A Pydantic v2 settings extension for secure configuration management using HashiCorp Vault OpenSource (OSS) and Enterprise
Project description
Pydantic2-Settings-Vault
Pydantic2-Settings-Vault is a simple extension of Pydantic Settings to collect secrets from HashiCorp Vault OpenSource (OSS) and Enterprise
Demonstration:
from typing import Tuple, Type
from pydantic import Field, SecretStr
from pydantic_settings import (
BaseSettings,
PydanticBaseSettingsSource,
)
from pydantic2_settings_vault import VaultConfigSettingsSource
class AppSettings(BaseSettings):
MY_SECRET: SecretStr = Field(
...,
json_schema_extra={
"vault_secret_path": "secret/data/test",
"vault_secret_key": "FOO", # pragma: allowlist secret
},
)
@classmethod
def settings_customise_sources(
cls,
settings_cls: Type[BaseSettings],
init_settings: PydanticBaseSettingsSource,
env_settings: PydanticBaseSettingsSource,
dotenv_settings: PydanticBaseSettingsSource,
file_secret_settings: PydanticBaseSettingsSource,
) -> Tuple[PydanticBaseSettingsSource, ...]:
return (
init_settings,
env_settings,
dotenv_settings,
VaultConfigSettingsSource(settings_cls=settings_cls),
)
# The connection to Vault is done via HTTP with AppRole authentication
import os
os.environ['VAULT_URL'] = "<configure it>"
os.environ['VAULT_ROLE_ID'] = "<configure it>"
os.environ['VAULT_SECRET_ID'] = "<configure it>"
# Only with Enterprise edition
os.environ['VAULT_NAMESPACE'] = "<configure it>"
Table of Contents
Description
Pydantic2-Settings-Vault is a extension for Pydantic Settings that enables secure configuration management by integrating with HashiCorp Vault. This library supports both the open-source (OSS) and Enterprise versions of Vault, providing a seamless way to retrieve and manage secrets within your Pydantic-based applications. By leveraging Vault's robust security features, Pydantic2-Settings-Vault allows developers to easily incorporate secure secret management practices into their Python projects, enhancing overall application security and simplifying the handling of sensitive configuration data.
Installation
# Install the dependency
pip install pydantic2-settings-vault
uv add pydantic2-settings-vault
poetry add pydantic2-settings-vault
License
Pydantic2-Settings-Vault is released under the MIT License. See the LICENSE file for more details.
Contact
For questions, suggestions, or issues related to Pydantic2-Settings-Vault, please open an issue on the GitHub repository.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Hashes for pydantic2_settings_vault-0.0.1.tar.gz
Algorithm | Hash digest | |
---|---|---|
SHA256 | 6614f688280ea7782cd113a48ed3d774826f149692b7dc2b8d962e1649d83f42 |
|
MD5 | f3879ebfce34e0cf4e52d49c26e9dcec |
|
BLAKE2b-256 | c67ad17fb3b8b86f91ddefbd39eca030f217148eba517de0396e5f3e34d13b2b |
Hashes for pydantic2_settings_vault-0.0.1-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 0f54d33725771c4f50393348b4739d872c86e1675b24d36bbab8381cb7c2b16b |
|
MD5 | a09cbb5b9011b6ae6e14cff94c5b204b |
|
BLAKE2b-256 | 9b7b019ae8e7f2bf9713253ceba436f4526c8d3b867b71062f7ae8a2574a978e |