A reusable FastAPI vault utility service for other projects to use hashicorp vault
Project description
# Vault Service
The **Vault Service** package provides a convenient interface for interacting with HashiCorp Vault. It offers various methods to manage secrets for different tenants and connectors. This package is designed for seamless integration into your applications.
## Table of Contents
- [Installation](#installation)
- [Usage](#usage)
- [Methods](#methods)
- [store_secret](#store_secret)
- [get_secret](#get_secret)
- [update_secret](#update_secret)
- [delete_secret](#delete_secret)
- [get_all_secrets_for_tenant](#get_all_secrets_for_tenant)
- [delete_all_secrets_for_tenant](#delete_all_secrets_for_tenant)
- [License](#license)
## Installation
You can install the Vault Service package using pip:
```bash
pip install vault-service
Usage
To use the Vault Service, you need to initialize the VaultController and then call the utility functions. Make sure to set the required environment variables for Vault connection:
export VAULT_ADDR='https://your-vault-address'
export VAULT_TOKEN='your-vault-token'
export BASE_PATH='your-base-path'
Methods
store_secret(service_id: str, tenant_id: str, secret_name: str, secret_data: SecretData)
Stores a new secret in HashiCorp Vault under the specified service, tenant, and secret name.
Parameters:
service_id: The ID of the service.tenant_id: The ID of the tenant.secret_name: The name of the secret to store.secret_data: An instance ofSecretData, containing the secret information to be stored.
Sample Payload for secret_data:
{
"auth_key": "<auth-key>",
"database_credentials": {
"host": "localhost",
"port": 5432,
"database": "my_database",
"user": "my_user",
"password": "my_password"
},
"redis_credentials": {
"host": "localhost",
"port": 6379,
"password": "my_password"
}
}
Returns: A message indicating the success or failure of the operation.
get_secret(service_id: str, tenant_id: str, secret_name: str)
Retrieves a secret from HashiCorp Vault for the specified service, tenant, and secret name.
Parameters:
service_id: The ID of the service.tenant_id: The ID of the tenant.secret_name: The name of the secret to retrieve.
Returns: The retrieved secret data as a dictionary, or an error message if not found.
update_secret(service_id: str, tenant_id: str, secret_name: str, secret_data: SecretData)
Updates an existing secret in HashiCorp Vault for the specified service, tenant, and secret name.
Parameters:
service_id: The ID of the service.tenant_id: The ID of the tenant.secret_name: The name of the secret to update.secret_data: An instance ofSecretData, containing the updated secret information.
Sample Payload for secret_data:
{
"auth_key": "<new-auth-key>",
"database_credentials": {
"host": "localhost",
"port": 5432,
"database": "my_database",
"user": "my_user",
"password": "new_password"
},
"redis_credentials": {
"host": "localhost",
"port": 6379,
"password": "new_password"
}
}
Returns: A message indicating the success or failure of the operation.
delete_secret(service_id: str, tenant_id: str, secret_name: str)
Deletes a secret from HashiCorp Vault for the specified service, tenant, and secret name.
Parameters:
service_id: The ID of the service.tenant_id: The ID of the tenant.secret_name: The name of the secret to delete.
Returns: A message indicating the success or failure of the deletion.
get_all_secrets_for_tenant(service_id: str, tenant_id: str)
Retrieves all secrets for a specific tenant and service from HashiCorp Vault.
Parameters:
service_id: The ID of the service.tenant_id: The ID of the tenant.
Returns: A list of all secrets associated with the tenant.
delete_all_secrets_for_tenant(service_id: str, tenant_id: str)
Deletes all secrets associated with a specific tenant and service from HashiCorp Vault.
Parameters:
service_id: The ID of the service.tenant_id: The ID of the tenant.
Returns: A message indicating the success or failure of the deletion.
License
This project is licensed under the MIT License. See the LICENSE file for details.
### Changes:
- Added `service_id` as the first required parameter for each method.
- Specified that `tenant_id` is not optional in each method.
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file vault_service-0.4.1.tar.gz.
File metadata
- Download URL: vault_service-0.4.1.tar.gz
- Upload date:
- Size: 7.2 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/5.1.1 CPython/3.12.7
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
5b1440be071f0b783f45e322d7031214b73a58d89f555e306136f69b96b7c766
|
|
| MD5 |
6a42de01713882f54acfe0d4c2466843
|
|
| BLAKE2b-256 |
6a97af853f932b0fdd856b4420a71faeb5ccb58bbedce4111b051c8065daef23
|
File details
Details for the file vault_service-0.4.1-py3-none-any.whl.
File metadata
- Download URL: vault_service-0.4.1-py3-none-any.whl
- Upload date:
- Size: 7.5 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/5.1.1 CPython/3.12.7
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
4d308fc651d57e07b52eec34f78354e96c8bcdf1a5f8df0eed46c48c4e596afa
|
|
| MD5 |
778a88ecff44a7a2b3fe1bfba19061fc
|
|
| BLAKE2b-256 |
4fc1b32caaabf09b947856bbcc5d7c7f87bb13f8b7d9e0fc97f6400539c18b54
|
