Akeyless SDK implementation for Python
Project description
The AKEYLESS Software Development Kit (SDK) for Python allows Python developers to write software that makes use of the AKEYLESS service.
AKEYLESS is an innovative Secrets & Keys Management-as-a-Service solution, made to protect the Hybrid and Multi-Cloud environments.
An enterprise-grade holistic solution; made to protect and manage any type of Secret: Encryption Keys, TLS Certificates, Passwords, API Tokens, SSH Keys and more.
Environment agnostic; either on-prem, private cloud and as-a-Service for Public Cloud.
Zero-Knowledge Technology; Patent-pending innovative no-trust Encryption Keys Management system.
For more information, please visit our website.
Getting Started
Sign up for AKEYLESS
Before you begin, you need an AKEYLESS account. Please register here and receive your admin client access credentials.
Minimum requirements
Python 3.5+
cryptography >= 1.8.1
Installation
$pip install akeyless
Documentation
You can find the AKEYLESS Python SDK full documentation at Read the Docs.
Usage
The following code sample demonstrates how to encrypt/decrypt data via the AKEYLESS service where the key fragments are stored in multiple locations and are never combined:
from akeyless import AkeylessClientConfig, AkeylessClient
def encrypt_decrypt_string(access_id, api_key, key_name, plaintext):
"""Encrypts and then decrypts a string using an AES key from your Akeyless account.
:param str access_id: The client access id.
:param str api_key: The client access key.
:param str key_name: The name of the key to use in the encryption process
:param str plaintext: Data to encrypt
"""
akeyless_server_dns = "vault.akeyless.io" # Akeyless prod environment.
conf = AkeylessClientConfig(akeyless_server_dns, access_id, api_key)
client = AkeylessClient(conf)
# Encrypt the plaintext source data
ciphertext = client.encrypt_string(key_name, plaintext)
# Decrypt the ciphertext
decrypt_res = client.decrypt_string(key_name, ciphertext)
# Verify that the decryption result is identical to the source plaintext
assert decrypt_res == plaintext
client.close()
The following code sample demonstrates how to save and load secrets
from akeyless import AkeylessClientConfig, AkeylessAdminClient
def secret_management(access_id, api_key, secret_name, secret_value, secret_metadata=""):
"""Create a new secret.
:param str access_id: The client access id.
:param str api_key: The client access key.
:param str secret_name: The name of the new secret
:param str secret_value: The value of the new secret
:param str secret_metadata: Metadata about the secret
"""
akeyless_server_dns = "vault.akeyless.io" # Akeyless prod environment.
conf = AkeylessClientConfig(akeyless_server_dns, access_id, api_key)
client = AkeylessAdminClient(conf)
# Create new secret
client.create_secret(secret_name, secret_value, secret_metadata)
# Get secret value
secret_val_res = client.get_secret_value(secret_name)
assert secret_val_res == secret_value
# Get secret details
secret_des = client.describe_item(secret_name)
print(secret_des)
# Update secret value
new_secret_value = "this is a new secret"
client.update_secret_value(secret_name, new_secret_value)
secret_val_res = client.get_secret_value(secret_name)
assert secret_val_res == new_secret_value
client.close()
You can find more examples in the examples directory
License
This SDK is distributed under the Apache License, Version 2.0 see LICENSE.txt for more information.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.