Additional Info

Requires Mule Enterprise License

Yes  

Requires Entitlement

No  

Mule Version

3.8.0 or higher

Configs


Vault Simple Connection Config

<vault:vault-simple-connection-config>

Connection Management

Attributes

Name Java Type Description Default Value Required

name

String

The name of this configuration. With this name can be later referenced.

x 

token

String

The token used for authenticating the client accessing the secret.

x 

address

String

URL string with the remote server location. Ex: https://localhost:8200

x 


Vault SSL Connection Config

<vault:vault-ssl-connection-config>

Connection Management

Attributes

Name Java Type Description Default Value Required

name

String

The name of this configuration. With this name can be later referenced.

x 

token

String

The token used for authenticating the client accessing the secret.

x 

address

String

URL string with the remote server location. Ex: https://localhost:8200

x 

trustStoreResource

String

File path containing a TrustStore (.jks) with the server certificate

x 

verifySSL

boolean

Specifies if the connection is verified during initial configuration.

x 

Processors


Key Value Secrets Engine - Read a Secret

<vault:read>

Basic read operation to retrieve a secret. A single secret key can map to multiple name-value pairs, which can be retrieved from the response object.

XML Sample

<vault:read config-ref="Vault_SSL_Connection_Config" secret="secret/test" doc:name="Read Secret"/>

Attributes

Name Java Type Description Default Value Required

config-ref

String

Specify which config to use

x 

secretPath

String

The Vault key value from which to read (e.g. secret/hello)

x 

Returns

Return Java Type Description

Map<String,Object>

A map with all the key pair of values for an specific secret


Key Value Secrets Engine - Create or Update Secret

<vault:write>

Basic operation to store secrets. Multiple name value pairs can be stored under the same secret key.

XML Sample

<vault:write config-ref="Vault_SSL_Connection_Config" secret="secret/test" doc:name="Write Secret">
            <vault:data ref="#[payload]"/>
        </vault:write>

Attributes

Name Java Type Description Default Value Required

config-ref

String

Specify which config to use

x 

secretPath

String

Specifies the path of the secrets to create/update.

x 

secret

String

The Vault key value to which to write (e.g. secret/hello)

#[payload]

 

Returns

Return Java Type Description

Map<String,Object>

The response information received from Vault


Key Value Secrets Engine - List of Keys

<vault:list>

Retrieve a list of keys corresponding to key/value pairs at a given Vault path.

Key values ending with a trailing-slash characters are sub-paths. Running a subsequent list() call, using the original path appended with this key, will retrieve all secret keys stored at that sub-path.

This method returns only the secret keys, not values. To retrieve the actual stored value for a key, use read() with the key appended onto the original base path.

XML Sample

<vault:list config-ref="Vault_SSL_Connection_Config" secret="secret" doc:name="List Vault"/>

Attributes

Name Java Type Description Default Value Required

config-ref

String

Specify which config to use

x 

secretPath

String

The Vault key value at which to look for secrets (e.g. secret)

 

Returns

Return Java Type Description

Map<String,Object>

A list of keys corresponding to key/value pairs at a given Vault


Key Value Secrets Engine - Delete a secret

<vault:delete>

Deletes the key/value pair located at the provided path.

If the path represents a sub-path, then all of its contents must be deleted prior to deleting the empty sub-path itself.

XML Sample

<vault:delete config-ref="Vault_SSL_Connection_Config" secret="secret/test" doc:name="Delete Test Vault"/>

Attributes

Name Java Type Description Default Value Required

config-ref

String

Specify which config to use

x 

secretPath

String

The Vault key value to delete (e.g. secret/hello ).

x 

Returns

Return Java Type Description

Map<String,Object>

The response information received from Vault


Userpass Auth Method - Read user.

<vault:read-user>

Read user.

Attributes

Name Java Type Description Default Value Required

config-ref

String

Specify which config to use

x 

username

String

the username

x 

Returns

Return Java Type Description

Map<String,Object>

the vault server response.


Userpass Auth Method - Delete user.

<vault:delete-user>

Delete user.

