¶
botcity.plugins.hashicorp.vault.kv.plugin.BotHashicorpKVPlugin
¶
base_path: str
property
writable
¶
Returns:
| Type | Description |
|---|---|
base_path |
The base path of secret. |
mount_point: str
property
writable
¶
Returns:
| Type | Description |
|---|---|
mount_point |
The "path" the secret engine was mounted on. |
vault_client
property
readonly
¶
Returns:
| Type | Description |
|---|---|
client |
hvac instance. |
__init__(self, url, token, namespace, mount_point=None, base_path='', **kwargs)
special
¶
BotHashicorpKVPlugin
Parameters:
| Name | Type | Description | Default |
|---|---|---|---|
url |
str |
Base URL for the Vault instance being addressed. |
required |
token |
str |
Authentication token to include in requests sent to Vault. |
required |
namespace |
str |
Vault Namespace. |
required |
mount_point |
str |
The "path" the secret engine was mounted on. |
None |
base_path |
str |
The base path of the secrets. |
'' |
create_or_update_secret(self, secret, path='', mount_point=None, **kwargs)
¶
Create a new version of a secret at the specified location.
Info
This method works with KV version 1 and 2.
Parameters:
| Name | Type | Description | Default |
|---|---|---|---|
secret |
str |
The contents of the "secret" dict will be stored and returned on read. |
required |
path |
str |
Specifies the path of the secret. |
'' |
mount_point |
str |
The "path" the secret engine was mounted on. |
None |
Returns:
| Type | Description |
|---|---|
secret_info |
The dict response of the request. |
delete_secret_permanently(self, path='', mount_point=None)
¶
Delete (permanently) the key metadata and all version data for the specified key.
Warning
This method only works with KV version 2.
Parameters:
| Name | Type | Description | Default |
|---|---|---|---|
path |
str |
Specifies the path of the secret. |
'' |
mount_point |
str |
The "path" the secret engine was mounted on. |
None |
Returns:
| Type | Description |
|---|---|
secrets |
The dict response of the request. |
destroy_secret_versions(self, versions, path='', mount_point=None)
¶
Permanently remove the specified version.
Warning
This method only works with KV version 2.
Parameters:
| Name | Type | Description | Default |
|---|---|---|---|
versions |
list |
The versions to be destroyed. |
required |
path |
str |
Specifies the path of the secret. |
'' |
mount_point |
str |
The "path" the secret engine was mounted on. |
None |
Returns:
| Type | Description |
|---|---|
secrets |
The dict response of the request. |
get_secret_metadata(self, path='', mount_point=None)
¶
Retrieve the secret value at the specified location.
Warning
This method only works with KV version 2.
Parameters:
| Name | Type | Description | Default |
|---|---|---|---|
path |
str |
Specifies the path of the secret. |
'' |
mount_point |
str |
The "path" the secret engine was mounted on. |
None |
Returns:
| Type | Description |
|---|---|
secret_info |
The dict metadata of secret. |
get_secret_value(self, path='', mount_point=None, version=None)
¶
Retrieve the secret value at the specified location.
Info
This method works with KV version 1 and 2.
Parameters:
| Name | Type | Description | Default |
|---|---|---|---|
path |
str |
Specifies the path of the secret. |
'' |
mount_point |
str |
The "path" the secret engine was mounted on. |
None |
version |
str |
Specifies the version to return. If not set the latest version is returned. |
None |
Returns:
| Type | Description |
|---|---|
secret_value |
The dict value of secret. |
list_secrets(self, path='', mount_point=None)
¶
Return a list of key names at the specified location.
Warning
This method only works with KV version 2.
Parameters:
| Name | Type | Description | Default |
|---|---|---|---|
path |
str |
Specifies the path of the secret. |
'' |
mount_point |
str |
The "path" the secret engine was mounted on. |
None |
Returns:
| Type | Description |
|---|---|
secrets |
The list of secrets. |
mark_secrets_as_delete(self, path='', mount_point=None, versions=None)
¶
Mark as delete the specified versions of secret.
Warning
This method only works with KV version 2.
Parameters:
| Name | Type | Description | Default |
|---|---|---|---|
path |
str |
Specifies the path of the secret. |
'' |
mount_point |
str |
The "path" the secret engine was mounted on. |
None |
versions |
list |
The versions to be deleted. The versioned data will not be deleted, but it will no longer be returned in normal get requests. |
None |
Returns:
| Type | Description |
|---|---|
secrets |
The dict response of the request. |
undelete_secrets(self, versions, path='', mount_point=None)
¶
This restores the data, allowing it to be returned on get requests.
Warning
This method only works with KV version 2.
Parameters:
| Name | Type | Description | Default |
|---|---|---|---|
versions |
list |
The versions to be deleted. The versioned data will not be deleted, but it will no longer be returned in normal get requests. |
required |
path |
str |
Specifies the path of the secret. |
'' |
mount_point |
str |
The "path" the secret engine was mounted on. |
None |
Returns:
| Type | Description |
|---|---|
secrets |
The dict response of the request. |