vimc/vaultr
Vault Client for Secrets and Sensitive Data

Package index
Search the vimc/vaultr package
Vignettes
Functions
103
Source code
55
Man pages
21
Home
/
GitHub
/
vimc/vaultr
/
vault_client_auth_userpass: Vault Username/Password Authentication Configuration

vault_client_auth_userpass: Vault Username/Password Authentication Configuration
In vimc/vaultr: Vault Client for Secrets and Sensitive Data

vault_client_auth_userpassR Documentation

Vault Username/Password Authentication Configuration

Description

Vault Username/Password Authentication Configuration

Vault Username/Password Authentication Configuration

Details

Interact with vault's username/password authentication backend. This backend can be used to configure basic username+password authentication, suitable for human users. For more information, please see the vault documentation https://developer.hashicorp.com/vault/docs/auth/userpass

Super class

vaultr::vault_client_object -> vault_client_auth_userpass

Methods

Public methods

Inherited methods

Method new()

Create a vault_client_userpass object. Not typically called by users.

Usage
vault_client_auth_userpass$new(api_client, mount)
Arguments
api_client

A vault_api_client object

mount

Mount point for the backend

Method custom_mount()

Set up a vault_client_auth_userpass object at a custom mount. For example, suppose you mounted the userpass authentication backend at ⁠/userpass2⁠ you might use up <- vault$auth$userpass2$custom_mount("/userpass2") - this pattern is repeated for other secret and authentication backends.

Usage
vault_client_auth_userpass$custom_mount(mount)
Arguments
mount

String, indicating the path that the engine is mounted at.

Method write()

Create or update a user.

Usage
vault_client_auth_userpass$write(
  username,
  password = NULL,
  policies = NULL,
  ttl = NULL,
  max_ttl = NULL,
  bound_cidrs = NULL
)
Arguments
username

Username for the user

password

Password for the user (required when creating a user only)

policies

Character vector of policies for the user

ttl

The lease duration which decides login expiration

max_ttl

Maximum duration after which login should expire

bound_cidrs

Character vector of CIDRs. If set, restricts usage of the login and token to client IPs falling within the range of the specified CIDR(s).

Method read()

Reads the properties of an existing username.

Usage
vault_client_auth_userpass$read(username)
Arguments
username

Username to read

Method delete()

Delete a user

Usage
vault_client_auth_userpass$delete(username)
Arguments
username

Username to delete

Method update_password()

Update password for a user

Usage
vault_client_auth_userpass$update_password(username, password)
Arguments
username

Username for the user to update

password

New password for the user

Method update_policies()

Update vault policies for a user

Usage
vault_client_auth_userpass$update_policies(username, policies)
Arguments
username

Username for the user to update

policies

Character vector of policies for this user

Method list()

List users known to vault

Usage
vault_client_auth_userpass$list()

Method login()

Log into the vault using username/password authentication. Normally you would not call this directly but instead use ⁠$login⁠ with method = "userpass" and proving the username argument and optionally the password argument. This function returns a vault token but does not set it as the client token.

Usage
vault_client_auth_userpass$login(username, password = NULL)
Arguments
username

Username to authenticate with

password

Password to authenticate with. If omitted or NULL and the session is interactive, the password will be prompted for.

Examples

server <- vaultr::vault_test_server(if_disabled = message)
if (!is.null(server)) {
  root <- server$client()

  # The userpass authentication backend is not enabled by default,
  # so we need to enable it first
  root$auth$enable("userpass")

  # Then we can add users:
  root$auth$userpass$write("alice", "p4ssw0rd")

  # Create a new client and login with this user:
  alice <- vaultr::vault_client(
    addr = server$addr,
    login = "userpass",
    username = "alice",
    password = "p4ssw0rd")

  # (it is not recommended to login with the password like this as
  # it will end up in the command history, but in interactive use
  # you will be prompted securely for password)

  # Alice has now logged in and has only "default" policies
  alice$auth$token$lookup_self()$policies

  # (wheras our original root user has the "root" policy)
  root$auth$token$lookup_self()$policies
}

vimc/vaultr documentation built on Nov. 11, 2023, 8:21 a.m.

Related to vault_client_auth_userpass in vimc/vaultr...

vimc/vaultr index
README.md

R Package Documentation

rdrr.io home R language documentation Run R code online

Browse R Packages

CRAN packages Bioconductor packages R-Forge packages GitHub packages

We want your feedback!

Note that we can't provide technical support on individual packages. You should contact the package authors for that.
GitHub issue tracker
ian@mutexlabs.com
Personal blog

 
Embedding an R snippet on your website

Add the following code to your website.

For more information on customizing the embed code, read Embedding Snippets.

Close