vault-tool-0.0.0.3: Client library for HashiCorp's Vault tool (via HTTP API)

Safe HaskellNone
LanguageHaskell2010

Network.VaultTool

Description

Unless otherwise specified, all IO functions in this module may potentially throw HttpException or VaultException

Synopsis

Documentation

connectToVault :: VaultAddress -> VaultAuthToken -> IO VaultConnection Source #

Just initializes the VaultConnection objects, does not actually make any contact with the vault server. (That is also the explanation why there is no function to disconnect)

vaultInit Source #

Arguments

:: VaultAddress 
-> Int

secret_shares: The number of shares to split the master key into

-> Int

secret_threshold: The number of shares required to reconstruct the master key. This must be less than or equal to secret_shares

-> IO ([VaultUnsealKey], VaultAuthToken)

master keys and initial root token

data VaultMountConfig a Source #

Instances

FromJSON VaultMountConfigRead Source # 
FromJSON VaultMountRead Source # 
ToJSON VaultMountConfigWrite Source # 
ToJSON VaultMountWrite Source # 
Eq a => Eq (VaultMountConfig a) Source # 
Ord a => Ord (VaultMountConfig a) Source # 
Show a => Show (VaultMountConfig a) Source # 

vaultMounts :: VaultConnection -> IO [(Text, VaultMountRead)] Source #

https://www.vaultproject.io/docs/http/sys-mounts.html

For your convenience, the results are returned sorted (by the mount point)

vaultWrite :: ToJSON a => VaultConnection -> VaultSecretPath -> a -> IO () Source #

https://www.vaultproject.io/docs/secrets/generic/index.html

The value that you give must encode as a JSON object

vaultRead Source #

Arguments

:: FromJSON a 
=> VaultConnection 
-> VaultSecretPath 
-> IO (VaultSecretMetadata, Either (Value, String) a)

A Left result means that the secret's "data" could not be parsed into the data structure that you requested.

You will get the "data" as a raw Value as well as the error message from the parse failure

vaultList :: VaultConnection -> VaultSecretPath -> IO [VaultSecretPath] Source #

https://www.vaultproject.io/docs/secrets/generic/index.html

This will normalise the results to be full secret paths.

Will return only secrets that in the are located in the folder hierarchy directly below the given folder.

Use isFolder to check if whether each result is a secret or a subfolder.

The order of the results is unspecified.

To recursively retrieve all of the secrets use vaultListRecursive

isFolder :: VaultSecretPath -> Bool Source #

Does the path end with a / character?

Meant to be used on the results of vaultList

vaultListRecursive :: VaultConnection -> VaultSecretPath -> IO [VaultSecretPath] Source #

Recursively calls vaultList to retrieve all of the secrets in a folder (including all subfolders and sub-subfolders, etc...)

There will be no folders in the result.

The order of the results is unspecified.