commit acb4bb13e1f81bd0c49b8b4a9989d2f981689f02 Author: Stefan Kalscheuer Date: Sat Mar 23 10:00:56 2019 +0100 Import ReadMe file as home page diff --git a/Home.md b/Home.md new file mode 100644 index 0000000..64903d7 --- /dev/null +++ b/Home.md @@ -0,0 +1,122 @@ +# Java Vault Connector + +![Logo](https://raw.githubusercontent.com/stklcode/jvaultconnector/master/assets/logo.png) + +Java Vault Connector is a connector library for [Vault](https://www.vaultproject.io) by [Hashicorp](https://www.hashicorp.com) written in Java. The connector allows simple usage of Vault's secret store in own applications. + +## Features: + +* HTTP(S) backend connector + * Ability to provide or enforce custom CA certificate + * Optional initialization from environment variables +* Authorization methods + * Token + * Username/Password + * AppID (register and authenticate) [_deprecated_] + * AppRole (register and authenticate) +* Tokens + * Creation and lookup of tokens + * TokenBuilder for speaking creation of complex configuraitons +* Secrets + * Read secrets + * Write secrets + * List secrets + * Delete secrets + * Renew/revoke leases + * Raw secret content or JSON decoding + * SQL secret handling +* Connector Factory with builder pattern +* Tested against Vault 1.1.0 + + +## Maven Artifact +```xml + + de.stklcode.jvault + connector + 0.7.1 + +``` + +## Usage Examples + +### Initialization + +```java +// Instantiate using builder pattern style factory (TLS enabled by default) +VaultConnector vault = VaultConnectorFactory.httpFactory() + .withHost("127.0.0.1") + .withPort(8200) + .withTLS() + .build(); + +// Instantiate with custom SSL context +VaultConnector vault = VaultConnectorFactory.httpFactory() + .withHost("example.com") + .withPort(8200) + .withTrustedCA(Paths.get("/path/to/CA.pem")) + .build(); + +// Initialization from environment variables +VaultConnector vault = VaultConnectorFactory.httpFactory() + .fromEnv() + .build(); +``` + +### Authentication + +```java +// Authenticate with token. +vault.authToken("01234567-89ab-cdef-0123-456789abcdef"); + +// Authenticate with username and password. +vault.authUserPass("username", "p4ssw0rd"); + +// Authenticate with AppRole (secret - 2nd argument - is optional). +vault.authAppId("01234567-89ab-cdef-0123-456789abcdef", "fedcba98-7654-3210-fedc-ba9876543210"); +``` + +### Secret read & write + +```java +// Retrieve secret (prefix "secret/" assumed, use read() to read arbitrary paths) +String secret = vault.readSecret("some/secret/key").getValue(); + +// Complex secret. +Map secretData = vault.readSecret("another/secret/key").getData(); + +// Write simple secret. +vault.writeSecret("new/secret/key", "secret value"); + +// Write complex data to arbitraty path. +Map map = [...] +vault.write("any/path/to/write", map); + +// Delete secret. +vault.delete("any/path/to/write"); +``` + +### Token and role creation + +```java +// Create token using TokenBuilder +Token token = new TokenBuilder().withId("token id") + .withDisplayName("new test token") + .withPolicies("pol1", "pol2") + .build(); +vault.createToken(token); + +// Create AppRole credentials +vault.createAppRole("testrole", policyList); +AppRoleSecretResponse secret = vault.createAppRoleSecret("testrole"); +``` + +## Links + +[Project Page](http://jvault.stklcode.de) + +[JavaDoc API](http://jvault.stklcode.de/apidocs/) + +## License + +The project is licensed under [Apache License 2.0](http://www.apache.org/licenses/LICENSE-2.0). \ No newline at end of file