Attributes

Name Java Type Description Default Value Required

config-ref

String

Specify which config to use

x 

username

String

the username

x 

Returns

Return Java Type Description

Map<String,Object>

the vault server response.


Userpass Auth Method - Update Password on user.

<vault:update-password-on-user>

Update password on user.

Attributes

Name Java Type Description Default Value Required

config-ref

String

Specify which config to use

x 

username

String

the username

x 

password

String

the password

x 

Returns

Return Java Type Description

Map<String,Object>

the vault server response.


Userpass Auth Method - Update Policies on user.

<vault:update-policies-on-user>

Update policies on user.

Attributes

Name Java Type Description Default Value Required

config-ref

String

Specify which config to use

x 

username

String

the username

x 

policies

String

the policies

x 

Returns

Return Java Type Description

Map<String,Object>

the vault server response.


Database Secrets Engine - Configure Connection

<vault:configure-database-connection>

Configures the connection string used to communicate with the desired database.

More information regarding database plugin can be found in Vault documentation.

Attributes

Name Java Type Description Default Value Required

config-ref

String

Specify which config to use

x 

databaseName

String

Specifies the name for this database connection. This is specified as part of the URL.

x 

databasePluginName

String

Specifies the name of the plugin to use for this connection.

x 

connectionURL

String

URL String with the database endpoint. Use Format "{user}:{password}@{protocol}({ip_address})/}. Example: myuser:myspass@tcp(127.0.0.1:3306)

x 

allowedRoles

String

Array or comma separated string of the roles allowed to use this connection. Defaults to empty (no roles), if contains a "*" any role can use this connection.

 

verifyConnection

boolean

Specifies if the connection is verified during initial configuration. Defaults to true.

true

 

Returns

Return Java Type Description

Map<String,Object>

A 204 status code with empty body if no errors were encountered.


Database Secrets Engine - Read Connection

<vault:read-database-connection>

Returns the configuration settings for a connection.

Attributes

Name Java Type Description Default Value Required

config-ref

String

Specify which config to use

x 

databaseName

String

Specifies the name for this database connection. This is specified as part of the URL.

x 

Returns

Return Java Type Description

Map<String,Object>

All the connection details for that specific database.


Database Secrets Engine - Delete Connection

<vault:delete-database-connection>

Deletes a connection to a database.

Attributes

Name Java Type Description Default Value Required

config-ref

String

Specify which config to use

x 

databaseName

String

Specifies the name for this database connection. This is specified as part of the URL.

x 

Returns

Return Java Type Description

Map<String,Object>

A 204 status code with empty body if no errors were encountered.


Database Secrets Engine - Reset Connection

<vault:reset-database-connection>

closes a connection and it's underlying plugin and restarts it with the configuration stored in the barrier.

Attributes

Name Java Type Description Default Value Required

config-ref

String

Specify which config to use

x 

databaseName

String

Specifies the name for this database connection. This is specified as part of the URL.

x 

Returns

Return Java Type Description

Map<String,Object>

A 204 status code with empty body if no errors were encountered.


Database Secrets Engine - Create Role

<vault:create-database-role>

Creates or updates a role definition.

Attributes

Name Java Type Description Default Value Required

config-ref

String

Specify which config to use

x 

databaseName

String

Specifies the name for this database connection. This is specified as part of the URL.

x 

roleName

String

Specifies the name of the role to create.

x 

defaultTTL

String

Specifies the TTL for the leases associated with this role. Accepts time suffixed strings ("1h") or an integer number of seconds. Defaults to system/backend default TTL time.

 

maxTTL

String

Specifies the maximum TTL for the leases associated with this role. Accepts time suffixed strings ("1h") or an integer number of seconds. Defaults to system/backend default TTL time.

 

Returns

Return Java Type Description

Map<String,Object>

A 204 status code with empty body if no errors were encountered.


Database Secrets Engine - Read Role

<vault:read-database-role>

Returns the role definition

Attributes

Name Java Type Description Default Value Required

config-ref

String

Specify which config to use

x 

roleName

String

Specifies the name of the role to read.

x 

Returns

Return Java Type Description

Map<String,Object>

All the specifications of the role.


