Safe Haskell	None
Language	Haskell2010

Network.VaultTool

Description

Unless otherwise specified, all IO functions in this module may potentially throw HttpException or VaultException

Synopsis

Documentation

newtype VaultAddress Source #

Constructors

VaultAddress
Fields unVaultAddress :: Text

Instances

Eq VaultAddress Source #
Methods (==) :: VaultAddress -> VaultAddress -> Bool # (/=) :: VaultAddress -> VaultAddress -> Bool #
Ord VaultAddress Source #
Methods compare :: VaultAddress -> VaultAddress -> Ordering # (<) :: VaultAddress -> VaultAddress -> Bool # (<=) :: VaultAddress -> VaultAddress -> Bool # (>) :: VaultAddress -> VaultAddress -> Bool # (>=) :: VaultAddress -> VaultAddress -> Bool # max :: VaultAddress -> VaultAddress -> VaultAddress # min :: VaultAddress -> VaultAddress -> VaultAddress #
Show VaultAddress Source #
Methods showsPrec :: Int -> VaultAddress -> ShowS # show :: VaultAddress -> String # showList :: [VaultAddress] -> ShowS #

newtype VaultUnsealKey Source #

Constructors

VaultUnsealKey
Fields unVaultUnsealKey :: Text

Instances

Eq VaultUnsealKey Source #
Methods (==) :: VaultUnsealKey -> VaultUnsealKey -> Bool # (/=) :: VaultUnsealKey -> VaultUnsealKey -> Bool #
Ord VaultUnsealKey Source #
Methods compare :: VaultUnsealKey -> VaultUnsealKey -> Ordering # (<) :: VaultUnsealKey -> VaultUnsealKey -> Bool # (<=) :: VaultUnsealKey -> VaultUnsealKey -> Bool # (>) :: VaultUnsealKey -> VaultUnsealKey -> Bool # (>=) :: VaultUnsealKey -> VaultUnsealKey -> Bool # max :: VaultUnsealKey -> VaultUnsealKey -> VaultUnsealKey # min :: VaultUnsealKey -> VaultUnsealKey -> VaultUnsealKey #
Show VaultUnsealKey Source #
Methods showsPrec :: Int -> VaultUnsealKey -> ShowS # show :: VaultUnsealKey -> String # showList :: [VaultUnsealKey] -> ShowS #

newtype VaultAuthToken Source #

Constructors

VaultAuthToken
Fields unVaultAuthToken :: ByteString

Instances

Eq VaultAuthToken Source #
Methods (==) :: VaultAuthToken -> VaultAuthToken -> Bool # (/=) :: VaultAuthToken -> VaultAuthToken -> Bool #
Ord VaultAuthToken Source #
Methods compare :: VaultAuthToken -> VaultAuthToken -> Ordering # (<) :: VaultAuthToken -> VaultAuthToken -> Bool # (<=) :: VaultAuthToken -> VaultAuthToken -> Bool # (>) :: VaultAuthToken -> VaultAuthToken -> Bool # (>=) :: VaultAuthToken -> VaultAuthToken -> Bool # max :: VaultAuthToken -> VaultAuthToken -> VaultAuthToken # min :: VaultAuthToken -> VaultAuthToken -> VaultAuthToken #
Show VaultAuthToken Source #
Methods showsPrec :: Int -> VaultAuthToken -> ShowS # show :: VaultAuthToken -> String # showList :: [VaultAuthToken] -> ShowS #
FromJSON VaultAuthToken Source #
Methods parseJSON :: Value -> Parser VaultAuthToken # parseJSONList :: Value -> Parser [VaultAuthToken] #

