSecretsBootstrap method)
(confidant.scripts.migrate.MigrateBlindCredentialSetAttribute method)
(confidant.scripts.migrate.MigrateServiceSetAttribute method)
(confidant.scripts.migrate_bool.MigrateBooleanAttribute method)
(confidant.scripts.restore.RestoreCredentials method)
(confidant.scripts.utils.CreateDynamoTables method)
(confidant.scripts.utils.ManageGrants method)
(confidant.scripts.utils.RevokeGrants method)
S
saml_logout() (in module confidant.routes.saml)
SamlAuthenticator (class in confidant.authnz.userauth)
save() (confidant.scripts.restore.RestoreCredentials method)
scripts() (in module confidant.routes.static_files)
send_event() (in module confidant.services.graphite)
(in module confidant.services.webhook)
send_service_mapping_graphite_event() (in module confidant.services.servicemanager)
serialize() (confidant.scripts.migrate.NewUnicodeSetAttribute method)
(confidant.scripts.migrate.SetMixin method)
Service (class in confidant.models.service)
Service.DoesNotExist
Service.Meta (class in confidant.models.service)
service_in_account() (in module confidant.authnz)
ServiceCreateGrantError
ServiceExpandedResponseSchema (class in confidant.schema.services)
ServiceGetGrantError
ServiceResponse (class in confidant.schema.services)
ServiceResponseSchema (class in confidant.schema.services)
services_list() (in module tests.unit.confidant.routes.services_test)
ServicesResponse (class in confidant.schema.services)
ServicesResponseSchema (class in confidant.schema.services)
set_csrf_token() (confidant.authnz.userauth.AbstractUserAuthenticator method)
set_current_user() (confidant.authnz.userauth.AbstractUserAuthenticator method)
set_expiration() (confidant.authnz.userauth.AbstractUserAuthenticator method)
set_jwt() (confidant.services.jwkmanager.JwtCache method)
(confidant.services.jwkmanager.LocalJwtCache method)
(confidant.services.jwkmanager.RedisCache method)
set_key() (confidant.services.jwkmanager.JWKManager method)
SetMixin (class in confidant.scripts.migrate)
SettingsError
sort_credentials() (confidant.schema.credentials.CredentialsResponseSchema method)
sort_revisions() (confidant.schema.credentials.RevisionsResponseSchema method)
(confidant.schema.services.RevisionsResponseSchema method)
sort_services() (confidant.schema.services.ServicesResponseSchema method)
static_proxy() (in module confidant.routes.static_files)
str_env() (in module confidant.settings)
strict (confidant.schema.auto_build_schema.StrictSchema.Meta attribute)
StrictSchema (class in confidant.schema.auto_build_schema)
StrictSchema.Meta (class in confidant.schema.auto_build_schema)
T
table_name (confidant.models.blind_credential.BlindCredential.Meta attribute)
(confidant.models.credential.Credential.Meta attribute)
(confidant.models.credential.CredentialArchive.Meta attribute)
(confidant.models.service.Service.Meta attribute)
(confidant.scripts.migrate_bool.GenericCredential.Meta attribute)
tags (confidant.models.credential.CredentialBase attribute)
test__get_kms_auth_data_from_auth() (in module tests.unit.confidant.authnz.authnz_test)
test__get_kms_auth_data_from_headers() (in module tests.unit.confidant.authnz.authnz_test)
test_account_for_key_alias() (in module tests.unit.confidant.authnz.authnz_test)
test_auth_failure() (in module tests.integration.confidant.authnz.authnz_test)
test_auth_redirect() (in module tests.integration.confidant.authnz.authnz_test)
test_auth_with_email_session() (in module tests.integration.confidant.authnz.authnz_test)
test_auth_with_email_session_bad_prefix() (in module tests.integration.confidant.authnz.authnz_test)
test_auth_with_email_session_in_users() (in module tests.integration.confidant.authnz.authnz_test)
test_auth_with_email_session_not_in_users() (in module tests.integration.confidant.authnz.authnz_test)
test_bootstrap() (in module tests.unit.confidant.encrypted_settings_test)
test_bootstrap_filefail() (in module tests.unit.confidant.encrypted_settings_test)
test_certificate() (in module tests.conftest)
test_certificate_authorities() (in module tests.conftest)
