A Pydantic v2 settings extension for secure configuration management using HashiCorp Vault OpenSource (OSS) and Enterprise

Navigation

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for SylvainM from gravatar.com SylvainM

Unverified details

These details have not been verified by PyPI
Meta
  • License: MIT License (MIT)
  • Author: Sylvain Mouquet
  • Tags configuration, enterprise, hashicorp, opensource, pydantic, python, secrets management, security, settings, vault
  • Requires: Python >=3.10
Classifiers

Project description

Pydantic2-Settings-Vault

Pydantic2-Settings-Vault is a simple extension of Pydantic Settings to collect secrets from HashiCorp Vault OpenSource (OSS) and Enterprise

Demonstration:

from functools import lru_cache
from threading import Lock
from typing import Tuple, Type
from pydantic import Field, SecretStr
from pydantic_settings import (
    BaseSettings,
    PydanticBaseSettingsSource,
)
from pydantic2_settings_vault import VaultConfigSettingsSource

class AppSettings(BaseSettings):

    MY_SECRET: SecretStr = Field(
        ...,
        json_schema_extra={
            "vault_secret_path": "secret/data/test",
            "vault_secret_key": "FOO",  # pragma: allowlist secret
        },
    )
    
    @classmethod
    def settings_customise_sources(
        cls,
        settings_cls: Type[BaseSettings],
        init_settings: PydanticBaseSettingsSource,
        env_settings: PydanticBaseSettingsSource,
        dotenv_settings: PydanticBaseSettingsSource,
        file_secret_settings: PydanticBaseSettingsSource,
    ) -> Tuple[PydanticBaseSettingsSource, ...]:
        return (
            init_settings,
            env_settings,
            dotenv_settings,
            VaultConfigSettingsSource(settings_cls=settings_cls),
        )

# The connection to Vault is done via HTTP with AppRole authentication
import os
os.environ['VAULT_URL'] = "<configure it>"
os.environ['VAULT_ROLE_ID'] = "<configure it>"
os.environ['VAULT_SECRET_ID'] = "<configure it>"

# Only with Enterprise edition
os.environ['VAULT_NAMESPACE'] = "<configure it>"

# Usage
app_settings_lock = Lock()

@lru_cache
def get_app_settings() -> AppSettings:
    with app_settings_lock:
        return AppSettings()  # type: ignore

Table of Contents

Description

Pydantic2-Settings-Vault is a extension for Pydantic Settings that enables secure configuration management by integrating with HashiCorp Vault. This library supports both the open-source (OSS) and Enterprise versions of Vault, providing a seamless way to retrieve and manage secrets within your Pydantic-based applications. By leveraging Vault's robust security features, Pydantic2-Settings-Vault allows developers to easily incorporate secure secret management practices into their Python projects, enhancing overall application security and simplifying the handling of sensitive configuration data.

Installation

# Install the dependency
pip install pydantic2-settings-vault
uv add pydantic2-settings-vault
poetry add pydantic2-settings-vault

License

Pydantic2-Settings-Vault is released under the MIT License. See the LICENSE file for more details.

Contact

For questions, suggestions, or issues related to Pydantic2-Settings-Vault, please open an issue on the GitHub repository.

Project details

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for SylvainM from gravatar.com SylvainM

Unverified details

These details have not been verified by PyPI
Meta
  • License: MIT License (MIT)
  • Author: Sylvain Mouquet
  • Tags configuration, enterprise, hashicorp, opensource, pydantic, python, secrets management, security, settings, vault
  • Requires: Python >=3.10
Classifiers

Release history Release notifications | RSS feed

This version

1.0.1

1.0.0

0.0.1

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

pydantic2_settings_vault-1.0.1.tar.gz (64.3 kB view details)

Uploaded Source

Built Distribution

pydantic2_settings_vault-1.0.1-py3-none-any.whl (5.7 kB view details)

Uploaded Python 3

File details

Details for the file pydantic2_settings_vault-1.0.1.tar.gz.

File metadata

File hashes

Hashes for pydantic2_settings_vault-1.0.1.tar.gz
Algorithm Hash digest
SHA256 5353d4033b7b055aa35fb2d4fea92e9e0530673fcc8425342be354b60051acea
MD5 b3759568ed637bf7c299802f1402fe4c
BLAKE2b-256 0a4cc5acf375436886eab944aa1450cac25cc927a9089682a43da0142b72efee

See more details on using hashes here.

File details

Details for the file pydantic2_settings_vault-1.0.1-py3-none-any.whl.

File metadata

File hashes

Hashes for pydantic2_settings_vault-1.0.1-py3-none-any.whl
Algorithm Hash digest
SHA256 4519f8407320aee8306e5346b9da5a4423411484510d027f18713aaea578a493
MD5 974bac9a9ee46be0778c21458ce8d1d3
BLAKE2b-256 7789e5f4c6fbe0b629029e0f670c6476c75ba10bd517bef0e9efad87f14c7d75

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page