newtype VaultAppRoleId Source #

Constructors

VaultAppRoleId
Fields unVaultAppRoleId :: Text

Instances

Eq VaultAppRoleId Source #
Methods (==) :: VaultAppRoleId -> VaultAppRoleId -> Bool # (/=) :: VaultAppRoleId -> VaultAppRoleId -> Bool #
Ord VaultAppRoleId Source #
Methods compare :: VaultAppRoleId -> VaultAppRoleId -> Ordering # (<) :: VaultAppRoleId -> VaultAppRoleId -> Bool # (<=) :: VaultAppRoleId -> VaultAppRoleId -> Bool # (>) :: VaultAppRoleId -> VaultAppRoleId -> Bool # (>=) :: VaultAppRoleId -> VaultAppRoleId -> Bool # max :: VaultAppRoleId -> VaultAppRoleId -> VaultAppRoleId # min :: VaultAppRoleId -> VaultAppRoleId -> VaultAppRoleId #
Show VaultAppRoleId Source #
Methods showsPrec :: Int -> VaultAppRoleId -> ShowS # show :: VaultAppRoleId -> String # showList :: [VaultAppRoleId] -> ShowS #
ToJSON VaultAppRoleId Source #
Methods toJSON :: VaultAppRoleId -> Value # toEncoding :: VaultAppRoleId -> Encoding # toJSONList :: [VaultAppRoleId] -> Value # toEncodingList :: [VaultAppRoleId] -> Encoding #
FromJSON VaultAppRoleId Source #
Methods parseJSON :: Value -> Parser VaultAppRoleId # parseJSONList :: Value -> Parser [VaultAppRoleId] #

newtype VaultAppRoleSecretId Source #

Constructors

VaultAppRoleSecretId
Fields unVaultAppRoleSecretId :: Text

Instances

Eq VaultAppRoleSecretId Source #
Methods (==) :: VaultAppRoleSecretId -> VaultAppRoleSecretId -> Bool # (/=) :: VaultAppRoleSecretId -> VaultAppRoleSecretId -> Bool #
Ord VaultAppRoleSecretId Source #
Methods compare :: VaultAppRoleSecretId -> VaultAppRoleSecretId -> Ordering # (<) :: VaultAppRoleSecretId -> VaultAppRoleSecretId -> Bool # (<=) :: VaultAppRoleSecretId -> VaultAppRoleSecretId -> Bool # (>) :: VaultAppRoleSecretId -> VaultAppRoleSecretId -> Bool # (>=) :: VaultAppRoleSecretId -> VaultAppRoleSecretId -> Bool # max :: VaultAppRoleSecretId -> VaultAppRoleSecretId -> VaultAppRoleSecretId # min :: VaultAppRoleSecretId -> VaultAppRoleSecretId -> VaultAppRoleSecretId #
Show VaultAppRoleSecretId Source #
Methods showsPrec :: Int -> VaultAppRoleSecretId -> ShowS # show :: VaultAppRoleSecretId -> String # showList :: [VaultAppRoleSecretId] -> ShowS #
ToJSON VaultAppRoleSecretId Source #
Methods toJSON :: VaultAppRoleSecretId -> Value # toEncoding :: VaultAppRoleSecretId -> Encoding # toJSONList :: [VaultAppRoleSecretId] -> Value # toEncodingList :: [VaultAppRoleSecretId] -> Encoding #
FromJSON VaultAppRoleSecretId Source #
Methods parseJSON :: Value -> Parser VaultAppRoleSecretId # parseJSONList :: Value -> Parser [VaultAppRoleSecretId] #

data VaultException Source #

Constructors

VaultException
VaultException_InvalidAddress ByteString String
VaultException_BadStatusCode ByteString String ByteString Int ByteString
VaultException_ParseBodyError ByteString String ByteString String

Instances

Eq VaultException Source #
Methods (==) :: VaultException -> VaultException -> Bool # (/=) :: VaultException -> VaultException -> Bool #
Show VaultException Source #
Methods showsPrec :: Int -> VaultException -> ShowS # show :: VaultException -> String # showList :: [VaultException] -> ShowS #
Exception VaultException Source #
Methods toException :: VaultException -> SomeException # fromException :: SomeException -> Maybe VaultException # displayException :: VaultException -> String #

data VaultHealth Source #

https://www.vaultproject.io/docs/http/sys-health.html

See vaultHealth

Constructors

VaultHealth
Fields _VaultHealth_Version :: Text _VaultHealth_ServerTimeUtc :: Int _VaultHealth_Initialized :: Bool _VaultHealth_Sealed :: Bool _VaultHealth_Standby :: Bool

