Skip to content

Latest commit

 

History

History
672 lines (492 loc) · 17.3 KB

transform.rst

File metadata and controls

672 lines (492 loc) · 17.3 KB
Raw

Transform

transform

client.sys.enable_secrets_engine(

backend_type='transform',

)

Encode/Decode Example

:pyhvac.api.secrets_engines.Transform.encode :pyhvac.api.secrets_engines.Transform.decode

transform

import hvac client = hvac.Client(url='https://127.0.0.1:8200')

input_value = '1111-1111-1111-1111'

role_name = 'hvac-role' transformation_name = 'hvac-fpe-credit-card' transformations = [transformation_name]

# Create a role and a transformation client.secrets.transform.create_or_update_role( name=role_name, transformations=transformations, ) client.secrets.transform.create_or_update_transformation( name=transformation_name, transform_type='fpe', template='builtin/creditcardnumber', tweak_source='internal', allowed_roles=[role_name], )

# Use the role/transformation combination to encode a value encode_response = client.secrets.transform.encode( role_name=role_name, value=input_value, transformation=transformation_name, ) print('The encoded value is: %s' % encode_response['data']['encoded_value'])

# Use the role/transformation combination to decode a value decode_response = client.secrets.transform.decode( role_name=role_name, value=encode_response['data']['encoded_value'], transformation=transformation_name, ) print('The decoded value is: %s' % decode_response['data']['decoded_value'])

transform

The encoded value is: ... The decoded value is: 1111-1111-1111-1111

Create/Update Role

:pyhvac.api.secrets_engines.Transform.create_or_update_role

transform

import hvac client = hvac.Client(url='https://127.0.0.1:8200')

client.secrets.transform.create_or_update_role(

name='hvac-role', transformations=[ 'hvac-fpe-credit-card', ],

)

Read Role

:pyhvac.api.secrets_engines.Transform.read_role

transform

import hvac client = hvac.Client(url='https://127.0.0.1:8200')

role_name = 'hvac-role' client.secrets.transform.create_or_update_role( name=role_name, transformations=[ 'hvac-fpe-credit-card', ], ) read_response = client.secrets.transform.read_role( name=role_name, ) print('Role "{}" has the following transformations configured: {}'.format( role_name, ', '.join(read_response['data']['transformations']), ))

transform

Role "hvac-role" has the following transformations configured: hvac-fpe-credit-card

List Roles

:pyhvac.api.secrets_engines.Transform.list_roles

transform

import hvac client = hvac.Client(url='https://127.0.0.1:8200')

client.secrets.transform.create_or_update_role(

name='hvac-role', transformations=[ 'hvac-fpe-credit-card', ],

) list_response = client.secrets.transform.list_roles() print('List of transform role names: {}'.format( ', '.join(list_response['data']['keys']), ))

transform

List of transform role names: hvac-role

Delete Role

:pyhvac.api.secrets_engines.Transform.delete_role

transform

import hvac client = hvac.Client(url='https://127.0.0.1:8200')

role_name = 'hvac-role'

# Create a role client.secrets.transform.create_or_update_role( name=role_name, transformations=[ 'hvac-fpe-credit-card', ], )

# Subsequently delete it... client.secrets.transform.delete_role( name=role_name, )

Create/Update Transformation

:pyhvac.api.secrets_engines.Transform.create_or_update_transformation

transform

import hvac client = hvac.Client(url='https://127.0.0.1:8200')

transformation_name = 'hvac-fpe-credit-card' template = 'builtin/creditcardnumber' client.secrets.transform.create_or_update_transformation( name=transformation_name, transform_type='fpe', template=template, tweak_source='internal', allowed_roles=[ 'test-role' ], )

