Module vault.java.driver
Package io.github.jopenlibs.vault.api.database

Class Database

java.lang.Object
io.github.jopenlibs.vault.api.OperationsBase
io.github.jopenlibs.vault.api.database.Database
public class Database extends OperationsBase

The implementing class for operations on Vault's database backend.

This class is not intended to be constructed directly. Rather, it is meant to used by way of Vault in a DSL-style builder pattern. See the Javadoc comments of each public method for usage examples.

  • Constructor Details

    • Database

      public Database(VaultConfig config)
      Constructor for use when the Database backend is mounted on the default path (i.e. /v1/database).
      Parameters:
      config - A container for the configuration settings needed to initialize a Vault driver instance

    • Database

      public Database(VaultConfig config, String mountPath)
      Constructor for use when the Database backend is mounted on some non-default custom path (e.g. /v1/db123).
      Parameters:
      config - A container for the configuration settings needed to initialize a Vault driver instance
      mountPath - The path on which your Vault Database backend is mounted, without the /v1/ prefix (e.g. "root-ca")

  • Method Details

    • withNameSpace

      public Database withNameSpace(String nameSpace)

    • createOrUpdateRole

      public DatabaseResponse createOrUpdateRole(String roleName, DatabaseRoleOptions options) throws VaultException

      Operation to create or update an role using the Database Secret engine. Relies on an authentication token being present in the VaultConfig instance.

      This version of the method accepts a DatabaseRoleOptions parameter, containing optional settings for the role creation operation. Example usage:

      
 final VaultConfig config = new VaultConfig.address(...).token(...).build();
 final Vault vault = Vault.create(config);

 final DatabaseRoleOptions options = new DatabaseRoleOptions()
                              .dbName("test")
                              .maxTtl("9h");
 final DatabaseResponse response = vault.database().createOrUpdateRole("testRole", options);

 assertEquals(204, response.getRestResponse().getStatus());
      Parameters:
      roleName - A name for the role to be created or updated
      options - Optional settings for the role to be created or updated (e.g. db_name, ttl, etc)
      Returns:
      A container for the information returned by Vault
      Throws:
      VaultException - If any error occurs or unexpected response is received from Vault

    • getRole

      public DatabaseResponse getRole(String roleName) throws VaultException

      Operation to retrieve an role using the Database backend. Relies on an authentication token being present in the VaultConfig instance.

      The role information will be populated in the roleOptions field of the DatabaseResponse return value. Example usage:

      
 final VaultConfig config = new VaultConfig.address(...).token(...).build();
 final Vault vault = Vault.create(config);
 final DatabaseResponse response = vault.database().getRole("testRole");

 final RoleOptions details = response.getRoleOptions();
      Parameters:
      roleName - The name of the role to retrieve
      Returns:
      A container for the information returned by Vault
      Throws:
      VaultException - If any error occurs or unexpected response is received from Vault

    • revoke

      public DatabaseResponse revoke(String serialNumber) throws VaultException

      Operation to revike a certificate in the vault using the Database backend. Relies on an authentication token being present in the VaultConfig instance.

      A successful operation will return a 204 HTTP status. A VaultException will be thrown if the role does not exist, or if any other problem occurs. Example usage:

      
 final VaultConfig config = new VaultConfig.address(...).token(...).build();
 final Vault vault = Vault.create(config);

 final DatabaseResponse response = vault.database().revoke("serialnumber");
 assertEquals(204, response.getRestResponse().getStatus();
      Parameters:
      serialNumber - The name of the role to delete
      Returns:
      A container for the information returned by Vault
      Throws:
      VaultException - If any error occurs or unexpected response is received from Vault

    • deleteRole

      public DatabaseResponse deleteRole(String roleName) throws VaultException

      Operation to delete an role using the Database backend. Relies on an authentication token being present in the VaultConfig instance.

      A successful operation will return a 204 HTTP status. A VaultException will be thrown if the role does not exist, or if any other problem occurs. Example usage:

      
 final VaultConfig config = new VaultConfig.address(...).token(...).build();
 final Vault vault = Vault.create(config);

 final DatabaseResponse response = vault.database().deleteRole("testRole");
 assertEquals(204, response.getRestResponse().getStatus();
      Parameters:
      roleName - The name of the role to delete
      Returns:
      A container for the information returned by Vault
      Throws:
      VaultException - If any error occurs or unexpected response is received from Vault

    • creds

      public DatabaseResponse creds(String roleName) throws VaultException

      Operation to generate a new set of credentials using the Database backend.

      A successful operation will return a 204 HTTP status. A VaultException will be thrown if the role does not exist, or if any other problem occurs. Credential information will be populated in the credential field of the DatabaseResponse return value. Example usage:

      
 final VaultConfig config = new VaultConfig.address(...).token(...).build();
 final Vault vault = Vault.create(config);

 final DatabaseResponse response = vault.database().creds("testRole");
 assertEquals(204, response.getRestResponse().getStatus();
      Parameters:
      roleName - The role for which to retrieve credentials
      Returns:
      A container for the information returned by Vault
      Throws:
      VaultException - If any error occurs or unexpected response is received from Vault