Instances

Eq VaultHealth Source #
Methods (==) :: VaultHealth -> VaultHealth -> Bool # (/=) :: VaultHealth -> VaultHealth -> Bool #
Ord VaultHealth Source #
Methods compare :: VaultHealth -> VaultHealth -> Ordering # (<) :: VaultHealth -> VaultHealth -> Bool # (<=) :: VaultHealth -> VaultHealth -> Bool # (>) :: VaultHealth -> VaultHealth -> Bool # (>=) :: VaultHealth -> VaultHealth -> Bool # max :: VaultHealth -> VaultHealth -> VaultHealth # min :: VaultHealth -> VaultHealth -> VaultHealth #
Show VaultHealth Source #
Methods showsPrec :: Int -> VaultHealth -> ShowS # show :: VaultHealth -> String # showList :: [VaultHealth] -> ShowS #
FromJSON VaultHealth Source #
Methods parseJSON :: Value -> Parser VaultHealth # parseJSONList :: Value -> Parser [VaultHealth] #

vaultHealth :: VaultAddress -> IO VaultHealth Source #

https://www.vaultproject.io/docs/http/sys-health.html

data VaultConnection Source #

connectToVault :: VaultAddress -> VaultAuthToken -> IO VaultConnection Source #

Just initializes the VaultConnection objects, does not actually make any contact with the vault server. (That is also the explanation why there is no function to disconnect)

connectToVaultAppRole :: VaultAddress -> VaultAppRoleId -> VaultAppRoleSecretId -> IO VaultConnection Source #

Initializes the VaultConnection objects using approle credentials to retrieve an authtoken, and then calls connectToVault

vaultAuthEnable :: VaultConnection -> Text -> IO () Source #

https://www.vaultproject.io/docs/auth/approle.html#via-the-api-1

vaultPolicyCreate :: VaultConnection -> Text -> Text -> IO () Source #

https://www.vaultproject.io/api/system/policies.html#create-update-acl-policy

vaultInit Source #

Arguments

:: VaultAddress
-> Int	`secret_shares`: The number of shares to split the master key into
-> Int	`secret_threshold`: The number of shares required to reconstruct the master key. This must be less than or equal to secret_shares
-> IO ([VaultUnsealKey], VaultAuthToken)	master keys and initial root token

https://www.vaultproject.io/docs/http/sys-init.html

data VaultSealStatus Source #

https://www.vaultproject.io/docs/http/sys-seal-status.html

See vaultSealStatus

Constructors

VaultSealStatus
Fields _VaultSealStatus_Sealed :: Bool _VaultSealStatus_T :: Int threshold _VaultSealStatus_N :: Int number of shares _VaultSealStatus_Progress :: Int

Instances

Eq VaultSealStatus Source #
Methods (==) :: VaultSealStatus -> VaultSealStatus -> Bool # (/=) :: VaultSealStatus -> VaultSealStatus -> Bool #
Ord VaultSealStatus Source #
Methods compare :: VaultSealStatus -> VaultSealStatus -> Ordering # (<) :: VaultSealStatus -> VaultSealStatus -> Bool # (<=) :: VaultSealStatus -> VaultSealStatus -> Bool # (>) :: VaultSealStatus -> VaultSealStatus -> Bool # (>=) :: VaultSealStatus -> VaultSealStatus -> Bool # max :: VaultSealStatus -> VaultSealStatus -> VaultSealStatus # min :: VaultSealStatus -> VaultSealStatus -> VaultSealStatus #
Show VaultSealStatus Source #
Methods showsPrec :: Int -> VaultSealStatus -> ShowS # show :: VaultSealStatus -> String # showList :: [VaultSealStatus] -> ShowS #
FromJSON VaultSealStatus Source #
Methods parseJSON :: Value -> Parser VaultSealStatus # parseJSONList :: Value -> Parser [VaultSealStatus] #