Database Secrets Engine - List Roles

<vault:list-database-roles>

Returns the list of roles.

Attributes

Name Java Type Description Default Value Required

config-ref

String

Specify which config to use

x 

Returns

Return Java Type Description

Map<String,Object>

A list of roles available.


Database Secrets Engine - List Connections Names

<vault:list-database-connections-names>

Returns the list of database connections names.

Attributes

Name Java Type Description Default Value Required

config-ref

String

Specify which config to use

x 

Returns

Return Java Type Description

Map<String,Object>

A list of connections names available.


Database Secrets Engine - Delete Role

<vault:delete-database-role>

Delete a role.

Attributes

Name Java Type Description Default Value Required

config-ref

String

Specify which config to use

x 

roleName

String

Specifies the name of the role to delete.

x 

Returns

Return Java Type Description

Map<String,Object>

A 204 status code with empty body if no errors were encountered.


Database Secrets Engine - Generate Credentials

<vault:generate-database-credentials>

Generates a new set of dynamic credentials based on the named role.

Attributes

Name Java Type Description Default Value Required

config-ref

String

Specify which config to use

x 

roleName

String

Specifies the name of the role to assign credentials.

x 

Returns

Return Java Type Description

Map<String,Object>

The credentials generated.


Userpass Auth Method - Create or Upadate an user.

<vault:create-update-user-userpass-auth-backend>

Creation of a userpass user from a Username & Password backend.

CREATE AN USER WITH USERNAME AND PASSWORD SHOULD NOT BE USED IN PRODUCTION! This feature is made available to facilitate development or testing environments, where you might be using a self-signed cert that will not pass verification.

Attributes

Name Java Type Description Default Value Required

config-ref

String

Specify which config to use

x 

username

String

The username used for authentication.

x 

password

String

The password used for authentication.

x 

policies

String

If set to empty string, only the default policy will be applicable to the user.

 

ttl

String

Specifies the time to live for this user.

 

maxTtl

String

Specifies the time to live for this user.

 

Returns

Return Java Type Description

Map<String,Object>

The map of data for the created user.


Userpass Auth Method - Login

<vault:userpass-login>

Login with the username and password.

AUTHENTICATION WITH USER AND PASSWORD SHOULD NOT BE USED IN PRODUCTION! This feature is made available to facilitate development or testing environments, where you might be using a self-signed cert that will not pass verification.

Attributes

Name Java Type Description Default Value Required

config-ref

String

Specify which config to use

x 

username

String

Specifies the username to login in.

x 

password

String

Specifies the password to login in.

x 

Returns

Return Java Type Description

Map<String,Object>

response of user´s credentials.


Userpass Auth Method - List of userpass users

<vault:userpass-list>

List available userpass users.

AUTHENTICATION WITH USER AND PASSWORD SHOULD NOT BE USED IN PRODUCTION! This feature is made available to facilitate development or testing environments, where you might be using a self-signed cert that will not pass verification.

Attributes

Name Java Type Description Default Value Required

config-ref

String

Specify which config to use

x 

Returns

Return Java Type Description

Map<String,Object>

The List of userpass users.


Key Value Secrets Engine - Read using Client Token

<vault:read-with-client-token>

Basic read operation to retrieve a secret using a token that relies on another token, or in a user and password. A single secret key can map to multiple name-value pairs, which can be retrieved from the response object.

AUTHENTICATION WITH USER AND PASSWORD SHOULD NOT BE USED IN PRODUCTION! This feature is made available to facilitate development or testing environments, where you might be using a self-signed cert that will not pass verification.

Attributes

Name Java Type Description Default Value Required

config-ref

String

Specify which config to use

x 

clientToken

String

the authentication token

x 

secretPath

String

The Vault key value from which to read (e.g. secret/hello)

x 

Returns

Return Java Type Description

Map<String,Object>

A map with all the key pair of values for an specific secret


Key Value Secrets Engine - Write using Client Token

<vault:write-with-client-token>

Basic operation to store secrets using a token that relies on another token, or in a user and password. Multiple name value pairs can be stored under the same secret key.

