Allows users to set their ssh key against their google user account + sync user/group/key map in s3
Go
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
Dockerfile
LICENSE
README.md
main.go
manager_test.go
sync.go

README.md

ssh-key-manager

Docker Repository on Quay

  • allows users to set their ssh public keys in their Google GSuite account
  • does a periodic sync of all specified groups (members + ssh keys) from Google to AWS s3

server

Required environment variables:

env var example desc
SKM_CLIENT_ID xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.apps.googleusercontent.com Google oidc client id
SKM_CLIENT_SECRET xxxxxxxxxxxxxxxxxxxxxxxx Google oidc client secret
SKM_CALLBACK_URL https://app/callback Callback URI where user will be redirected after successful Google interaction
SKM_AWS_ACCESS_KEY_ID AKIAXXXXXXXXXXXXXXXX AWS access key
SKM_AWS_SECRET_ACCESS_KEY xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx AWS secret access key
SKM_AWS_BUCKET bucket-name AWS s3 bucket name
SKM_SA_KEY_LOC /etc/skm/sa-key.json Location on disk where Google service account key is (json format)
SKM_GROUPS "group@gsuite-domain.com" comma seperated list of groups that will be synced to s3

client

Use https://github.com/utilitywarehouse/ssh-key-agent on your host to populate authorized_keys