Package io.quarkus.vault

Class VaultKVSecretEngine

  • @ApplicationScoped
public class VaultKVSecretEngine
extends Object
    This service provides access to the kv secret engine, taking care of authentication, and token extension or renewal, according to ttl and max-ttl.
    See Also:
    VaultRuntimeConfig

    • Method Detail

      • readSecret

        public Map<String,​String> readSecret​(String path)
        Provides the values stored in the Vault kv secret engine at a particular path. This is a shortcut to `readSecretJson(String)` when the secret value is a String, which is the common case.
        Parameters:
        path - in Vault, without the kv engine mount path
        Returns:
        list of key value pairs stored at 'path' in Vault

      • readSecretJson

        public Map<String,​Object> readSecretJson​(String path)
        Provides the values stored in the Vault kv secret engine at a particular path.
        Parameters:
        path - in Vault, without the kv engine mount path
        Returns:
        list of key value pairs stored at 'path' in Vault

      • writeSecret

        public void writeSecret​(String path,
                        Map<String,​String> secret)
        Writes the secret at the given path. If the path does not exist, the secret will be created. If not the new secret will be merged with the existing one.
        Parameters:
        path - in Vault, without the kv engine mount path
        secret - to write at path

      • deleteSecret

        public void deleteSecret​(String path)
        Deletes the secret at the given path. It has no effect if no secret is currently stored at path.
        Parameters:
        path - to delete

      • listSecrets

        public List<String> listSecrets​(String path)
        List all paths under the specified path.
        Parameters:
        path - to list
        Returns:
        list of subpaths