AUTHENTICATION WITH USER AND PASSWORD SHOULD NOT BE USED IN PRODUCTION! This feature is made available to facilitate development or testing environments, where you might be using a self-signed cert that will not pass verification.

Attributes

Name Java Type Description Default Value Required

config-ref

String

Specify which config to use

x 

clientToken

String

the authentication token

x 

secretPath

String

The Vault key value to which to write (e.g. secret/hello)

x 

data

String

Secret name and value pairs to store under this Vault key (can be null for writing to keys that do not need or expect any fields to be specified)

#[payload]

 

Returns

Return Java Type Description

Map<String,Object>

The response information received from Vault


Key Value Secrets Engine - List of secrets using Client Token

<vault:list-with-client-token>

Retrieve a list of keys corresponding to key/value pairs at a given Vault path using a token that relies on another token, or in a user and password.

AUTHENTICATION WITH USER AND PASSWORD SHOULD NOT BE USED IN PRODUCTION! This feature is made available to facilitate development or testing environments, where you might be using a self-signed cert that will not pass verification.

Key values ending with a trailing-slash characters are sub-paths. Running a subsequent list() call, using the original path appended with this key, will retrieve all secret keys stored at that sub-path.

This method returns only the secret keys, not values. To retrieve the actual stored value for a key, use read() with the key appended onto the original base path.

Attributes

Name Java Type Description Default Value Required

config-ref

String

Specify which config to use

x 

clientToken

String

the authentication token

x 

secretPath

String

The Vault key value at which to look for secrets (e.g. secret)

x 

Returns

Return Java Type Description

Map<String,Object>

A list of keys corresponding to key/value pairs at a given Vault


AWS Secrets Engine - Create/Update Role with ARN attributes

<vault:create-update-role-arn-aws-secrets-engine>

Creates or updates the role with the given name. If a role with the name does not exist, it will be created. If the role exists, it will be updated with the new attributes.

Attributes

Name Java Type Description Default Value Required

config-ref

String

Specify which config to use

x 

roleName

String

Specifies the name of the role to create. This is part of the request URL.

x 

arn

String

(required unless policy provided) using the full ARN reference to the desired existing policyan existing AWS policy as String.

#[payload]

 

Returns

Return Java Type Description

Map<String,Object>

the int


Key Value Secrets Engine - Delete using Client Token

<vault:delete-with-client-token>

Deletes the key/value pair located at the provided path using a token that relies on another token, or in a user and password.

AUTHENTICATION WITH USER AND PASSWORD SHOULD NOT BE USED IN PRODUCTION! This feature is made available to facilitate development or testing environments, where you might be using a self-signed cert that will not pass verification.

If the path represents a sub-path, then all of its contents must be deleted prior to deleting the empty sub-path itself.

Attributes

Name Java Type Description Default Value Required

config-ref

String

Specify which config to use

x 

clientToken

String

the authentication token

x 

secretPath

String

The Vault key value to delete (e.g. secret/hello ).

x 

Returns

Return Java Type Description

Map<String,Object>

The response information received from Vault


Identity Secrets Engine - Entity - Create a Entity

<vault:create-entity>

Creates a new entity.

Attributes

Name Java Type Description Default Value Required

config-ref

String

Specify which config to use

x 

data

String

the data

x 

Returns

Return Java Type Description

Map<String,Object>

the map


Identity Secrets Engine - Entity - Read Entity by ID

<vault:read-entity-by-id>

Reads an entity by id of the entity.

Attributes

Name Java Type Description Default Value Required

config-ref

String

Specify which config to use

x 

id

String

the id

x 

Returns

Return Java Type Description

Map<String,Object>

the map


Identity Secrets Engine - Entity - Update Entity by ID

<vault:update-entity-by-id>

Updates an entity by id.

Attributes

Name Java Type Description Default Value Required

config-ref

String

Specify which config to use

x 

id

String

the id

x 

data

String

the data

x 

Returns

Return Java Type Description

Map<String,Object>

the map


Identity Secrets Engine - Entity - Delete Entity by ID

<vault:delete-entity-by-id>

Deletes an entity by id.

