HashiCorp Vault

hashicorp vault is an identity based secrets management this connector integrates hashicorp vault api version 1 with swimlane turbine prerequisites hashicorp vault asset requires url and api key for accessing vault api's connector setup obtaining an api token and url launch the hcp portal https //portal cloud hashicorp com/sign in and login click vault in the left navigation pane in the vault clusters pane, click vault cluster under cluster urls, click public cluster url under quick actions, click generate token to get api key capabilities the hashicorp vault connector provides the following capabilities read secret list secrets create/update secret delete secret action setup create/update secret action navigate to connector action interface click on add property select value type i e string or object etc give key name as per requirement and define its value (note location and path must exist in vault prior creating or updating secret ) configurations api key authentication authenticates using an api key configuration parameters parameter description type required url a url to the target host string required x vault token api key string required verify ssl verify ssl certificate boolean optional http proxy a proxy to route requests through string optional actions create/update secret creates or updates a secret at the specified location and path if the value does not yet exist it will create a new one the calling token must have acl policy accordingly endpoint url v1/{{location}}/{{path}} method post input argument name type required description location string required location of the kv secrets engine path string required the path where the secret is stored headers object required http headers for the request x vault namespace string required namespace where the kv secrets engine is created output parameter type description status code number http status code of the response reason string response reason phrase response text string output field response text example \[ { "status code" 204, "response headers" { "cache control" "no store", "content type" "application/json", "date" "thu, 18 jan 2024 05 16 22 gmt", "ngrok trace id" "56648082a69a40dc1420807cd86e6cf7", "strict transport security" "max age=31536000; includesubdomains" }, "reason" "no content", "response text" "" } ] delete secret deletes the secret at the specified path endpoint url v1/{{location}}/{{path}} method delete input argument name type required description location string required location of the kv secrets engine path string required the path where the secret is stored headers object required http headers for the request x vault namespace string required namespace where the kv secrets engine is created output parameter type description status code number http status code of the response reason string response reason phrase response text string output field response text example \[ { "status code" 204, "response headers" { "cache control" "no store", "content type" "application/json", "date" "thu, 18 jan 2024 05 15 16 gmt", "ngrok trace id" "f892e0f7159cf129f042c158e43dcf94", "strict transport security" "max age=31536000; includesubdomains" }, "reason" "no content", "response text" "" } ] list secrets lists key names at the specified path where path being the folder endpoint url v1/{{location}}/{{path}} method list input argument name type required description location string required location of the kv secrets engine path string optional parent folder of the secret path headers object required http headers for the request x vault namespace string required namespace where the kv secrets engine is created output parameter type description status code number http status code of the response reason string response reason phrase request id string unique identifier lease id string unique identifier renewable boolean output field renewable lease duration number output field lease duration data object response data keys array output field keys wrap info object output field wrap info warnings object output field warnings auth object output field auth example \[ { "status code" 200, "response headers" { "cache control" "no store", "content length" "195", "content type" "application/json", "date" "thu, 18 jan 2024 05 18 10 gmt", "ngrok trace id" "4bd8b5dd4341002517d87250b6ab4274", "strict transport security" "max age=31536000; includesubdomains" }, "reason" "ok", "json body" { "request id" "c011d417 ce25 3cb8 b9ee 617bfc6c23f3", "lease id" "", "renewable" false, "lease duration" 0, "data" {}, "wrap info" null, "warnings" null, "auth" null } } ] read secret retrieves the secret at the specified path endpoint url v1/{{location}}/{{path}} method get input argument name type required description location string required location of the kv secrets engine path string required the path where the secret is stored headers object required http headers for the request x vault namespace string required namespace where the kv secrets engine is created output parameter type description status code number http status code of the response reason string response reason phrase request id string unique identifier lease id string unique identifier renewable boolean output field renewable lease duration number output field lease duration data object response data first string output field first wrap info object output field wrap info warnings object output field warnings auth object output field auth example \[ { "status code" 200, "response headers" { "cache control" "no store", "content length" "179", "content type" "application/json", "date" "thu, 18 jan 2024 05 12 46 gmt", "ngrok trace id" "e4e63fad77aa76afa1e3d879b3a442a9", "strict transport security" "max age=31536000; includesubdomains" }, "reason" "ok", "json body" { "request id" "cb9bd138 14ab 1606 d683 d27d64210966", "lease id" "", "renewable" false, "lease duration" 2764800, "data" {}, "wrap info" null, "warnings" null, "auth" null } } ] response headers header description example cache control directives for caching mechanisms no store content length the length of the response body in bytes 179 content type the media type of the resource application/json date the date and time at which the message was originated thu, 18 jan 2024 05 16 22 gmt ngrok trace id http response header ngrok trace id e4e63fad77aa76afa1e3d879b3a442a9 strict transport security http response header strict transport security max age=31536000; includesubdomains notes for more information on api's refer documentation https //developer hashicorp com/vault/api docs/secret/kv/kv v1 for more information on namespace refer namespace https //developer hashicorp com/vault/api docs#namespaces for more information on tokens refer token https //developer hashicorp com/vault/tutorials/tokens/tokens#tokens