Read Transformation

:pyhvac.api.secrets_engines.Transform.read_transformation

transform

import hvac client = hvac.Client(url='https://127.0.0.1:8200')

transformation_name = 'hvac-fpe-credit-card' template = 'builtin/creditcardnumber' client.secrets.transform.create_or_update_transformation( name=transformation_name, transform_type='fpe', template=template, tweak_source='internal', allowed_roles=[ 'hvac-role' ], ) read_response = client.secrets.transform.read_transformation( name=transformation_name, ) print('Transformation "{}" has the following type configured: {}'.format( transformation_name, read_response['data']['type'], ))

transform

Transformation "hvac-fpe-credit-card" has the following type configured: fpe

List Transformations

:pyhvac.api.secrets_engines.Transform.list_transformations

transform

import hvac client = hvac.Client(url='https://127.0.0.1:8200')

transformation_name = 'hvac-fpe-credit-card' template = 'builtin/creditcardnumber' client.secrets.transform.create_or_update_transformation( name=transformation_name, transform_type='fpe', template=template, tweak_source='internal', allowed_roles=[ 'hvac-role' ], ) list_response = client.secrets.transform.list_transformations() print('List of transformations: {}'.format( ', '.join(list_response['data']['keys']), ))

transform

List of transformations: hvac-fpe-credit-card

Delete Transformation

:pyhvac.api.secrets_engines.Transform.delete_transformation

transform

import hvac client = hvac.Client(url='https://127.0.0.1:8200')

transformation_name = 'hvac-fpe-credit-card' template = 'builtin/creditcardnumber'

# Create a transformation client.secrets.transform.create_or_update_transformation( name=transformation_name, transform_type='fpe', template=template, tweak_source='internal', allowed_roles=[ 'hvac-role' ], )

# Subsequently delete it... client.secrets.transform.delete_role( name=role_name, )

Create/Update Template

:pyhvac.api.secrets_engines.Transform.create_or_update_template

transform

import hvac client = hvac.Client(url='https://127.0.0.1:8200')

template_name = 'hvac-template' create_response = client.secrets.transform.create_or_update_template( name=template_name, template_type='regex', pattern='(\d{9})', alphabet='builtin/numeric', )

Read Template

:pyhvac.api.secrets_engines.Transform.read_template

transform

import hvac client = hvac.Client(url='https://127.0.0.1:8200')

template_name = 'hvac-template' client.secrets.transform.create_or_update_template( name=template_name, template_type='regex', pattern='(\d{9})', alphabet='builtin/numeric', ) read_response = client.secrets.transform.read_template( name=template_name, ) print('Template "{}" has the following type configured: {}'.format( template_name, read_response['data']['type'], ))

transform

Template "hvac-template" has the following type configured: regex

List Templates

:pyhvac.api.secrets_engines.Transform.list_templates

transform

import hvac client = hvac.Client(url='https://127.0.0.1:8200')

template_name = 'hvac-template' client.secrets.transform.create_or_update_template( name=template_name, template_type='regex', pattern='(\d{9})', alphabet='builtin/numeric', ) list_response = client.secrets.transform.list_templates() print('List of templates: {}'.format( ', '.join(list_response['data']['keys']), ))

transform

List of templates: builtin/creditcardnumber, builtin/socialsecuritynumber, hvac-template

Delete Template

:pyhvac.api.secrets_engines.Transform.delete_template

transform

import hvac client = hvac.Client(url='https://127.0.0.1:8200')

template_name = 'hvac-template' client.secrets.transform.create_or_update_template( name=template_name, template_type='regex', pattern='(\d{9})', alphabet='builtin/numeric', )

# Subsequently delete it... client.secrets.transform.delete_template( name=template_name, )

Create/Update Alphabet

:pyhvac.api.secrets_engines.Transform.create_or_update_alphabet

transform

import hvac client = hvac.Client(url='https://127.0.0.1:8200')

alphabet_name = 'hvac-alphabet' alphabet_value = 'abc' client.secrets.transform.create_or_update_alphabet( name=alphabet_name, alphabet=alphabet_value, )