test_check_credential_pair_values() (in module tests.unit.confidant.services.credentialmanager_test)
test_cipher_version_1() (in module tests.unit.confidant.services.ciphermanager_test)
test_cipher_version_2() (in module tests.unit.confidant.services.ciphermanager_test)
test_cipher_version_3() (in module tests.unit.confidant.services.ciphermanager_test)
test_create_credential() (in module tests.unit.confidant.routes.credentials_test)
test_create_datakey_mocked() (in module tests.unit.confidant.services.keymanager_test)
test_create_datakey_with_encryption() (in module tests.unit.confidant.services.keymanager_test)
test_credential_archive() (in module tests.unit.confidant.models.credential_test)
test_decrypt_datakey_mocked() (in module tests.unit.confidant.services.keymanager_test)
test_decrypt_datakey_with_encryption() (in module tests.unit.confidant.services.keymanager_test)
test_default_acl() (in module tests.unit.confidant.authnz.rbac_test)
test_diff() (in module tests.unit.confidant.models.credential_test)
(in module tests.unit.confidant.models.service_test)
test_diff_credential() (in module tests.unit.confidant.routes.credentials_test)
test_encrypted_key() (in module tests.conftest)
test_equals() (in module tests.unit.confidant.models.credential_test)
(in module tests.unit.confidant.models.service_test)
test_exempt_from_rotation() (in module tests.unit.confidant.models.credential_test)
test_get_ca() (in module tests.unit.confidant.routes.certificates_test)
test_get_certificate() (in module tests.unit.confidant.routes.certificates_test)
test_get_certificate_from_csr() (in module tests.unit.confidant.routes.certificates_test)
test_get_client_config() (in module tests.unit.confidant.routes.identity_test)
test_get_credential() (in module tests.unit.confidant.routes.credentials_test)
test_get_credential_list() (in module tests.unit.confidant.routes.credentials_test)
test_get_jwks() (in module tests.unit.confidant.services.jwkmanager_test)
test_get_jwks_not_found() (in module tests.unit.confidant.services.jwkmanager_test)
test_get_jwt() (in module tests.unit.confidant.services.jwkmanager_test)
test_get_jwt_caches_jwt() (in module tests.unit.confidant.services.jwkmanager_test)
test_get_jwt_raises_no_key_id() (in module tests.unit.confidant.services.jwkmanager_test)
test_get_jwt_with_ca() (in module tests.unit.confidant.services.jwkmanager_test)
test_get_key_id() (in module tests.unit.confidant.services.keymanager_test)
test_get_key_id_cached() (in module tests.unit.confidant.services.keymanager_test)
test_get_latest_blind_credential_revision() (in module tests.unit.confidant.services.credentialmanager_test)
test_get_latest_credential_revision() (in module tests.unit.confidant.services.credentialmanager_test)
test_get_latest_service_revision() (in module tests.unit.confidant.services.servicemanager_test)
test_get_logged_in_user() (in module tests.unit.confidant.authnz.authnz_test)
test_get_logged_in_user_from_session() (in module tests.unit.confidant.authnz.authnz_test)
test_get_registered() (in module tests.unit.confidant.encrypted_settings_test)
test_get_registered_default() (in module tests.unit.confidant.encrypted_settings_test)
test_get_revision_ids_for_credential() (in module tests.unit.confidant.services.credentialmanager_test)
test_get_services_list() (in module tests.unit.confidant.routes.services_test)
test_get_token_no_override() (in module tests.unit.confidant.routes.jwks_test)
test_get_token_override_user() (in module tests.unit.confidant.routes.jwks_test)
test_get_token_override_user_not_authorized() (in module tests.unit.confidant.routes.jwks_test)
test_get_user_info() (in module tests.unit.confidant.routes.identity_test)
test_get_user_info_no_user() (in module tests.unit.confidant.routes.identity_test)
test_header_auth_will_extract_from_request() (in module tests.unit.confidant.authnz.authnz_test)
test_header_auth_will_log_in() (in module tests.unit.confidant.authnz.authnz_test)
test_header_csrf() (in module tests.integration.confidant.authnz.authnz_test)
test_invalid_kms_auth_token() (in module tests.integration.confidant.authnz.authnz_test)
