Close
    logoCloudomation Docs

    TaskVAULT

    class tasks.task_vault.TaskVAULT

    Interact with HashiCorp Vault

    Inputs

    NameTypeDefaultDescription
    allow_redirectsboolFalseIf set to False do not follow redirects. False by default.
    cacertstrNoneTo attach self-signed certificates (ca = certificate authority, cert = certificate). To access https:// urls, you need to sign your request. Certificates trusted by default by debian jessie will work.
    connect_timeoutfloatNoneA timeout for connecting to a peer. Can be disabled by setting to 0 or None
    datadictNone
    hoststr
    max_redirectsint10Maximum number of redirects to follow. 10 by default.
    modestrNone
    pathstr
    read_timeoutfloatNoneA timeout for reading a prtion of data from a peer. Can be disabled by setting to 0 or None
    secret_pathstrsecret
    tokenstr
    total_timeoutfloatNoneTotal timeout for the whole request. Can be disabled by setting to 0 or None
    versionintNone
    versionslistNone

    Outputs

    NameTypeDefaultDescription
    loglist
    resultdictThe response of the vault API.
    status_codeint
    execution_idintThe ID of the task execution
    messagestrThe ended message for the task. If the task ended with an error, the message will contain information about what went wrong
    statusstrThe ended status for the task. Either "success" or "error".

    Constants

    input_list = ['allow_redirects', 'cacert', 'connect_timeout', 'data', 'host', 'max_redirects', 'mode', 'path', 'read_timeout', 'secret_path', 'token', 'total_timeout', 'version', 'versions']output_list = ['log', 'result', 'status_code']version = 1

    Methods

    run ()

    Example

    import flow_api
    def handler(system: flow_api.System, this: flow_api.Execution):
    # create a secret
    this.task(
    'VAULT',
    host='https://my-vault-host:8200',
    path='/v1/secret/data/my-secret',
    data={
    'secret-key': 'secret-value',
    },
    token='my-vault-token',
    )
    # read a secret
    secret_value = this.task(
    'VAULT',
    host='https://my-vault-host:8200',
    path='/v1/secret/data/my-secret',
    version=None, # read latest version
    token='my-vault-token',
    ).get('output_value')['result']['data']['data']
    assert secret_value == {'secret-key': 'secret-value'}
    # destroy all versions of secret
    this.task(
    'VAULT',
    host='https://my-vault-host:8200',
    path='my-secret',
    mode='delete_metadata',
    token='my-vault-token',
    )
    Previous
    TaskSSH
    Next
    TaskXMLRPC