Module vault.java.driver

Package io.github.jopenlibs.vault

Interface Vault

All Known Implementing Classes:

VaultImpl

public interface Vault

Method Summary

Modifier and Type	Method	Description
Auth	auth()	Returns the implementing class for operations on Vault's /v1/auth/* REST endpoints
static Vault	create(VaultConfig vaultConfig)
static Vault	create(VaultConfig vaultConfig, Boolean useSecretsEnginePathMap, Integer globalFallbackVersion)	Construct a Vault driver instance with the provided config settings.
static Vault	create(VaultConfig vaultConfig, Integer engineVersion)	Construct a Vault driver instance with the provided config settings, and use the provided global KV Engine version for all secrets.
Database	database()
Database	database(String mountPath)
Debug	debug()	Returns the implementing class for Vault's debug operations (e.g. raw, health).
Map<String,String>	getSecretEngineVersions()
Leases	leases()	Deprecated. This method is deprecated and in future it will be removed
Logical	logical()	Returns the implementing class for Vault's core/logical operations (e.g. read, write).
Mounts	mounts()	Deprecated. This method is deprecated and in future it will be removed
Pki	pki()	Returns the implementing class for Vault's PKI secret backend (i.e.
Pki	pki(String mountPath)	Returns the implementing class for Vault's PKI secret backend, using a custom path when that backend is mounted on something other than the default (i.e.
Seal	seal()	Deprecated. This method is deprecated and in future it will be removed
Sys	sys()	Returns the implementing class for operations on Vault's /v1/sys/* REST endpoints
Vault	withRetries(int maxRetries, int retryIntervalMilliseconds)	This method is chained ahead of endpoints (e.g.

Method Details

create

static Vault create(VaultConfig vaultConfig)

create

static Vault create(VaultConfig vaultConfig,
 Integer engineVersion)

Construct a Vault driver instance with the provided config settings, and use the provided global KV Engine version for all secrets.

Parameters:

vaultConfig - Configuration settings for Vault interaction (e.g. server address, token, etc)

engineVersion - Which version of the Key/Value Secret Engine to use globally (i.e. 1 or 2)

create

static Vault create(VaultConfig vaultConfig,
 Boolean useSecretsEnginePathMap,
 Integer globalFallbackVersion)
             throws VaultException

Construct a Vault driver instance with the provided config settings.

Parameters:

vaultConfig - Configuration settings for Vault interaction (e.g. server address, token, etc) If the Secrets engine version path map is not provided, or does not contain the requested secret, fall back to the global version supplied.

useSecretsEnginePathMap - Whether to use a provided KV Engine version map from the Vault config, or generate one. If a secrets KV Engine version map is not supplied, use Vault APIs to determine the KV Engine version for each secret. This call requires admin rights.

globalFallbackVersion - The Integer version of the KV Engine to use as a global fallback.

Throws:

VaultException - If any error occurs

withRetries

Vault withRetries(int maxRetries,
 int retryIntervalMilliseconds)

This method is chained ahead of endpoints (e.g. logical(), auth(), etc... to specify retry rules for any API operations invoked on that endpoint.

Parameters:

maxRetries - The number of times that API operations will be retried when a failure occurs

retryIntervalMilliseconds - The number of milliseconds that the driver will wait in between retries

Returns:

This object, with maxRetries and retryIntervalMilliseconds populated

logical

Logical logical()

Returns the implementing class for Vault's core/logical operations (e.g. read, write).

Returns:

The implementing class for Vault's core/logical operations (e.g. read, write)

auth

Auth auth()

Returns the implementing class for operations on Vault's /v1/auth/* REST endpoints

Returns:

The implementing class for Vault's auth operations.

sys

Sys sys()

Returns the implementing class for operations on Vault's /v1/sys/* REST endpoints

Returns:

The implementing class for Vault's auth operations.

pki

Pki pki()

Returns the implementing class for Vault's PKI secret backend (i.e. /v1/pki/* REST endpoints).

Returns:

The implementing class for Vault's PKI secret backend.

pki

Pki pki(String mountPath)

Returns the implementing class for Vault's PKI secret backend, using a custom path when that backend is mounted on something other than the default (i.e. /v1/pki).

For instance, if your PKI backend is instead mounted on /v1/root-ca, then "root-ca" would be passed via the mountPath parameter. Example usage:

 final VaultConfig config = new VaultConfig().address(...).token(...).build();
 final Vault vault = Vault.create(config);
 final PkiResponse response = vault.pki("root-ca").createOrUpdateRole("testRole");

 assertEquals(204, response.getRestResponse().getStatus());
 

Parameters:

mountPath - The path on which your Vault PKI backend is mounted, without the /v1/ prefix

Returns:

The implementing class for Vault's PKI secret backend.

database

Database database()

database

Database database(String mountPath)

leases

Leases leases()

Deprecated.

This method is deprecated and in future it will be removed

See Also:

• Sys.leases()

debug

Debug debug()

Returns the implementing class for Vault's debug operations (e.g. raw, health).

Returns:

The implementing class for Vault's debug operations (e.g. raw, health)

mounts

Mounts mounts()

Deprecated.

This method is deprecated and in future it will be removed

See Also:

• Sys.mounts()

seal

Seal seal()

Deprecated.

This method is deprecated and in future it will be removed

See Also:

• Sys.seal()

getSecretEngineVersions

Map<String,String> getSecretEngineVersions()