Skip to content

Latest commit

 

History

History
84 lines (65 loc) · 4.13 KB

README.md

File metadata and controls

84 lines (65 loc) · 4.13 KB
Raw

emancipation-grill

A pure JavaScript node client for Hashicorp's Vault.

on npm Tests Coverage Dependencies

Tested against vault 0.6.5. Uses ES6 template strings, so it requires node 4 or newer.

Usage

All functions return a promise if a callback is not provided. All functions have the following signature:

grill.funcname(name, dataObj, callbackFunc);

The name param is substituted into the url path. The dataObj parameter is an optional object containing any data required for PUT or POST operations on the Vault api.

var grill = new EmancipationGrill();

grill.initialized()
.then(function(response)
{
    return grill.read('secret/apikey');
})
.then(function(key)
{
    // do something with the key
}).done();


grill.removePolicy('policy-name', function(err, res) { });
grill.addPolicy('policy-name', { policy: 'data here'}, function(err, res) { });
grill.mount('aws', {}, function(err, res) { });
grill.unmount('aws', function(err, res) { });

API

The implemented functions:

Grill function Vault API endpoint notes
read() read a secret
write() write a secret
delete() delete a secret
readSecret() read a secret from the /secret path
writeSecret() write a secret to the /secret path
deleteSecret() delete a secret from the /secret path
initialized() GET /sys/init No parameters.
initialize() PUT /sys/init Requires payload.
sealed() GET /sys/seal-status No parameters.
unseal() PUT /sys/unseal Requires secret_shares and key params in payload.
seal() PUT /sys/seal No parameters, no response body.
mounts() GET /sys/mount No parameters.
mount() PUT /sys/mount/:backend
unmount() DELETE /sys/mount/:backend
remount() POST /sys/remount
policies() GET /sys/policy
addPolicy() PUT /sys/policy/:policy
removePolicy() DELETE /sys/policy/:policy
renewLease() PUT sys/renew/:leaseid
revokeLease() PUT /sys/revoke/:leaseid
revokePrefix() PUT /sys/revoke-prefix/:pathprefix
audits() GET /sys/audit
enableAudit() PUT /sys/audit/:backend
disableAudit() DELETE /sys/audit/:backend
auths() GET /sys/auth
enableAuth() PUT /sys/auth/:mountpoint Requires type param in payload.
disableAuth() DELETE /sys/auth/:mountpoint
health() respond with service health object
github() UNIMPLEMENTED TODO
mapGithubTeam() UNIMPLEMENTED TODO

TODO

  • finish off the api
  • unsealing?

LICENSE

ISC