public class Logical
extends java.lang.Object
The implementing class for Vault's core/logical operations (e.g. read, write).
This class is not intended to be constructed directly. Rather, it is meant to used by way of Vault
in a DSL-style builder pattern. See the Javadoc comments of each public
method for usage examples.
Constructor and Description |
---|
Logical(VaultConfig config) |
Modifier and Type | Method and Description |
---|---|
LogicalResponse |
delete(java.lang.String path)
Deletes the key/value pair located at the provided path.
|
java.util.List<java.lang.String> |
list(java.lang.String path)
Retrieve a list of keys corresponding to key/value pairs at a given Vault path.
|
LogicalResponse |
read(java.lang.String path)
Basic read operation to retrieve a secret.
|
LogicalResponse |
write(java.lang.String path,
java.util.Map<java.lang.String,java.lang.String> nameValuePairs)
Basic operation to store secrets.
|
public Logical(VaultConfig config)
public LogicalResponse read(java.lang.String path) throws VaultException
Basic read operation to retrieve a secret. A single secret key can map to multiple name-value pairs, which can be retrieved from the response object. E.g.:
final LogicalResponse response = vault.logical().read("secret/hello"); final String value = response.getData().get("value"); final String otherValue = response.getData().get("other_value");
path
- The Vault key value from which to read (e.g. secret/hello
)VaultException
- If any errors occurs with the REST request (e.g. non-200 status code, invalid JSON payload, etc), and the maximum number of retries is exceeded.public LogicalResponse write(java.lang.String path, java.util.Map<java.lang.String,java.lang.String> nameValuePairs) throws VaultException
Basic operation to store secrets. Multiple name value pairs can be stored under the same secret key. E.g.:
final Map<String, String> nameValuePairs = new HashMap<String, String>(); nameValuePairs.put("value", "foo"); nameValuePairs.put("other_value", "bar"); final LogicalResponse response = vault.logical().write("secret/hello", nameValuePairs);
path
- The Vault key value to which to write (e.g. secret/hello
)nameValuePairs
- Secret name and value pairs to store under this Vault key (can be null
for writing to keys that do not need or expect any fields to be specified)VaultException
- If any errors occurs with the REST request, and the maximum number of retries is exceeded.public java.util.List<java.lang.String> list(java.lang.String path) throws VaultException
Retrieve a list of keys corresponding to key/value pairs at a given Vault path.
Key values ending with a trailing-slash characters are sub-paths. Running a subsequent list()
call, using the original path appended with this key, will retrieve all secret keys stored at that sub-path.
This method returns only the secret keys, not values. To retrieve the actual stored value for a key,
use read()
with the key appended onto the original base path.
path
- The Vault key value at which to look for secrets (e.g. secret
)VaultException
- If any errors occur, or unexpected response received from Vaultpublic LogicalResponse delete(java.lang.String path) throws VaultException
Deletes the key/value pair located at the provided path.
If the path represents a sub-path, then all of its contents must be deleted prior to deleting the empty sub-path itself.
path
- The Vault key value to delete (e.g. secret/hello
).VaultException
- If any error occurs, or unexpected response received from Vault