A Vault Client implemented in pure javascript for HashiCorp Vault. It supports variety of Auth Backends and performs lease renewal for issued auth token.
npm install node-vault-clientA Vault Client implemented in pure javascript for HashiCorp Vault.
It supports variety of Auth Backends and performs lease renewal for issued auth token.
npm install --save node-vault-client
Example
javascript
const VaultClient = require('node-vault-client');const vaultClient = VaultClient.boot('main', {
api: { url: 'https://vault.example.com:8200/' },
auth: {
type: 'appRole', // or 'token', 'iam'
config: { role_id: '637c065f-c644-5e12-d3d1-e9fa4363af61' }
},
});
vaultClient.read('secret/tst').then(v => {
console.log(v);
}).catch(e => console.error(e));
`Supported Auth Backends
API
$3
* VaultClient
* new VaultClient(options)
* _instance_
* .fillNodeConfig()
* .read(path) ⇒ Promise.<Lease>
* .list(path) ⇒ Promise.<Lease>
* .write(path, data) ⇒ Promise.<(T\|never)>
* _static_
* [.boot(name, [options])](#VaultClient.boot) ⇒
* .get(name) ⇒
* [.clear([name])](#VaultClient.clear)
#### new VaultClient(options)
Client constructor function.
| Param | Type | Default | Description |
| --- | --- | --- | --- |
| options |
| | |
| options.api | Object | | |
| options.api.url | String | | the url of the vault server |
| [options.api.apiVersion] | String | v1 | |
| options.auth | Object | | |
| options.auth.type | String | | |
| options.auth.config | Object | | auth configuration variables |
| options.logger | Object | false | | Logger that supports "error", "info", "warn", "trace", "debug" methods. Uses console by default. Pass false` to disable logging. |#### vaultClient.fillNodeConfig()
Populates Vault's values to NPM "config" module
Kind: instance method of VaultClient
#### vaultClient.read(path) ⇒ Promise.<Lease>
Read secret from Vault
Kind: instance method of VaultClient
| Param | Type | Description |
| --- | --- | --- |
| path | string | path to the secret |
#### vaultClient.list(path) ⇒ Promise.<Lease>
Retrieves secrets list
Kind: instance method of VaultClient
| Param | Type | Description |
| --- | --- | --- |
| path | string | path to the secret |
#### vaultClient.write(path, data) ⇒ Promise.<(T\|never)>
Writes data to Vault
Kind: instance method of VaultClient
| Param | Type | Description |
| --- | --- | --- |
| path | | path used to write data |
| data | object | data to write |
#### VaultClient.boot(name, [options]) ⇒
Boot an instance of Vault
The instance will be stored in a local hash. Calling Vault.boot multiple
times with the same name will return the same instance.
Kind: static method of VaultClient
Returns: Vault
| Param | Type | Description |
| --- | --- | --- |
| name | String | Vault instance name |
| [options] | Object | options for Vault#constructor. |
#### VaultClient.get(name) ⇒
Get an instance of Vault
The instance will be stored in a local hash. Calling Vault.pop multiple
times with the same name will return the same instance.
Kind: static method of VaultClient
Returns: Vault
| Param | Type | Description |
| --- | --- | --- |
| name | String | Vault instance name |
#### VaultClient.clear([name])
Clear named Vault instance
If no name passed all named instances will be cleared.
Kind: static method of VaultClient
| Param | Type | Description |
| --- | --- | --- |
| [name] | String | Vault instance name, all instances will be cleared if no name were passed |