Node.js Vault Client

A Vault Client implemented in pure javascript for HashiCorp Vault. It supports variety of Auth Backends and performs lease renewal for issued auth token.

Install

npm install --save node-vault-client

Example

const VaultClient = require('node-vault-client');

const vaultClient = VaultClient.boot('main', {
    api: { url: 'https://vault.example.com:8200/' },
    auth: { 
        type: 'appRole', // or 'token', 'iam'
        config: { role_id: '637c065f-c644-5e12-d3d1-e9fa4363af61' } 
    },
});

vaultClient.read('secret/tst').then(v => {
    console.log(v);
}).catch(e => console.error(e));

Supported Auth Backends

AWS IAM
AppRole
Token

API

VaultClient

VaultClient
- new VaultClient(options)
- instance
  - .fillNodeConfig()
  - .read(path) ⇒ Promise.<Lease>
  - .list(path) ⇒ Promise.<Lease>
  - .write(path, data) ⇒ Promise.<(T|never)>
- static
  - .boot(name, [options]) ⇒
  - .get(name) ⇒
  - .clear([name])

new VaultClient(options)

Client constructor function.

Param	Type	Default	Description
options	`Object`
options.api	`Object`
options.api.url	`String`		the url of the vault server
[options.api.apiVersion]	`String`	`v1`
options.auth	`Object`
options.auth.type	`String`
options.auth.config	`Object`		auth configuration variables
options.logger	`Object`	`false`

vaultClient.fillNodeConfig()

Populates Vault's values to NPM "config" module

Kind: instance method of VaultClient

vaultClient.read(path) ⇒ `Promise.<Lease>`

Read secret from Vault

Kind: instance method of VaultClient

Param	Type	Description
path	`string`	path to the secret

vaultClient.list(path) ⇒ `Promise.<Lease>`

Retrieves secrets list

Kind: instance method of VaultClient

Param	Type	Description
path	`string`	path to the secret

vaultClient.write(path, data) ⇒ `Promise.<(T|never)>`

Writes data to Vault

Kind: instance method of VaultClient

Param	Type	Description
path		path used to write data
data	`object`	data to write

VaultClient.boot(name, [options]) ⇒

Boot an instance of Vault

The instance will be stored in a local hash. Calling Vault.boot multiple times with the same name will return the same instance.

Kind: static method of VaultClient
Returns: Vault

Param	Type	Description
name	`String`	Vault instance name
[options]	`Object`	options for Vault#constructor.

VaultClient.get(name) ⇒

Get an instance of Vault

The instance will be stored in a local hash. Calling Vault.pop multiple times with the same name will return the same instance.

Kind: static method of VaultClient
Returns: Vault

Param	Type	Description
name	`String`	Vault instance name

VaultClient.clear([name])

Clear named Vault instance

If no name passed all named instances will be cleared.

Kind: static method of VaultClient

Param	Type	Description
[name]	`String`	Vault instance name, all instances will be cleared if no name were passed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

README.md

README.md

Node.js Vault Client

Install

Example

Supported Auth Backends

API

VaultClient

new VaultClient(options)

vaultClient.fillNodeConfig()

vaultClient.read(path) ⇒ `Promise.<Lease>`

vaultClient.list(path) ⇒ `Promise.<Lease>`

vaultClient.write(path, data) ⇒ `Promise.<(T|never)>`

VaultClient.boot(name, [options]) ⇒

VaultClient.get(name) ⇒

VaultClient.clear([name])

Files

README.md

Latest commit

History

README.md

File metadata and controls

Node.js Vault Client

Install

Example

Supported Auth Backends

API

VaultClient

new VaultClient(options)

vaultClient.fillNodeConfig()

vaultClient.read(path) ⇒ Promise.<Lease>

vaultClient.list(path) ⇒ Promise.<Lease>

vaultClient.write(path, data) ⇒ Promise.<(T|never)>

VaultClient.boot(name, [options]) ⇒

VaultClient.get(name) ⇒

VaultClient.clear([name])

vaultClient.read(path) ⇒ `Promise.<Lease>`

vaultClient.list(path) ⇒ `Promise.<Lease>`

vaultClient.write(path, data) ⇒ `Promise.<(T|never)>`