Package org.springframework.vault.core
Interface VaultOperations
- All Known Implementing Classes:
VaultTemplate
public interface VaultOperations
Interface that specifies a basic set of Vault operations, implemented by
VaultTemplate. This is the main entry point to
interact with Vault in an authenticated and unauthenticated context.
VaultOperations allows execution of callback methods. Callbacks can execute
requests within a session context and
the without a session.
- Author:
- Mark Paluch, Lauren Voswinkel
- See Also:
-
Method Summary
Modifier and TypeMethodDescriptionvoidDelete a path.<T> TdoWithSession(RestOperationsCallback<T> sessionCallback) Executes a VaultRestOperationsCallback.<T> TdoWithVault(RestOperationsCallback<T> clientCallback) Executes a VaultRestOperationsCallback.Enumerate keys from a Vault path.opsForKeyValue(String path, VaultKeyValueOperationsSupport.KeyValueBackend apiVersion) ReturnVaultKeyValueOperations.ReturnVaultPkiOperationsif the PKI backend is mounted on a different path thanpki.opsForTransform(String path) ReturnVaultTransformOperationsif the transit backend is mounted on a different path thantransform.opsForTransit(String path) ReturnVaultTransitOperationsif the transit backend is mounted on a different path thantransit.ReturnVaultVersionedKeyValueOperations.Read from a Vault path.<T> VaultResponseSupport<T>Read from a secret backend.default VaultResponseWrite to a Vault path.Write to a Vault path.
-
Method Details
-
opsForKeyValue
VaultKeyValueOperations opsForKeyValue(String path, VaultKeyValueOperationsSupport.KeyValueBackend apiVersion) ReturnVaultKeyValueOperations.- Parameters:
path- the mount path, must not be empty or null.apiVersion- API version to use, must not be null.- Returns:
- the operations interface to interact with the Vault Key/Value backend.
- Since:
- 2.1
-
opsForVersionedKeyValue
ReturnVaultVersionedKeyValueOperations.- Parameters:
path- the mount path- Returns:
- the operations interface to interact with the versioned Vault Key/Value (version 2) backend.
- Since:
- 2.1
-
opsForPki
VaultPkiOperations opsForPki()- Returns:
- the operations interface to interact with the Vault PKI backend.
-
opsForPki
ReturnVaultPkiOperationsif the PKI backend is mounted on a different path thanpki.- Parameters:
path- the mount path- Returns:
- the operations interface to interact with the Vault PKI backend.
-
opsForSys
VaultSysOperations opsForSys()- Returns:
- the operations interface administrative Vault access.
-
opsForToken
VaultTokenOperations opsForToken()- Returns:
- the operations interface to interact with Vault token.
-
opsForTransform
VaultTransformOperations opsForTransform()- Returns:
- the operations interface to interact with the Vault transform backend.
- Since:
- 2.3
-
opsForTransform
ReturnVaultTransformOperationsif the transit backend is mounted on a different path thantransform.- Parameters:
path- the mount path- Returns:
- the operations interface to interact with the Vault transform backend.
- Since:
- 2.3
-
opsForTransit
VaultTransitOperations opsForTransit()- Returns:
- the operations interface to interact with the Vault transit backend.
-
opsForTransit
ReturnVaultTransitOperationsif the transit backend is mounted on a different path thantransit.- Parameters:
path- the mount path- Returns:
- the operations interface to interact with the Vault transit backend.
-
opsForWrapping
VaultWrappingOperations opsForWrapping()- Returns:
- the operations interface to interact with the Vault system/wrapping endpoints.
- Since:
- 2.1
-
read
Read from a Vault path. Reading data using this method is suitable for API calls/secret backends that do not require a request body.- Parameters:
path- must not be null.- Returns:
- the data. May be null if the path does not exist.
-
read
Read from a secret backend. Reading data using this method is suitable for secret backends that do not require a request body.- Parameters:
path- must not be null.responseType- must not be null.- Returns:
- the data. May be null if the path does not exist.
-
list
Enumerate keys from a Vault path.- Parameters:
path- must not be null.- Returns:
- the data. May be null if the path does not exist.
-
write
Write to a Vault path.- Parameters:
path- must not be null.- Returns:
- the response, may be null.
- Since:
- 2.0
-
write
Write to a Vault path.- Parameters:
path- must not be null.body- the body, may be null if absent.- Returns:
- the response, may be null.
-
delete
Delete a path.- Parameters:
path- must not be null.
-
doWithVault
@Nullable <T> T doWithVault(RestOperationsCallback<T> clientCallback) throws VaultException, RestClientException Executes a VaultRestOperationsCallback. Allows to interact with Vault usingRestOperationswithout requiring a session.- Parameters:
clientCallback- the request.- Returns:
- the
RestOperationsCallbackreturn value. - Throws:
VaultException- when aHttpStatusCodeExceptionoccurs.RestClientException- exceptions fromRestOperations.
-
doWithSession
@Nullable <T> T doWithSession(RestOperationsCallback<T> sessionCallback) throws VaultException, RestClientException Executes a VaultRestOperationsCallback. Allows to interact with Vault in an authenticated session.- Parameters:
sessionCallback- the request.- Returns:
- the
RestOperationsCallbackreturn value. - Throws:
VaultException- when aHttpStatusCodeExceptionoccurs.RestClientException- exceptions fromRestOperations.
-