JarCasting
JarCasting JarCasting

jVaultConnector

Connector artifact for Hashicorp's Vault secret management

License

License
GroupId

GroupId

de.stklcode.jvault
ArtifactId

ArtifactId

connector
Last Version

Last Version

0.8.0
Release Date

Release Date
Type

Type

jar
Description

Description

jVaultConnector
Connector artifact for Hashicorp's Vault secret management
Project URL

Project URL

https://jvault.stklcode.de
Source Code Management

Source Code Management

https://github.com/stklcode/jvaultconnector

Download connector

Filename Size
connector-0.8.0.pom
connector-0.8.0.jar 27 KB
connector-0.8.0-sources.jar 20 KB
connector-0.8.0-javadoc.jar 177 KB
Browse

How to add to project

<!-- https://jarcasting.com/artifacts/de.stklcode.jvault/connector/ -->
<dependency>
    <groupId>de.stklcode.jvault</groupId>
    <artifactId>connector</artifactId>
    <version>0.8.0</version>
</dependency>
// https://jarcasting.com/artifacts/de.stklcode.jvault/connector/
implementation 'de.stklcode.jvault:connector:0.8.0'
// https://jarcasting.com/artifacts/de.stklcode.jvault/connector/
implementation ("de.stklcode.jvault:connector:0.8.0")
'de.stklcode.jvault:connector:jar:0.8.0'
<dependency org="de.stklcode.jvault" name="connector" rev="0.8.0">
  <artifact name="connector" type="jar" />
</dependency>
@Grapes(
@Grab(group='de.stklcode.jvault', module='connector', version='0.8.0')
)
libraryDependencies += "de.stklcode.jvault" % "connector" % "0.8.0"
[de.stklcode.jvault/connector "0.8.0"]

Dependencies

compile (5)

Group / Artifact Type Version
org.apache.httpcomponents : httpcore jar 4.4.11
org.apache.httpcomponents : httpclient jar 4.5.7
com.fasterxml.jackson.core : jackson-core jar 2.9.8
com.fasterxml.jackson.core : jackson-databind jar 2.9.8
org.junit.jupiter : junit-jupiter-migrationsupport jar 5.4.1

test (6)

Group / Artifact Type Version
org.junit.jupiter : junit-jupiter-engine jar 5.4.1
org.hamcrest : hamcrest-junit jar 2.0.0.0
com.github.stefanbirkner : system-rules jar 1.17.2
org.mockito : mockito-core jar 2.25.1
org.mockito : mockito-inline jar 2.25.1
commons-io : commons-io jar 2.6

Project Modules

There are no modules declared in this project.

Java Vault Connector

Build Status Quality Gate License Maven Central

Logo

Java Vault Connector is a connector library for Vault by Hashicorp written in Java. The connector allows simple usage of Vault's secret store in own applications.

Features:

  • HTTP(S) backend connector
    • Ability to provide or enforce custom CA certificate
    • Optional initialization from environment variables
  • Authorization methods
    • Token
    • Username/Password
    • AppRole (register and authenticate)
    • AppID (register and authenticate) [deprecated]
  • Tokens
    • Creation and lookup of tokens and token roles
    • TokenBuilder for speaking creation of complex configurations
  • Secrets
    • Read secrets
    • Write secrets
    • List secrets
    • Delete secrets
    • Renew/revoke leases
    • Raw secret content or JSON decoding
    • SQL secret handling
    • KV v1 and v2 support
  • Connector Factory with builder pattern
  • Tested against Vault 1.7.0

Maven Artifact

<dependency>
    <groupId>de.stklcode.jvault</groupId>
    <artifactId>jvault-connector</artifactId>
    <version>0.9.3</version>
</dependency>

Usage Examples

Initialization

// Instantiate using builder pattern style factory (TLS enabled by default)
VaultConnector vault = VaultConnectorBuilder.http()
 .withHost("127.0.0.1")
 .withPort(8200)
 .withTLS()
 .build();

// Instantiate with custom SSL context
VaultConnector vault = VaultConnectorBuilder.http()
 .withHost("example.com")
 .withPort(8200)
 .withTrustedCA(Paths.get("/path/to/CA.pem"))
 .build();

// Initialization from environment variables 
VaultConnector vault = VaultConnectorBuilder.http()
 .fromEnv()
 .build();

Authentication

// Authenticate with token.
vault.authToken("01234567-89ab-cdef-0123-456789abcdef");

// Authenticate with username and password.
vault.authUserPass("username", "p4ssw0rd");

// Authenticate with AppRole (secret - 2nd argument - is optional).
vault.authAppRole("01234567-89ab-cdef-0123-456789abcdef", "fedcba98-7654-3210-fedc-ba9876543210");

Secret read & write

// Retrieve secret (prefix "secret/" assumed, use read() to read arbitrary paths)
String secret = vault.read("secret/some/key").get("value", String.class);

// Complex secret.
Map<String, Object> secretData = vault.read("secret/another/key").getData();

// Write simple secret.
vault.write("secret/new/key", "secret value");

// Write complex data.
Map<String, Object> map = ...;
vault.write("path/to/write", map);

// Delete secret.
vault.delete("path/to/delete");

Token and role creation

// Create token using TokenBuilder
Token token = Token.builder()
                   .withId("token id")
                   .withDisplayName("new test token")
                   .withPolicies("pol1", "pol2")
                   .build();
vault.createToken(token);

// Create AppRole credentials
vault.createAppRole("testrole", policyList);
AppRoleSecretResponse secret = vault.createAppRoleSecret("testrole");

Links

Project Page

JavaDoc API

License

The project is licensed under Apache License 2.0.

Versions

Version
0.8.0
0.7.1
0.7.0
0.6.2
0.6.1
0.6.0
0.5.0
0.4.1
0.4.0
0.3.0
0.2.0
0.1.1
0.1