vault_api_client | R Documentation |
Vault Low-Level Client
Vault Low-Level Client
Low-level API client. This can be used to directly communicate with the vault server. This object will primarily be useful for debugging, testing or developing new vault methods, but is nonetheless described here.
vaultr::vault_client_object
-> vault_api_client
addr
The vault address (with protocol, hostname and port)
base_url
The base url (with protocol, hostname, port and api version path)
tls_config
Information used in TLS config, if used
namespace
The vault namespace, if used
token
The vault token, if authenticated
version
The vault server version, once queried
new()
Create a new api client
vault_api_client$new(addr = NULL, tls_config = NULL, namespace = NULL)
addr
Address of the vault server
tls_config
Optional TLS config
namespace
Optional namespace
request()
Make a request to the api. Typically you should use
one of the higher-level wrappers, such as $GET
or $POST
.
vault_api_client$request(verb, path, ..., token = self$token)
verb
The HTTP verb to use, as a httr
function (e.g.,
pass httr::GET
for a GET
request).
path
The request path
...
Additional arguments passed to the httr
function
token
Optional token, overriding the client token
is_authenticated()
Test if the vault client currently holds a vault token. This method does not verify the token - only test that is present.
vault_api_client$is_authenticated()
set_token()
Set a token within the client
vault_api_client$set_token(token, verify = FALSE, quiet = FALSE)
token
String, with the new vault client token
verify
Logical, indicating if we should test that the token
is valid. If TRUE
, then we use $verify_token()
to test the
token before setting it and if it is not valid an error will be
thrown and the token not set.
quiet
Logical, if TRUE
, then informational messages will be
suppressed.
verify_token()
Test that a token is valid with the vault.
This will call vault's /sys/capabilities-self
endpoint with the
token provided and check the /sys
path.
vault_api_client$verify_token(token, quiet = TRUE)
token
String, with the vault client token to test
quiet
Logical, if TRUE
, then informational messages will be
suppressed
server_version()
Retrieve the vault server version. This is by default cached within the client for a session. Will return an R numeric_version object.
vault_api_client$server_version(refresh = FALSE)
refresh
Logical, indicating if the server version information should be refreshed even if known.
GET()
Send a GET
request to the vault server
vault_api_client$GET(path, ...)
path
The server path to use. This is the "interesting" part of the path only, with the server base url and api version information added.
...
Additional httr
-compatible options. These will be named
parameters or httr
"request" objects.
LIST()
Send a LIST
request to the vault server
vault_api_client$LIST(path, ...)
path
The server path to use. This is the "interesting" part of the path only, with the server base url and api version information added.
...
Additional httr
-compatible options. These will be named
parameters or httr
"request" objects.
POST()
Send a POST
request to the vault server
vault_api_client$POST(path, ...)
path
The server path to use. This is the "interesting" part of the path only, with the server base url and api version information added.
...
Additional httr
-compatible options. These will be named
parameters or httr
"request" objects.
PUT()
Send a PUT
request to the vault server
vault_api_client$PUT(path, ...)
path
The server path to use. This is the "interesting" part of the path only, with the server base url and api version information added.
...
Additional httr
-compatible options. These will be named
parameters or httr
"request" objects.
DELETE()
Send a DELETE
request to the vault server
vault_api_client$DELETE(path, ...)
path
The server path to use. This is the "interesting" part of the path only, with the server base url and api version information added.
...
Additional httr
-compatible options. These will be named
parameters or httr
"request" objects.
server <- vaultr::vault_test_server(if_disabled = message)
if (!is.null(server)) {
# Ordinarily, we would use the "vault_client" object for
# high-level access to the vault server
client <- server$client()
client$status()
# The api() method returns the "api client" object:
api <- client$api()
api
# This allows running arbitrary HTTP requests against the server:
api$GET("/sys/seal-status")
# this is how vaultr is internally implemented so anything can
# be done here, for example following vault's API documentation
# https://www.vaultproject.io/api/secret/kv/kv-v1.html#sample-request-2
api$POST("/secret/mysecret", body = list(key = "value"))
api$GET("/secret/mysecret")
api$DELETE("/secret/mysecret")
# cleanup
server$kill()
}
Add the following code to your website.
For more information on customizing the embed code, read Embedding Snippets.