public class Vault
extends java.lang.Object
The Vault driver class, the primary interface through which dependent applications will access Vault.
This driver exposes a DSL, compartmentalizing the various endpoints of the HTTP API (e.g. "/", "sys/init",
"sys/seal") into separate implementation classes (e.g. Logical
, Init
, etc).
Example usage:
final VaultConfig config = new VaultConfig("http://127.0.0.1:8200", "eace6676-4d78-c687-4e54-03cad00e3abf"); final Vault vault = new Vault(config); ... final Map<String, String> secrets = new HashMap<String, String>(); secrets.put("value", "world"); secrets.put("other_value", "You can store multiple name/value pairs under a given key"); final LogicalResponse writeResponse = vault .withRetries(5, 1000) // optional .logical() .write("secret/hello", secrets); ... final String value = vault.logical() .read("secret/hello") .getData().get("value");
Constructor and Description |
---|
Vault(VaultConfig vaultConfig)
Construct a Vault driver instance with the provided config settings.
|
Modifier and Type | Method and Description |
---|---|
Auth |
auth()
Returns the implementing class for operations on Vault's
/v1/auth/* REST endpoints |
Debug |
debug()
Returns the implementing class for Vault's debug operations (e.g.
|
Leases |
leases()
Returns the implementing class for Vault's lease operations (e.g.
|
Logical |
logical()
Returns the implementing class for Vault's core/logical operations (e.g.
|
Pki |
pki()
Returns the implementing class for Vault's PKI secret backend (i.e.
|
Pki |
pki(java.lang.String mountPath)
Returns the implementing class for Vault's PKI secret backend, using a custom path when that backend is
mounted on something other than the default (i.e.
|
Vault |
withRetries(int maxRetries,
int retryIntervalMilliseconds)
This method is chained ahead of endpoints (e.g.
|
public Vault(VaultConfig vaultConfig)
vaultConfig
- Configuration settings for Vault interaction (e.g. server address, token, etc)public Vault withRetries(int maxRetries, int retryIntervalMilliseconds)
logical()
, auth()
,
etc... to specify retry rules for any API operations invoked on that endpoint.maxRetries
- The number of times that API operations will be retried when a failure occursretryIntervalMilliseconds
- The number of milliseconds that the driver will wait in between retriespublic Logical logical()
public Auth auth()
/v1/auth/*
REST endpointspublic Pki pki()
/v1/pki/*
REST endpoints).public Pki pki(java.lang.String mountPath)
Returns the implementing class for Vault's PKI secret backend, using a custom path when that backend is
mounted on something other than the default (i.e. /v1/pki
).
For instance, if your PKI backend is instead mounted on /v1/root-ca
, then "root-ca"
would be passed via the mountPath
parameter. Example usage:
final VaultConfig config = new VaultConfig(address, token); final Vault vault = new Vault(config); final PkiResponse response = vault.pki("root-ca").createOrUpdateRole("testRole"); assertEquals(204, response.getRestResponse().getStatus());
mountPath
- The path on which your Vault PKI backend is mounted, without the /v1/
prefixpublic Leases leases()
public Debug debug()