Package io.quarkus.vault

Class VaultSystemBackendEngine

java.lang.Object

io.quarkus.vault.VaultSystemBackendEngine

@ApplicationScoped
public class VaultSystemBackendEngine
extends Object

This service provides access to the system backend.

See Also:

VaultRuntimeConfig

Constructor Summary

Constructors

Constructor	Description
VaultSystemBackendEngine(VaultSystemBackendReactiveEngine engine)

Method Summary

Modifier and Type	Method	Description
void	createUpdatePolicy(String name, String rules)	Create or update a policy.
void	deletePolicy(String name)	Delete a policy by its name.
void	disable(String mount)	Disables the engine at a specific mount.
void	enable(VaultSecretEngine engine, String mount, String description, EnableEngineOptions options)	Enables a secret engine at a specific mount.
void	enable(String engineType, String mount, String description, EnableEngineOptions options)	Enables a secret engine at a specific mount.
List<String>	getPolicies()	List existing policies.
String	getPolicyRules(String name)	Get the rules for the named policy.
VaultSecretEngineInfo	getSecretEngineInfo(String mount)	Get the info for a secret engine, including its type.
VaultTuneInfo	getTuneInfo(String mount)	Get the tune info for a secret engine at a specific mount.
VaultHealth	health()	Check the health status of Vault.
VaultHealthStatus	healthStatus()	Check and return the health status of Vault.
VaultInit	init(int secretShares, int secretThreshold)	Initializes a new Vault.
boolean	isEngineMounted(String mount)	Check if an engine is mounted at a specific mount.
VaultSealStatus	sealStatus()	Check the seal status of a Vault.
void	updateTuneInfo(String mount, VaultTuneInfo tuneInfo)	Update the tune info for a secret engine at a specific mount.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

VaultSystemBackendEngine

@Inject
public VaultSystemBackendEngine(VaultSystemBackendReactiveEngine engine)

Method Detail

init

public VaultInit init(int secretShares,
                      int secretThreshold)

Initializes a new Vault.

Parameters:

secretShares - specifies the number of shares to split the master key into.

secretThreshold - specifies the number of shares required to reconstruct the master key.

Returns:

Vault Init.

health

public VaultHealth health()

Check the health status of Vault. Returns Vault health status code only by using HTTP HEAD requests. It is faster than calling healthStatus() method which uses HTTP GET to return a complete VaultHealthStatus state.

Returns:

Vault Health Status.

healthStatus

public VaultHealthStatus healthStatus()

Check and return the health status of Vault. Returns a complete VaultHealthStatus state. This method uses HTTP GET to return a complete state.

Returns:

Complete Vault Health Status.

sealStatus

public VaultSealStatus sealStatus()

Check the seal status of a Vault.

Returns:

Vault Seal Status.

getPolicyRules

public String getPolicyRules(String name)

Get the rules for the named policy.

Parameters:

name - of the policy

Returns:

rules of named policy

createUpdatePolicy

public void createUpdatePolicy(String name,
                               String rules)

Create or update a policy.

Parameters:

name - policy name

rules - policy content

deletePolicy

public void deletePolicy(String name)

Delete a policy by its name.

Parameters:

name - policy name

getPolicies

public List<String> getPolicies()

List existing policies.

Returns:

a list of all policy names

getTuneInfo

public VaultTuneInfo getTuneInfo(String mount)

Get the tune info for a secret engine at a specific mount.

Parameters:

mount - Name of the mount

Returns:

current tune info

getSecretEngineInfo

public VaultSecretEngineInfo getSecretEngineInfo(String mount)

Get the info for a secret engine, including its type.

Parameters:

mount - Name of the secret engine

Returns:

current secret engine info

Since:

Vault 1.10.0

updateTuneInfo

public void updateTuneInfo(String mount,
                           VaultTuneInfo tuneInfo)

Update the tune info for a secret engine at a specific mount.

Parameters:

mount - Name of the mount

tuneInfo - Tune info with fields to update

isEngineMounted

public boolean isEngineMounted(String mount)

Check if an engine is mounted at a specific mount.

Parameters:

mount - Name of the mount

Returns:

True if an engine is mounted, false otherwise

enable

public void enable(VaultSecretEngine engine,
                   String mount,
                   String description,
                   EnableEngineOptions options)

Enables a secret engine at a specific mount.

Parameters:

engine - Type of engine to mount.

mount - Engine mount path.

description - Human friendly description of mount point.

options - Engine options.

enable

public void enable(String engineType,
                   String mount,
                   String description,
                   EnableEngineOptions options)

Enables a secret engine at a specific mount.

Parameters:

engineType - Type of engine to mount.

mount - Engine mount path.

description - Human friendly description of mount point.

options - Engine options.

disable

public void disable(String mount)

Disables the engine at a specific mount.

Parameters:

mount - Engine mount path.