Ir para o conteúdo

botcity.plugins.hashicorp.vault.kv.plugin.BotHashicorpKVPlugin

base_path: str property writable

Returns:

Type Description
base_path

The base path of secret.

mount_point: str property writable

Returns:

Type Description
mount_point

The "path" the secret engine was mounted on.

vault_client property readonly

Returns:

Type Description
client

hvac instance.

__init__(self, url, token, namespace, mount_point=None, base_path='', **kwargs) special

BotHashicorpKVPlugin

See documentation

Parameters:

Name Type Description Default
url str

Base URL for the Vault instance being addressed.

required
token str

Authentication token to include in requests sent to Vault.

required
namespace str

Vault Namespace.

required
mount_point str

The "path" the secret engine was mounted on.

None
base_path str

The base path of the secrets.

''

create_or_update_secret(self, secret, path='', mount_point=None, **kwargs)

Create a new version of a secret at the specified location.

See documentation

Info

This method works with KV version 1 and 2.

Parameters:

Name Type Description Default
secret str

The contents of the "secret" dict will be stored and returned on read.

required
path str

Specifies the path of the secret.

''
mount_point str

The "path" the secret engine was mounted on.

None

Returns:

Type Description
secret_info

The dict response of the request.

delete_secret_permanently(self, path='', mount_point=None)

Delete (permanently) the key metadata and all version data for the specified key.

See documentation

Warning

This method only works with KV version 2.

Parameters:

Name Type Description Default
path str

Specifies the path of the secret.

''
mount_point str

The "path" the secret engine was mounted on.

None

Returns:

Type Description
secrets

The dict response of the request.

destroy_secret_versions(self, versions, path='', mount_point=None)

Permanently remove the specified version.

See documentation

Warning

This method only works with KV version 2.

Parameters:

Name Type Description Default
versions list

The versions to be destroyed.

required
path str

Specifies the path of the secret.

''
mount_point str

The "path" the secret engine was mounted on.

None

Returns:

Type Description
secrets

The dict response of the request.

get_secret_metadata(self, path='', mount_point=None)

Retrieve the secret value at the specified location.

See documentation

Warning

This method only works with KV version 2.

Parameters:

Name Type Description Default
path str

Specifies the path of the secret.

''
mount_point str

The "path" the secret engine was mounted on.

None

Returns:

Type Description
secret_info

The dict metadata of secret.

get_secret_value(self, path='', mount_point=None, version=None)

Retrieve the secret value at the specified location.

See documentation

Info

This method works with KV version 1 and 2.

Parameters:

Name Type Description Default
path str

Specifies the path of the secret.

''
mount_point str

The "path" the secret engine was mounted on.

None
version str

Specifies the version to return. If not set the latest version is returned.

None

Returns:

Type Description
secret_value

The dict value of secret.

list_secrets(self, path='', mount_point=None)

Return a list of key names at the specified location.

See documentation

Warning

This method only works with KV version 2.

Parameters:

Name Type Description Default
path str

Specifies the path of the secret.

''
mount_point str

The "path" the secret engine was mounted on.

None

Returns:

Type Description
secrets

The list of secrets.

mark_secrets_as_delete(self, path='', mount_point=None, versions=None)

Mark as delete the specified versions of secret.

Warning

This method only works with KV version 2.

Parameters:

Name Type Description Default
path str

Specifies the path of the secret.

''
mount_point str

The "path" the secret engine was mounted on.

None
versions list

The versions to be deleted. The versioned data will not be deleted, but it will no longer be returned in normal get requests.

None

Returns:

Type Description
secrets

The dict response of the request.

undelete_secrets(self, versions, path='', mount_point=None)

This restores the data, allowing it to be returned on get requests.

See documentation

Warning

This method only works with KV version 2.

Parameters:

Name Type Description Default
versions list

The versions to be deleted. The versioned data will not be deleted, but it will no longer be returned in normal get requests.

required
path str

Specifies the path of the secret.

''
mount_point str

The "path" the secret engine was mounted on.

None

Returns:

Type Description
secrets

The dict response of the request.