vaultSealStatus :: VaultAddress -> IO VaultSealStatus Source #

vaultSeal :: VaultConnection -> IO () Source #

data VaultUnseal Source #

https://www.vaultproject.io/docs/http/sys-unseal.html

See vaultUnseal

Constructors

VaultUnseal_Key VaultUnsealKey
VaultUnseal_Reset

Instances

Eq VaultUnseal Source #
Methods (==) :: VaultUnseal -> VaultUnseal -> Bool # (/=) :: VaultUnseal -> VaultUnseal -> Bool #
Ord VaultUnseal Source #
Methods compare :: VaultUnseal -> VaultUnseal -> Ordering # (<) :: VaultUnseal -> VaultUnseal -> Bool # (<=) :: VaultUnseal -> VaultUnseal -> Bool # (>) :: VaultUnseal -> VaultUnseal -> Bool # (>=) :: VaultUnseal -> VaultUnseal -> Bool # max :: VaultUnseal -> VaultUnseal -> VaultUnseal # min :: VaultUnseal -> VaultUnseal -> VaultUnseal #
Show VaultUnseal Source #
Methods showsPrec :: Int -> VaultUnseal -> ShowS # show :: VaultUnseal -> String # showList :: [VaultUnseal] -> ShowS #

vaultUnseal :: VaultAddress -> VaultUnseal -> IO VaultSealStatus Source #

https://www.vaultproject.io/docs/http/sys-unseal.html

vaultAppRoleCreate :: VaultConnection -> Text -> VaultAppRoleParameters -> IO () Source #

https://www.vaultproject.io/api/auth/approle/index.html#create-new-approle

vaultAppRoleRoleIdRead :: VaultConnection -> Text -> IO VaultAppRoleId Source #

https://www.vaultproject.io/api/auth/approle/index.html#read-approle-role-id

vaultAppRoleSecretIdGenerate :: VaultConnection -> Text -> Text -> IO VaultAppRoleSecretIdGenerateResponse Source #

https://www.vaultproject.io/api/auth/approle/index.html#generate-new-secret-id

defaultVaultAppRoleParameters :: VaultAppRoleParameters Source #

data VaultAppRoleParameters Source #

https://www.vaultproject.io/api/auth/approle/index.html#create-new-approle

Note: For TTL fields, only integer number seconds, i.e. 3600, are supported

Instances

ToJSON VaultAppRoleParameters Source #
Methods toJSON :: VaultAppRoleParameters -> Value # toEncoding :: VaultAppRoleParameters -> Encoding # toJSONList :: [VaultAppRoleParameters] -> Value # toEncodingList :: [VaultAppRoleParameters] -> Encoding #
FromJSON VaultAppRoleParameters Source #
Methods parseJSON :: Value -> Parser VaultAppRoleParameters # parseJSONList :: Value -> Parser [VaultAppRoleParameters] #

data VaultAppRoleSecretIdGenerateResponse Source #

Constructors

VaultAppRoleSecretIdGenerateResponse
Fields _VaultAppRoleSecretIdGenerateResponse_SecretIdAccessor :: VaultAppRoleSecretIdAccessor _VaultAppRoleSecretIdGenerateResponse_SecretId :: VaultAppRoleSecretId

Instances

FromJSON VaultAppRoleSecretIdGenerateResponse Source #
Methods parseJSON :: Value -> Parser VaultAppRoleSecretIdGenerateResponse # parseJSONList :: Value -> Parser [VaultAppRoleSecretIdGenerateResponse] #

data VaultMount a b Source #

https://www.vaultproject.io/docs/http/sys-mounts.html

Constructors

VaultMount
Fields _VaultMount_Type :: Text _VaultMount_Description :: a _VaultMount_Config :: b

Instances

ToJSON VaultMountWrite Source #
Methods toJSON :: VaultMountWrite -> Value # toEncoding :: VaultMountWrite -> Encoding # toJSONList :: [VaultMountWrite] -> Value # toEncodingList :: [VaultMountWrite] -> Encoding #
FromJSON VaultMountRead Source #
Methods parseJSON :: Value -> Parser VaultMountRead # parseJSONList :: Value -> Parser [VaultMountRead] #
(Eq b, Eq a) => Eq (VaultMount a b) Source #
Methods (==) :: VaultMount a b -> VaultMount a b -> Bool # (/=) :: VaultMount a b -> VaultMount a b -> Bool #
(Ord b, Ord a) => Ord (VaultMount a b) Source #
Methods compare :: VaultMount a b -> VaultMount a b -> Ordering # (<) :: VaultMount a b -> VaultMount a b -> Bool # (<=) :: VaultMount a b -> VaultMount a b -> Bool # (>) :: VaultMount a b -> VaultMount a b -> Bool # (>=) :: VaultMount a b -> VaultMount a b -> Bool # max :: VaultMount a b -> VaultMount a b -> VaultMount a b # min :: VaultMount a b -> VaultMount a b -> VaultMount a b #
(Show b, Show a) => Show (VaultMount a b) Source #
Methods showsPrec :: Int -> VaultMount a b -> ShowS # show :: VaultMount a b -> String # showList :: [VaultMount a b] -> ShowS #

