vault_client_kv1 | R Documentation |
Key-Value Store (Version 1)
Key-Value Store (Version 1)
Interact with vault's version 1 key-value store. This is useful for storing simple key-value data without versioning or metadata (see vault_client_kv2 for a richer key-value store).
Up to vault version 0.12.0 this was mounted by default at
/secret
. It can be accessed from vault with either the $read
,
$write
, $list
and $delete
methods on the main
vault_client object or by the $kv1
member of the
secrets
member of the main vault client
(vault_client_secrets)
vaultr::vault_client_object
-> vault_client_kv1
new()
Create a vault_client_kv1
object. Not typically
called by users.
vault_client_kv1$new(api_client, mount)
api_client
A vault_api_client object
mount
Mount point for the backend
custom_mount()
Set up a vault_client_kv1
object at a custom
mount. For example, suppose you mounted another copy of the
kv1
secret backend at /secret2
you might use kv <- vault$secrets$kv1$custom_mount("/secret2")
- this pattern is
repeated for other secret and authentication backends.
vault_client_kv1$custom_mount(mount)
mount
String, indicating the path that the engine is mounted at.
read()
Read a value from the vault. This can be used to read any value that you have permission to read in this store.
vault_client_kv1$read(path, field = NULL, metadata = FALSE)
path
Path for the secret to read, such as
/secret/mysecret
field
Optional field to read from the secret. Each
secret is stored as a key/value set (represented in R as a
named list) and this is equivalent to using [[field]]
on
the return value. The default, NULL
, returns the full set
of values.
metadata
Logical, indicating if we should return
metadata for this secret (lease information etc) as an
attribute along with the values itself. Ignored if field
is specified.
write()
Write data into the vault. This can be used to write any value that you have permission to write in this store.
vault_client_kv1$write(path, data)
path
Path for the secret to write, such as
/secret/mysecret
data
A named list of values to write into the vault at this path. This replaces any existing values.
list()
List data in the vault at a give path. This can
be used to list keys, etc (e.g., at /secret
).
vault_client_kv1$list(path, full_names = FALSE)
path
The path to list
full_names
Logical, indicating if full paths (relative to the vault root) should be returned.
value
A character vector (of zero length if no keys are
found). Paths that are "directories" (i.e., that contain
keys and could themselves be listed) will be returned with a
trailing forward slash, e.g. path/
delete()
Delete a value from the vault
vault_client_kv1$delete(path)
path
The path to delete
server <- vaultr::vault_test_server(if_disabled = message)
if (!is.null(server)) {
client <- server$client()
# Write secrets
client$secrets$kv1$write("/secret/path/mysecret", list(key = "value"))
# List secrets - note the trailing "/" indicates a folder
client$secrets$kv1$list("/secret")
client$secrets$kv1$list("/secret/path")
# Read secrets
client$secrets$kv1$read("/secret/path/mysecret")
client$secrets$kv1$read("/secret/path/mysecret", field = "key")
# Delete secrets
client$secrets$kv1$delete("/secret/path/mysecret")
client$secrets$kv1$read("/secret/path/mysecret")
# cleanup
server$kill()
}
Add the following code to your website.
For more information on customizing the embed code, read Embedding Snippets.