🔒 Python 2.7/3.X client for HashiCorp Vault
Branch: develop
Clone or download
viralpoetry and jeffwecan Fix copy/paste error in docs (#395)
The correct method for group listing should be `list_groups_by_name`
Latest commit 7b029d2 Feb 19, 2019

README.md

hvac

Header image

HashiCorp Vault API client for Python 2.7/3.x

Travis CI codecov Documentation Status PyPI version Twitter - @python_hvac

Tested against the latest release, HEAD ref, and 3 previous major versions (counting back from the latest release) of Vault. Currently supports Vault v0.9.6 or later.

Documentation

Documentation for this module is hosted on readthedocs.io.

Getting started

Installation

pip install hvac

or

pip install "hvac[parser]"

if you would like to be able to return parsed HCL data as a Python dict for methods that support it.

Initialize the client

import os

import hvac

# Using plaintext
client = hvac.Client()
client = hvac.Client(url='http://localhost:8200')
client = hvac.Client(url='http://localhost:8200', token=os.environ['VAULT_TOKEN'])

# Using TLS
client = hvac.Client(url='https://localhost:8200')

# Using TLS with client-side certificate authentication
client = hvac.Client(url='https://localhost:8200', cert=('path/to/cert.pem', 'path/to/key.pem'))

# Using Namespace
client = hvac.Client(url='http://localhost:8200', token=os.environ['VAULT_TOKEN'], namespace=os.environ['VAULT_NAMESPACE'])

Read and write to secret backends

client.write('secret/foo', baz='bar', lease='1h')

print(client.read('secret/foo'))

client.delete('secret/foo')

Authenticate using token auth backend

# Token
client.token = 'MY_TOKEN'
assert client.is_authenticated() # => True