Vault

  • Canonical Telco
Channel Revision Published Runs on
latest/edge 89 31 Jan 2024
Ubuntu 22.04 Ubuntu 20.04
latest/edge 9 27 Jan 2023
Ubuntu 22.04 Ubuntu 20.04
1.16/stable 280 04 Oct 2024
Ubuntu 22.04
1.16/candidate 280 04 Oct 2024
Ubuntu 22.04
1.16/beta 280 04 Oct 2024
Ubuntu 22.04
1.16/edge 291 19 Nov 2024
Ubuntu 22.04
1.15/stable 248 24 Jul 2024
Ubuntu 22.04
1.15/candidate 248 24 Jul 2024
Ubuntu 22.04
1.15/beta 248 24 Jul 2024
Ubuntu 22.04
1.15/edge 248 10 Jul 2024
Ubuntu 22.04
juju deploy vault-k8s --channel 1.16/stable
Show information

Platform:

charms.vault_k8s.v0.vault

Library for interacting with a Vault cluster.

This library shares operations that interact with Vault through its API. It is intended to be used by charms that need to manage a Vault cluster.


class Vault

Description

Class to interact with Vault through its API. None

Methods

Vault. __init__( self , url: str , ca_cert_path: str )

Vault. initialize( self , secret_shares: int , secret_threshold: int )

Initialize Vault.

Returns

A tuple containing the root token and the unseal keys.

Vault. is_initialized( self )

Description

Returns whether Vault is initialized. None

Vault. is_sealed( self )

Description

Returns whether Vault is sealed. None

Vault. is_active( self )

Returns the health status of Vault.

Returns

True if initialized, unsealed and active, False otherwise. Will return True if Vault is in standby mode too (standby_ok=True).

Vault. is_api_available( self )

Description

Returns whether Vault is available. None

Vault. unseal( self , unseal_keys )

Description

Unseal Vault. None

Vault. set_token( self , token: str )

Description

Sets the Vault token for authentication. None

Vault. remove_raft_node( self , node_id: str )

Description

Remove raft peer. None

Vault. is_node_in_raft_peers( self , node_id: str )

Description

Check if node is in raft peers. None

Vault. get_num_raft_peers( self )

Description

Returns the number of raft peers. None

Vault. enable_approle_auth( self )

Description

Enable the AppRole authentication method in Vault, if not already enabled. None

Vault. configure_kv_mount( self , name: str )

Description

Ensure a KV mount is enabled. None

Vault. configure_kv_policy( self , policy: str , mount: str )

Description

Create/update a policy within vault to access the KV mount. None

Vault. audit_device_enabled( self , device_type: str , path: str )

Description

Check if audit device is enabled. None

Vault. enable_audit_device( self , device_type: str , path: str )

Description

Enable a new audit device at the supplied path. None

Vault. create_snapshot( self )

Description

Create a snapshot of the Vault data. None

Vault. restore_snapshot( self , snapshot: bytes )

Restore a snapshot of the Vault data.

Description

Uses force_restore_raft_snapshot to restore the snapshot even if the unseal key used at backup time is different from the current one.

Vault. configure_approle( self , name: str , cidrs , policies )

Description

Create/update a role within vault associating the supplied policies. None

Vault. generate_role_secret_id( self , name: str , cidrs )

Description

Generate a new secret tied to an AppRole. None

Vault. read_role_secret( self , name: str , id: str )

Description

Get definition of a secret tied to an AppRole. None

Vault. get_raft_cluster_state( self )

Description

Get raft cluster state. None

Vault. is_raft_cluster_healthy( self )

Description

Check if raft cluster is healthy. None