type VaultMountRead = VaultMount Text VaultMountConfigRead Source #

type VaultMountWrite = VaultMount (Maybe Text) (Maybe VaultMountConfigWrite) Source #

data VaultMountConfig a Source #

https://www.vaultproject.io/docs/http/sys-mounts.html

Constructors

VaultMountConfig
Fields _VaultMountConfig_DefaultLeaseTtl :: a _VaultMountConfig_MaxLeaseTtl :: a

Instances

ToJSON VaultMountConfigWrite Source #
Methods toJSON :: VaultMountConfigWrite -> Value # toEncoding :: VaultMountConfigWrite -> Encoding # toJSONList :: [VaultMountConfigWrite] -> Value # toEncodingList :: [VaultMountConfigWrite] -> Encoding #
ToJSON VaultMountWrite Source #
Methods toJSON :: VaultMountWrite -> Value # toEncoding :: VaultMountWrite -> Encoding # toJSONList :: [VaultMountWrite] -> Value # toEncodingList :: [VaultMountWrite] -> Encoding #
FromJSON VaultMountConfigRead Source #
Methods parseJSON :: Value -> Parser VaultMountConfigRead # parseJSONList :: Value -> Parser [VaultMountConfigRead] #
FromJSON VaultMountRead Source #
Methods parseJSON :: Value -> Parser VaultMountRead # parseJSONList :: Value -> Parser [VaultMountRead] #
Eq a => Eq (VaultMountConfig a) Source #
Methods (==) :: VaultMountConfig a -> VaultMountConfig a -> Bool # (/=) :: VaultMountConfig a -> VaultMountConfig a -> Bool #
Ord a => Ord (VaultMountConfig a) Source #
Methods compare :: VaultMountConfig a -> VaultMountConfig a -> Ordering # (<) :: VaultMountConfig a -> VaultMountConfig a -> Bool # (<=) :: VaultMountConfig a -> VaultMountConfig a -> Bool # (>) :: VaultMountConfig a -> VaultMountConfig a -> Bool # (>=) :: VaultMountConfig a -> VaultMountConfig a -> Bool # max :: VaultMountConfig a -> VaultMountConfig a -> VaultMountConfig a # min :: VaultMountConfig a -> VaultMountConfig a -> VaultMountConfig a #
Show a => Show (VaultMountConfig a) Source #
Methods showsPrec :: Int -> VaultMountConfig a -> ShowS # show :: VaultMountConfig a -> String # showList :: [VaultMountConfig a] -> ShowS #

type VaultMountConfigRead = VaultMountConfig Int Source #

type VaultMountConfigWrite = VaultMountConfig (Maybe Int) Source #

vaultMounts :: VaultConnection -> IO [(Text, VaultMountRead)] Source #

https://www.vaultproject.io/docs/http/sys-mounts.html

For your convenience, the results are returned sorted (by the mount point)

vaultMountTune :: VaultConnection -> Text -> IO VaultMountConfigRead Source #

https://www.vaultproject.io/docs/http/sys-mounts.html

vaultMountSetTune :: VaultConnection -> Text -> VaultMountConfigWrite -> IO () Source #

