Class: KeyVault::Client
- Inherits:
-
Object
- Object
- KeyVault::Client
- Defined in:
- lib/key_vault/client.rb
Overview
Client for Azure Key Vault
Allows creation and retrieval of secrets from Azure Key Vault
N.B. Secret names can contain only contain alphanumerics or hyphens. Any ‘invalid’ characters will be translated into hyphens.
Instance Attribute Summary collapse
-
#api_version ⇒ Object
readonly
version of the Azure REST API being used.
Instance Method Summary collapse
-
#create_secret(secret_name, secret_value) ⇒ Object
Adds a secret to key vault.
-
#get_secret(secret_name, secret_version = nil) ⇒ Object
Retrieves secret from key vault as a string.
-
#initialize(vault_name, bearer_token, api_version: VAULT_API_VERSION) ⇒ Client
constructor
Create client for a key vault.
Constructor Details
#initialize(vault_name, bearer_token, api_version: VAULT_API_VERSION) ⇒ Client
Create client for a key vault
Parameters:
vault_name
-
The name of the key vault
bearer_token
-
The token obtained from #KeyVault::Auth
api_version
-
(optional) Version of the azure REST API to use. Defaults to
VAULT_API_VERSION
25 26 27 28 29 30 |
# File 'lib/key_vault/client.rb', line 25 def initialize(vault_name, bearer_token, api_version: VAULT_API_VERSION) @vault_name = vault_name @api_version = api_version || VAULT_API_VERSION @bearer_token = bearer_token @vault_url = Url.new(@vault_name) end |
Instance Attribute Details
#api_version ⇒ Object (readonly)
version of the Azure REST API being used
16 17 18 |
# File 'lib/key_vault/client.rb', line 16 def api_version @api_version end |
Instance Method Details
#create_secret(secret_name, secret_value) ⇒ Object
Adds a secret to key vault
Parameters:
secret_name
-
Name of the secret (alphanumeric with hyphens)
secret_value
-
Value of the secret as a string
54 55 56 57 58 59 60 |
# File 'lib/key_vault/client.rb', line 54 def create_secret(secret_name, secret_value) url = @vault_url.get_url(clean(secret_name), nil, @api_version) body = @vault_url.get_body(secret_value) headers = { 'Content-Type' => 'application/json', 'Authorization' => @bearer_token } RestClient.put(url, body, headers) end |
#get_secret(secret_name, secret_version = nil) ⇒ Object
Retrieves secret from key vault as a string
Parameters:
secret_name
-
Name of the secret (alphanumeric with hyphens)
secret_version
-
(optional) Version of the secret to retrieve. Defaults to latest version
Returns:
A string containing the secret value or nil if not found
40 41 42 43 44 45 46 47 |
# File 'lib/key_vault/client.rb', line 40 def get_secret(secret_name, secret_version = nil) url = @vault_url.get_url(clean(secret_name), secret_version, @api_version) headers = { 'Authorization' => @bearer_token } response = RestClient.get(url, headers) JSON.parse(response)['value'] rescue RestClient::NotFound return nil end |