LSST SQuaRE Vault utilities
Project description
# LSST Vault Utilities
This package is a set of Vault utilities useful for the LSST use case.
## Classes
The package name is lsstvaultutils. Its functional classes are:
SecretCopier – this copies secrets between the current Kubernetes context and a Vault instance.
TokenAdmin – this highly LSST-specific class allows you to specify a path under the Vault secret store, and it will generate three tokens (read, write, and admin) for manipulating secrets under the path. It stores those under secret/delegated, so that an admin can find (and, if need be, revoke) them later. It also manages revoking those tokens and removing them from the secret/delegated path.
RecursiveDeleter – this adds a recursive deletion feature to Vault for removing a whole secret tree at a time.
There is also a TimeFormatter class that exists only to add milliseconds to the debugging logs.
## Programs
The major functionality of these classes is also exposed as standalone programs.
copyk2v – copy a Kubernetes secret to a Vault secret path.
copyv2k – copy a set of Vault secrets at a specified path to a Kubernetes secret.
tokenadmin – Creating or revoke token sets for a given Vault secret path.
vaultrmrf – Remove a Vault secret path and everything underneath it.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Hashes for lsstvaultutils-0.0.3-py2.py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | b2c22f62e8338bf0b430e1d5265075c09b9f7b81fd11f73f03dc1aef57e5826b |
|
MD5 | f56d7ebb0693ca012406b33753192035 |
|
BLAKE2b-256 | dc7d5fcb7ff19ad75ec4ffc4e62c2d8ad3ec2d623415b54ffe942160d61fda32 |