• Home
• com.bettercloud
• vault-java-driver
• 2.0.0
• source code
• Vault.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

com.bettercloud.vault.Vault Maven / Gradle / Ivy

package com.bettercloud.vault;

import com.bettercloud.vault.api.Auth;
import com.bettercloud.vault.api.Debug;
import com.bettercloud.vault.api.Leases;
import com.bettercloud.vault.api.Logical;
import com.bettercloud.vault.api.pki.Pki;

/**
 * 
The Vault driver class, the primary interface through which dependent applications will access Vault.
 *
 * 
This driver exposes a DSL, compartmentalizing the various endpoints of the HTTP API (e.g. "/", "sys/init",
 * "sys/seal") into separate implementation classes (e.g. Logical, Init, etc).
 *
 * 
Example usage:
 *
 * 

 * 
{@code
 * final VaultConfig config = new VaultConfig("http://127.0.0.1:8200", "eace6676-4d78-c687-4e54-03cad00e3abf");
 * final Vault vault = new Vault(config);
 *
 * ...
 *
 * final Map secrets = new HashMap();
 * secrets.put("value", "world");
 * secrets.put("other_value", "You can store multiple name/value pairs under a given key");
 *
 * final LogicalResponse writeResponse = vault
 *                                         .withRetries(5, 1000)  // optional
 *                                         .logical()
 *                                         .write("secret/hello", secrets);
 *
 * ...
 *
 * final String value = vault.logical()
 *                        .read("secret/hello")
 *                        .getData().get("value");
 * }
 * 
 */
public class Vault {

    private final VaultConfig vaultConfig;

    /**
     * Construct a Vault driver instance with the provided config settings.
     *
     * @param vaultConfig Configuration settings for Vault interaction (e.g. server address, token, etc)
     */
    public Vault(final VaultConfig vaultConfig) {
        this.vaultConfig = vaultConfig;
    }

    /**
     * This method is chained ahead of endpoints (e.g. logical(), auth(),
     * etc... to specify retry rules for any API operations invoked on that endpoint.
     *
     * @param maxRetries The number of times that API operations will be retried when a failure occurs
     * @param retryIntervalMilliseconds The number of milliseconds that the driver will wait in between retries
     * @return This object, with maxRetries and retryIntervalMilliseconds populated
     */
    public Vault withRetries(final int maxRetries, final int retryIntervalMilliseconds) {
        this.vaultConfig.setMaxRetries(maxRetries);
        this.vaultConfig.setRetryIntervalMilliseconds(retryIntervalMilliseconds);
        return this;
    }

    /**
     * Returns the implementing class for Vault's core/logical operations (e.g. read, write).
     *
     * @return The implementing class for Vault's core/logical operations (e.g. read, write)
     */
    public Logical logical() {
        return new Logical(vaultConfig);
    }

    /**
     * Returns the implementing class for operations on Vault's /v1/auth/* REST endpoints
     *
     * @return The implementing class for Vault's auth operations.
     */
    public Auth auth() {
        return new Auth(vaultConfig);
    }

    /**
     * Returns the implementing class for Vault's PKI secret backend (i.e. /v1/pki/* REST endpoints).
     *
     * @return The implementing class for Vault's PKI secret backend.
     */
    public Pki pki() {
        return new Pki(vaultConfig);
    }

    /**
     * 
Returns the implementing class for Vault's PKI secret backend, using a custom path when that backend is
     * mounted on something other than the default (i.e. /v1/pki).
     *
     * 
For instance, if your PKI backend is instead mounted on /v1/root-ca, then "root-ca"
     * would be passed via the mountPath parameter.  Example usage:
     *
     * 

     * 
{@code
     * final VaultConfig config = new VaultConfig(address, token);
     * final Vault vault = new Vault(config);
     * final PkiResponse response = vault.pki("root-ca").createOrUpdateRole("testRole");
     *
     * assertEquals(204, response.getRestResponse().getStatus());
     * }
     * 
     *
     * @param mountPath The path on which your Vault PKI backend is mounted, without the /v1/ prefix
     * @return The implementing class for Vault's PKI secret backend.
     */
    public Pki pki(final String mountPath) {
        return new Pki(vaultConfig, mountPath);
    }

    /**
     * Returns the implementing class for Vault's lease operations (e.g. revoke, revoke-prefix).
     *
     * @return The implementing class for Vault's lease operations (e.g. revoke, revoke-prefix).
     */
    public Leases leases() {
        return new Leases(vaultConfig);
    }

    /**
     * Returns the implementing class for Vault's debug operations (e.g. raw, health).
     *
     * @return The implementing class for Vault's debug operations (e.g. raw, health)
     */
    public Debug debug() {
        return new Debug(vaultConfig);
    }
}