Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
* Break out wrappers TOC with more depth * Shorten redudnant heading * Fix auth=>secret typo, better looking usage links * Alphabetical * Remove inadvertently added v1 module path prefix * Azure secret engine docs * Azure secret engine tests / test updates * Azure secret engine class * update skip version num
- Loading branch information
Showing
11 changed files
with
525 additions
and
22 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,4 +1,108 @@ | ||
.. _azure-secret-engine: | ||
|
||
Azure Secret Engine | ||
=================== | ||
Azure | ||
===== | ||
|
||
.. note:: | ||
Every method under the :py:attr:`Azure class<hvac.api.secrets_engines.Azure>` includes a `mount_point` parameter that can be used to address the Azure secret engine under a custom mount path. E.g., If enabling the Azure secret engine using Vault's CLI commands via `vault secrets enable -path=my-azure azure`", the `mount_point` parameter in :py:meth:`hvac.api.secrets_engines.Azure` methods would need to be set to "my-azure". | ||
|
||
|
||
Configure | ||
--------- | ||
|
||
:py:meth:`hvac.api.secrets_engines.Azure.configure` | ||
|
||
.. code:: python | ||
import hvac | ||
client = hvac.Client() | ||
client.azure.secret.configure( | ||
subscription_id='my-subscription-id', | ||
tenant_id='my-tenant-id', | ||
) | ||
Read Config | ||
----------- | ||
|
||
:py:meth:`hvac.api.secrets_engines.Azure.read_config` | ||
|
||
.. code:: python | ||
import hvac | ||
client = hvac.Client() | ||
azure_secret_config = client.azure.secret.read_config() | ||
print('The Azure secret engine is configured with a subscription ID of {id}'.format( | ||
id=azure_secret_config['subscription_id'], | ||
)) | ||
Delete Config | ||
------------- | ||
|
||
:py:meth:`hvac.api.secrets_engines.Azure.delete_config` | ||
|
||
.. code:: python | ||
import hvac | ||
client = hvac.Client() | ||
client.azure.secret.delete_config() | ||
Create Or Update A Role | ||
----------------------- | ||
|
||
:py:meth:`hvac.api.secrets_engines.Azure.create_or_update_role` | ||
|
||
.. code:: python | ||
import hvac | ||
client = hvac.Client() | ||
azure_roles = [ | ||
{ | ||
'role_name': "Contributor", | ||
'scope': "/subscriptions/95e675fa-307a-455e-8cdf-0a66aeaa35ae", | ||
}, | ||
] | ||
client.azure.secret.create_or_update_role( | ||
name='my-azure-secret-role', | ||
azure_roles=azure_roles, | ||
) | ||
List Roles | ||
---------- | ||
|
||
:py:meth:`hvac.api.secrets_engines.Azure.list_roles` | ||
|
||
.. code:: python | ||
import hvac | ||
client = hvac.Client() | ||
azure_secret_engine_roles = client.azure.secret.list_roles() | ||
print('The following Azure secret roles are configured: {roles}'.format( | ||
roles=','.join(roles['keys']), | ||
)) | ||
Generate Credentials | ||
-------------------- | ||
|
||
:py:meth:`hvac.api.secrets_engines.Azure.generate_credentials` | ||
|
||
.. code:: python | ||
import hvac | ||
from azure.common.credentials import ServicePrincipalCredentials | ||
client = hvac.Client() | ||
azure_creds = client.azure.secret.secret.generate_credentials( | ||
name='some-azure-role-name', | ||
) | ||
azure_spc = ServicePrincipalCredentials( | ||
client_id=azure_creds['client_id'], | ||
secret=azure_creds['client_secret'], | ||
tenant=TENANT_ID, | ||
) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -4,5 +4,5 @@ Wrappers | |
.. toctree:: | ||
:maxdepth: 2 | ||
|
||
kv | ||
azure | ||
kv |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.