Read Alphabet

:pyhvac.api.secrets_engines.Transform.read_alphabet

transform

import hvac client = hvac.Client(url='https://127.0.0.1:8200')

alphabet_name = 'hvac-alphabet' alphabet_value = 'abc' client.secrets.transform.create_or_update_alphabet( name=alphabet_name, alphabet=alphabet_value, ) read_response = client.secrets.transform.read_alphabet( name=alphabet_name, ) print('Alphabet "{}" has this jazz: {}'.format( alphabet_name, read_response['data']['alphabet'], ))

transform

Alphabet "hvac-alphabet" has this jazz: abc

List Alphabets

:pyhvac.api.secrets_engines.Transform.list_alphabets

transform

import hvac client = hvac.Client(url='https://127.0.0.1:8200')

alphabet_name = 'hvac-alphabet' alphabet_value = 'abc' client.secrets.transform.create_or_update_alphabet( name=alphabet_name, alphabet=alphabet_value, ) list_response = client.secrets.transform.list_alphabets() print('List of alphabets: {}'.format( ', '.join(list_response['data']['keys']), ))

transform

List of alphabets: builtin/alphalower, ..., hvac-alphabet

Delete Alphabet

:pyhvac.api.secrets_engines.Transform.delete_alphabet

transform

import hvac client = hvac.Client(url='https://127.0.0.1:8200')

alphabet_name = 'hvac-alphabet' alphabet_value = 'abc'

# Create an alphabet client.secrets.transform.create_or_update_alphabet( name=alphabet_name, alphabet=alphabet_value, )

# Subsequently delete it... client.secrets.transform.delete_alphabet( name=alphabet_name, )

Create Or Update FPE Transformation

:pyhvac.api.secrets_engines.Transform.create_or_update_fpe_transformation

hvac.api.secrets_engines.Transform.create_or_update_fpe_transformation

Create Or Update Masking Transformation

:pyhvac.api.secrets_engines.Transform.create_or_update_masking_transformation

hvac.api.secrets_engines.Transform.create_or_update_masking_transformation

Create Or Update Tokenization Transformation

:pyhvac.api.secrets_engines.Transform.create_or_update_tokenization_transformation

hvac.api.secrets_engines.Transform.create_or_update_tokenization_transformation

Create Or Update Tokenization Store

:pyhvac.api.secrets_engines.Transform.create_or_update_tokenization_store

hvac.api.secrets_engines.Transform.create_or_update_tokenization_store

Encode

:pyhvac.api.secrets_engines.Transform.encode

hvac.api.secrets_engines.Transform.encode

Validate Token

:pyhvac.api.secrets_engines.Transform.validate_token

hvac.api.secrets_engines.Transform.validate_token

Check Tokenization

:pyhvac.api.secrets_engines.Transform.check_tokenization

hvac.api.secrets_engines.Transform.check_tokenization

Retrieve Token Metadata

:pyhvac.api.secrets_engines.Transform.retrieve_token_metadata

hvac.api.secrets_engines.Transform.retrieve_token_metadata

Snapshot Tokenization State

:pyhvac.api.secrets_engines.Transform.snapshot_tokenization_state

hvac.api.secrets_engines.Transform.snapshot_tokenization_state

Restore Tokenization State

:pyhvac.api.secrets_engines.Transform.restore_tokenization_state

hvac.api.secrets_engines.Transform.restore_tokenization_state

Export Decoded Tokenization State

:pyhvac.api.secrets_engines.Transform.export_decoded_tokenization_state

hvac.api.secrets_engines.Transform.export_decoded_tokenization_state

Rotate Tokenization Key

:pyhvac.api.secrets_engines.Transform.rotate_tokenization_key

hvac.api.secrets_engines.Transform.rotate_tokenization_key

Update Tokenization Key Config

:pyhvac.api.secrets_engines.Transform.update_tokenization_key_config

hvac.api.secrets_engines.Transform.update_tokenization_key_config

List Tokenization Key Configuration

:pyhvac.api.secrets_engines.Transform.list_tokenization_key_configuration

hvac.api.secrets_engines.Transform.list_tokenization_key_configuration

Read Tokenization Key Configuration

:pyhvac.api.secrets_engines.Transform.read_tokenization_key_configuration

hvac.api.secrets_engines.Transform.read_tokenization_key_configuration

Trim Tokenization Key Version

:pyhvac.api.secrets_engines.Transform.trim_tokenization_key_version

hvac.api.secrets_engines.Transform.trim_tokenization_key_version