Package org.apache.nifi.vault.hashicorp

Interface HashiCorpVaultCommunicationService

public interface HashiCorpVaultCommunicationService
A service to handle all communication with an instance of HashiCorp Vault.
See Also:

  • Method Details

    • getServerVersion

      String getServerVersion()
      Returns:
      The HashiCorp Vault server version

    • encrypt

      String encrypt(String transitPath, byte[] plainText)
      Encrypts the given plaintext using Vault's Transit Secrets Engine.
      Parameters:
      transitPath - The Vault path to use for the configured Transit Secrets Engine
      plainText - The plaintext to encrypt
      Returns:
      The cipher text
      See Also:

    • decrypt

      byte[] decrypt(String transitPath, String cipherText)
      Decrypts the given cipher text using Vault's Transit Secrets Engine.
      Parameters:
      transitPath - The Vault path to use for the configured Transit Secrets Engine
      cipherText - The cipher text to decrypt
      Returns:
      The decrypted plaintext
      See Also:

    • writeKeyValueSecret

      void writeKeyValueSecret(String keyValuePath, String secretKey, String value)
      Writes a single secret value using Vault's Key/Value Version 1 Secrets Engine.
      Parameters:
      keyValuePath - The Vault path to use for the configured Key/Value Secrets Engine
      secretKey - The secret key
      value - The secret value
      See Also:

    • readKeyValueSecret

      Optional<String> readKeyValueSecret(String keyValuePath, String secretKey)
      Reads a single secret value from Vault's Key/Value Version 1 Secrets Engine.
      Parameters:
      keyValuePath - The Vault path to use for the configured Key/Value Secrets Engine
      secretKey - The secret key
      Returns:
      The secret value, or empty if not found
      See Also:

    • writeKeyValueSecretMap

      void writeKeyValueSecretMap(String keyValuePath, String secretKey, Map<String,String> keyValues)
      Writes a secret with multiple key/value pairs using Vault's Key/Value Version 1 Secrets Engine.
      Parameters:
      keyValuePath - The Vault path to use for the configured Key/Value Secrets Engine
      keyValues - A map from key to value for keys/values that should be stored in the secret
      See Also:

    • readKeyValueSecretMap

      Map<String,String> readKeyValueSecretMap(String keyValuePath, String secretKey)
      Reads a secret with multiple key/value pairs from Vault's Key/Value Version 1 Secrets Engine.
      Parameters:
      keyValuePath - The Vault path to use for the configured Key/Value Secrets Engine
      secretKey - The secret key
      Returns:
      A map from key to value from the secret key/values, or an empty map if not found
      See Also:

    • listKeyValueSecrets

      List<String> listKeyValueSecrets(String keyValuePath)
      Lists the secrets at the given Key/Value Version 1 Secrets Engine path.
      Parameters:
      keyValuePath - The Vault path to list
      Returns:
      The list of secret names