Module vault.java.driver
Package io.github.jopenlibs.vault.api.database

Class Database

  • public class Database
extends OperationsBase

    The implementing class for operations on Vault's database backend.

    This class is not intended to be constructed directly. Rather, it is meant to used by way of Vault in a DSL-style builder pattern. See the Javadoc comments of each public method for usage examples.

    • Constructor Detail

      • Database

        public Database​(VaultConfig config)
        Constructor for use when the Database backend is mounted on the default path (i.e. /v1/database).
        Parameters:
        config - A container for the configuration settings needed to initialize a Vault driver instance

      • Database

        public Database​(VaultConfig config,
                java.lang.String mountPath)
        Constructor for use when the Database backend is mounted on some non-default custom path (e.g. /v1/db123).
        Parameters:
        config - A container for the configuration settings needed to initialize a Vault driver instance
        mountPath - The path on which your Vault Database backend is mounted, without the /v1/ prefix (e.g. "root-ca")

    • Method Detail

      • withNameSpace

        public Database withNameSpace​(java.lang.String nameSpace)

      • createOrUpdateRole

        public DatabaseResponse createOrUpdateRole​(java.lang.String roleName,
                                           DatabaseRoleOptions options)
                                    throws VaultException

        Operation to create or update an role using the Database Secret engine. Relies on an authentication token being present in the VaultConfig instance.

        This version of the method accepts a DatabaseRoleOptions parameter, containing optional settings for the role creation operation. Example usage:

        
 final VaultConfig config = new VaultConfig.address(...).token(...).build();
 final Vault vault = new Vault(config);

 final DatabaseRoleOptions options = new DatabaseRoleOptions()
                              .dbName("test")
                              .maxTtl("9h");
 final DatabaseResponse response = vault.database().createOrUpdateRole("testRole", options);

 assertEquals(204, response.getRestResponse().getStatus());
        Parameters:
        roleName - A name for the role to be created or updated
        options - Optional settings for the role to be created or updated (e.g. db_name, ttl, etc)
        Returns:
        A container for the information returned by Vault
        Throws:
        VaultException - If any error occurs or unexpected response is received from Vault

      • getRole

        public DatabaseResponse getRole​(java.lang.String roleName)
                         throws VaultException

        Operation to retrieve an role using the Database backend. Relies on an authentication token being present in the VaultConfig instance.

        The role information will be populated in the roleOptions field of the DatabaseResponse return value. Example usage:

        
 final VaultConfig config = new VaultConfig.address(...).token(...).build();
 final Vault vault = new Vault(config);
 final DatabaseResponse response = vault.database().getRole("testRole");

 final RoleOptions details = response.getRoleOptions();
        Parameters:
        roleName - The name of the role to retrieve
        Returns:
        A container for the information returned by Vault
        Throws:
        VaultException - If any error occurs or unexpected response is received from Vault

      • revoke

        public DatabaseResponse revoke​(java.lang.String serialNumber)
                        throws VaultException

        Operation to revike a certificate in the vault using the Database backend. Relies on an authentication token being present in the VaultConfig instance.

        A successful operation will return a 204 HTTP status. A VaultException will be thrown if the role does not exist, or if any other problem occurs. Example usage:

        
 final VaultConfig config = new VaultConfig.address(...).token(...).build();
 final Vault vault = new Vault(config);

 final DatabaseResponse response = vault.database().revoke("serialnumber");
 assertEquals(204, response.getRestResponse().getStatus();
        Parameters:
        serialNumber - The name of the role to delete
        Returns:
        A container for the information returned by Vault
        Throws:
        VaultException - If any error occurs or unexpected response is received from Vault

      • deleteRole

        public DatabaseResponse deleteRole​(java.lang.String roleName)
                            throws VaultException

        Operation to delete an role using the Database backend. Relies on an authentication token being present in the VaultConfig instance.

        A successful operation will return a 204 HTTP status. A VaultException will be thrown if the role does not exist, or if any other problem occurs. Example usage:

        
 final VaultConfig config = new VaultConfig.address(...).token(...).build();
 final Vault vault = new Vault(config);

 final DatabaseResponse response = vault.database().deleteRole("testRole");
 assertEquals(204, response.getRestResponse().getStatus();
        Parameters:
        roleName - The name of the role to delete
        Returns:
        A container for the information returned by Vault
        Throws:
        VaultException - If any error occurs or unexpected response is received from Vault

      • creds

        public DatabaseResponse creds​(java.lang.String roleName)
                       throws VaultException

        Operation to generate a new set of credentials using the Database backend.

        A successful operation will return a 204 HTTP status. A VaultException will be thrown if the role does not exist, or if any other problem occurs. Credential information will be populated in the credential field of the DatabaseResponse return value. Example usage:

        
 final VaultConfig config = new VaultConfig.address(...).token(...).build();
 final Vault vault = new Vault(config);

 final DatabaseResponse response = vault.database().creds("testRole");
 assertEquals(204, response.getRestResponse().getStatus();
        Parameters:
        roleName - The role for which to retrieve credentials
        Returns:
        A container for the information returned by Vault
        Throws:
        VaultException - If any error occurs or unexpected response is received from Vault