https://www.vaultproject.io/docs/http/sys-mounts.html

vaultNewMount :: VaultConnection -> Text -> VaultMountWrite -> IO () Source #

https://www.vaultproject.io/docs/http/sys-mounts.html

vaultUnmount :: VaultConnection -> Text -> IO () Source #

https://www.vaultproject.io/docs/http/sys-mounts.html

newtype VaultSecretPath Source #

Constructors

VaultSecretPath
Fields unVaultSecretPath :: Text

Instances

Eq VaultSecretPath Source #
Methods (==) :: VaultSecretPath -> VaultSecretPath -> Bool # (/=) :: VaultSecretPath -> VaultSecretPath -> Bool #
Ord VaultSecretPath Source #
Methods compare :: VaultSecretPath -> VaultSecretPath -> Ordering # (<) :: VaultSecretPath -> VaultSecretPath -> Bool # (<=) :: VaultSecretPath -> VaultSecretPath -> Bool # (>) :: VaultSecretPath -> VaultSecretPath -> Bool # (>=) :: VaultSecretPath -> VaultSecretPath -> Bool # max :: VaultSecretPath -> VaultSecretPath -> VaultSecretPath # min :: VaultSecretPath -> VaultSecretPath -> VaultSecretPath #
Show VaultSecretPath Source #
Methods showsPrec :: Int -> VaultSecretPath -> ShowS # show :: VaultSecretPath -> String # showList :: [VaultSecretPath] -> ShowS #

data VaultSecretMetadata Source #

Constructors

VaultSecretMetadata
Fields _VaultSecretMetadata_leaseDuration :: Int _VaultSecretMetadata_leaseId :: Text _VauleSecretMetadata_renewable :: Bool

Instances

Eq VaultSecretMetadata Source #
Methods (==) :: VaultSecretMetadata -> VaultSecretMetadata -> Bool # (/=) :: VaultSecretMetadata -> VaultSecretMetadata -> Bool #
Show VaultSecretMetadata Source #
Methods showsPrec :: Int -> VaultSecretMetadata -> ShowS # show :: VaultSecretMetadata -> String # showList :: [VaultSecretMetadata] -> ShowS #
FromJSON VaultSecretMetadata Source #
Methods parseJSON :: Value -> Parser VaultSecretMetadata # parseJSONList :: Value -> Parser [VaultSecretMetadata] #

vaultWrite :: ToJSON a => VaultConnection -> VaultSecretPath -> a -> IO () Source #

https://www.vaultproject.io/docs/secrets/generic/index.html

The value that you give must encode as a JSON object

vaultRead Source #

Arguments

:: FromJSON a
=> VaultConnection
-> VaultSecretPath
-> IO (VaultSecretMetadata, Either (Value, String) a)	A `Left` result means that the secret's "data" could not be parsed into the data structure that you requested. You will get the "data" as a raw `Value` as well as the error message from the parse failure

vaultDelete :: VaultConnection -> VaultSecretPath -> IO () Source #

https://www.vaultproject.io/docs/secrets/generic/index.html

vaultList :: VaultConnection -> VaultSecretPath -> IO [VaultSecretPath] Source #

https://www.vaultproject.io/docs/secrets/generic/index.html

This will normalise the results to be full secret paths.

Will return only secrets that in the are located in the folder hierarchy directly below the given folder.

Use isFolder to check if whether each result is a secret or a subfolder.

The order of the results is unspecified.

To recursively retrieve all of the secrets use vaultListRecursive

isFolder :: VaultSecretPath -> Bool Source #

Does the path end with a / character?

Meant to be used on the results of vaultList

vaultListRecursive :: VaultConnection -> VaultSecretPath -> IO [VaultSecretPath] Source #

Recursively calls vaultList to retrieve all of the secrets in a folder (including all subfolders and sub-subfolders, etc...)

There will be no folders in the result.

The order of the results is unspecified.

VaultAppRoleParameters
Fields _VaultAppRoleParameters_BindSecretId :: Bool _VaultAppRoleParameters_Policies :: [Text] _VaultAppRoleParameters_SecretIdNumUses :: Maybe Int _VaultAppRoleParameters_SecretIdTTL :: Maybe Int _VaultAppRoleParameters_TokenNumUses :: Maybe Int _VaultAppRoleParameters_TokenTTL :: Maybe Int _VaultAppRoleParameters_TokenMaxTTL :: Maybe Int _VaultAppRoleParameters_Period :: Maybe Int