test_jwk_payload() (in module tests.conftest)
test_jwks() (in module tests.conftest)
test_jwt() (in module tests.conftest)
test_key_pair() (in module tests.conftest)
test_list_cas() (in module tests.unit.confidant.routes.certificates_test)
test_localcache_cache_key() (in module tests.unit.confidant.services.jwkmanager_test)
test_localcache_get_jwt() (in module tests.unit.confidant.services.jwkmanager_test)
test_localcache_init() (in module tests.unit.confidant.services.jwkmanager_test)
test_lowercase_credential_pairs() (in module tests.unit.confidant.services.credentialmanager_test)
test_next_rotation_date_last_rotation_present() (in module tests.unit.confidant.models.credential_test)
test_next_rotation_date_never_rotated() (in module tests.unit.confidant.models.credential_test)
test_next_rotation_date_no_rotation_required() (in module tests.unit.confidant.models.credential_test)
test_no_acl() (in module tests.unit.confidant.authnz.rbac_test)
test_no_auth() (in module tests.integration.confidant.authnz.authnz_test)
test_not_equals() (in module tests.unit.confidant.models.credential_test)
(in module tests.unit.confidant.models.service_test)
test_not_equals_different_tags() (in module tests.unit.confidant.models.credential_test)
test_redirect_to_logout_if_no_auth() (in module tests.unit.confidant.authnz.authnz_test)
test_rediscache_get_jwt() (in module tests.unit.confidant.services.jwkmanager_test)
test_rediscache_redis_error() (in module tests.unit.confidant.services.jwkmanager_test)
test_register() (in module tests.unit.confidant.encrypted_settings_test)
test_require_auth() (in module tests.unit.confidant.authnz.authnz_test)
test_require_csrf_token() (in module tests.unit.confidant.authnz.authnz_test)
test_require_logout_for_goodbye() (in module tests.unit.confidant.authnz.authnz_test)
test_revise_credential() (in module tests.unit.confidant.routes.credentials_test)
test_service_in_account() (in module tests.unit.confidant.authnz.authnz_test)
test_set_key() (in module tests.unit.confidant.services.jwkmanager_test)
test_set_key_encrypted() (in module tests.unit.confidant.services.jwkmanager_test)
test_update_credential() (in module tests.unit.confidant.routes.credentials_test)
test_user_is_service() (in module tests.unit.confidant.authnz.authnz_test)
test_user_is_user_type() (in module tests.unit.confidant.authnz.authnz_test)
tests
module
tests.conftest
module
tests.integration
module
tests.integration.confidant
module
tests.integration.confidant.authnz
module
tests.integration.confidant.authnz.authnz_test
module
tests.unit
module
tests.unit.confidant
module
tests.unit.confidant.authnz
module
tests.unit.confidant.authnz.authnz_test
module
tests.unit.confidant.authnz.rbac_test
module
tests.unit.confidant.encrypted_settings_test
module
tests.unit.confidant.models
module
tests.unit.confidant.models.credential_test
module
tests.unit.confidant.models.service_test
module
tests.unit.confidant.routes
module
tests.unit.confidant.routes.certificates_test
module
tests.unit.confidant.routes.credentials_test
module
tests.unit.confidant.routes.identity_test
module
tests.unit.confidant.routes.jwks_test
module
tests.unit.confidant.routes.services_test
module
tests.unit.confidant.services
module
tests.unit.confidant.services.ciphermanager_test
module
tests.unit.confidant.services.credentialmanager_test
module
tests.unit.confidant.services.jwkmanager_test
module
tests.unit.confidant.services.keymanager_test
module
tests.unit.confidant.services.servicemanager_test
module
TokenVersionError
U
update_blind_credential() (in module confidant.routes.blind_credentials)
update_credential() (in module confidant.routes.credentials)
user_is_service() (in module confidant.authnz)
user_is_user_type() (in module confidant.authnz)
UserUnknownError
utcnow() (in module confidant.utils.misc)
W
write_capacity_units (confidant.models.blind_credential.DataTypeDateIndex.Meta attribute)
(confidant.models.credential.ArchiveDataTypeDateIndex.Meta attribute)
(confidant.models.credential.DataTypeDateIndex.Meta attribute)
(confidant.models.service.DataTypeDateIndex.Meta attribute)