Module vault.java.driver
Package io.github.jopenlibs.vault.api.sys.mounts

Class Mounts

java.lang.Object
io.github.jopenlibs.vault.api.OperationsBase
io.github.jopenlibs.vault.api.sys.mounts.Mounts
public class Mounts extends OperationsBase

The implementing class for operations on Vault's /v1/sys/mounts/* REST endpoints.

This class is not intended to be constructed directly. Rather, it is meant to used by way of Vault in a DSL-style builder pattern. See the Javadoc comments of each public method for usage examples.

  • Constructor Details

  • Method Details

    • list

      public MountResponse list() throws VaultException

      Operation to list all the mounted secrets engines. Relies on an authentication token being present in the VaultConfig instance.

      The list of mount points information will be populated in the mounts field of the MountResponse return value in the Map<String, Mount> format. Example usage:

      
 final VaultConfig config = new VaultConfig.address(...).token(...).build();
 final Vault vault = Vault.create(config);

 final MountResponse response = vault.sys().mounts().list();
 final Map<String, Mount> mounts = response.getMounts();
      Returns:
      A container for the information returned by Vault
      Throws:
      VaultException - If any error occurs or unexpected response is received from Vault

    • enable

      public MountResponse enable(String path, MountType type, MountPayload payload) throws VaultException

      Operation to enable secrets engine at given path. Relies on an authentication token being present in the VaultConfig instance.

      This method accepts a MountConfig parameter, containing optional settings for the mount creation operation. Example usage:

      A successful operation will return a 204 HTTP status. A VaultException will be thrown if mount point already exists, or if any other problem occurs. Example usage:

      
 final VaultConfig config = new VaultConfig.address(...).token(...).build();
 final Vault vault = Vault.create(config);

 final MountPayload payload = new MountPayload()
                                       .defaultLeaseTtl(TimeToLive.of(86400, TimeUnit.SECONDS))
                                       .maxLeaseTtl(TimeToLive.of(86400, TimeUnit.SECONDS))
                                       .description("description for pki engine");

 final MountResponse response = vault.mounts().enable("pki/mount/point/path", MountType.PKI, payload);

 assertEquals(204, response.getRestResponse().getStatus();
      Parameters:
      path - The path to enable secret engine on.
      type - The type of secret engine to enable.
      payload - The MountPayload instance to use to create secret engine.
      Returns:
      A container for the information returned by Vault
      Throws:
      VaultException - If any error occurs or unexpected response is received from Vault

    • disable

      public MountResponse disable(String path) throws VaultException

      Operation to disable secrets engine mount point of given path. Relies on an authentication token being present in the VaultConfig instance.

      A successful operation will return a 204 HTTP status. A VaultException will be thrown if the mount point not exist, or if any other problem occurs. Example usage:

      
 final VaultConfig config = new VaultConfig.address(...).token(...).build();
 final Vault vault = Vault.create(config);

 final MountResponse response = vault.mounts().disable("pki/mount/point/path");

 assertEquals(204, response.getRestResponse().getStatus();
      Parameters:
      path - The path to disable secret engine on.
      Returns:
      A container for the information returned by Vault
      Throws:
      VaultException - If any error occurs or unexpected response is received from Vault

    • read

      public MountResponse read(String path) throws VaultException

      Operation to read secrets engine mount point's configuration of given path. Relies on an authentication token being present in the VaultConfig instance.

      The mount point information will be populated in the mount field of the MountResponse return value. Example usage:

      
 final VaultConfig config = new VaultConfig.address(...).token(...).build();
 final Vault vault = Vault.create(config);

 final MountResponse response = vault.mounts().read("pki/mount/point/path");
 final Mount mount = response.getMount();
 final MountConfig mountConfig = mount.getConfig();
      Parameters:
      path - The path to read secret engine's configuration from.
      Returns:
      A container for the information returned by Vault
      Throws:
      VaultException - If any error occurs or unexpected response is received from Vault

    • tune

      public MountResponse tune(String path, MountPayload payload) throws VaultException

      Operation to tune secrets engine mount point's configuration of given path. Relies on an authentication token being present in the VaultConfig instance.

      This the method accepts a MountConfig parameter, containing optional settings for the mount tune operation. Example usage:

      A successful operation will return a 204 HTTP status. A VaultException will be thrown if the mount point not exist, or if any other problem occurs. Example usage:

      
 final VaultConfig config = new VaultConfig.address(...).token(...).build();
 final Vault vault = Vault.create(config);

 final MountPayload payload = new MountPayload()
                                   .defaultLeaseTtl(TimeToLive.of(12, TimeUnit.HOURS))
                                   .maxLeaseTtl(TimeToLive.of(12, TimeUnit.HOURS))
                                   .description("description of pki");

 final MountResponse response = vault.mounts().tune("pki/mount/point/path", configs);

 assertEquals(204, response.getRestResponse().getStatus();
      Parameters:
      path - The path to tune secret engine's configuration on.
      payload - The MountPayload instance to use to tune secret engine.
      Returns:
      A container for the information returned by Vault
      Throws:
      VaultException - If any error occurs or unexpected response is received from Vault