Attributes

Name Java Type Description Default Value Required

config-ref

String

Specify which config to use

x 

id

String

the id

x 

Returns

Return Java Type Description

Map<String,Object>

the map


Identity Secrets Engine - Entity - List Entities by ID

<vault:list-entities-by-id>

Returns a list of available entities by their identifiers.

Attributes

Name Java Type Description Default Value Required

config-ref

String

Specify which config to use

x 

Returns

Return Java Type Description

Map<String,Object>

the map


RabbitMQ Secrets Engine - Configure Connection

<vault:configure-connection-rabbit-mq-secrets-engine>

This method configures the connection string used to communicate with RabbitMQ.

Attributes

Name Java Type Description Default Value Required

config-ref

String

Specify which config to use

x 

connectionUri

String

the connection URI.

x 

username

String

Specifies the connection username.

x 

password

String

Specifies the connection password.

x 

verifyConnection

boolean

Specifies if verify the connection.

true

 

Returns

Return Java Type Description

Map<String,Object>

the map


Identity Secrets Engine - Entity Alias - Create a Entity Alias

<vault:create-entity-aliases>

Creates a new entity aliases.

Attributes

Name Java Type Description Default Value Required

config-ref

String

Specify which config to use

x 

data

String

the data

x 

Returns

Return Java Type Description

Map<String,Object>

the map


RabbitMQ Secrets Engine - Configure Lease

<vault:configure-lease-rabbit-mq-secrets-engine>

This method configures the lease settings for generated credentials.

Attributes

Name Java Type Description Default Value Required

config-ref

String

Specify which config to use

x 

ttl

int

the data for time to live.

0

 

maxTtl

int

the max time to live.

0

 

Returns

Return Java Type Description

Map<String,Object>

the map


Identity Secrets Engine - Entity Alias - Read Entity Alias by ID

<vault:read-entity-aliases-by-id>

Reads an existing entity aliases by its identifier.

Attributes

Name Java Type Description Default Value Required

config-ref

String

Specify which config to use

x 

id

String

the id

x 

Returns

Return Java Type Description

Map<String,Object>

the map


RabbitMQ Secrets Engine - Create Role

<vault:create-role-rabbit-mq-secrets-engine>

This method creates or updates the role definition.

Attributes

Name Java Type Description Default Value Required

config-ref

String

Specify which config to use

x 

roleName

String

the role name

x 

tags

String

Specifies a comma-separated RabbitMQ management tags.

 

vhost

String

Specifies a map of virtual hosts to permissions.

 

Returns

Return Java Type Description

Map<String,Object>

the map


Identity Secrets Engine - Entity Alias - Update Entity Alias by ID

<vault:update-entity-aliases-by-id>

Updates an entity aliases by its identifier.

Attributes

Name Java Type Description Default Value Required

config-ref

String

Specify which config to use

x 

id

String

the id

x 

data

String

the data

#[payload]

 

Returns

Return Java Type Description

Map<String,Object>

the map


RabbitMQ Secrets Engine - Delete Role

<vault:delete-role-mq-secrets-engine>

Deletes a RabbitMQ Role.

Attributes

Name Java Type Description Default Value Required

config-ref

String

Specify which config to use

x 

roleName

String

Specifies the role to be deleted.

x 

Returns

Return Java Type Description

Map<String,Object>

the vault server response.


Identity Secrets Engine - Entity Alias - Delete Entity Alias by ID

<vault:delete-entity-aliases-by-id>

Deletes an entity aliases by id.

Attributes

Name Java Type Description Default Value Required

config-ref

String

Specify which config to use

x 

id

String

the id

x 

Returns

Return Java Type Description

Map<String,Object>

the map


RabbitMQ Secrets Engine - Generate Credentials for a rol

<vault:generate-credentials>

Attributes

Name Java Type Description Default Value Required

config-ref

String

Specify which config to use

x 

roleName

String

x 

Returns

Return Java Type Description

Map<String,Object>


Identity Secrets Engine - Entity Alias - List Entity Alias by ID

<vault:list-entity-aliases-by-id>

Returns a list entity aliases by their ids.

Attributes

Name Java Type Description Default Value Required

config-ref

String

Specify which config to use

x 

Returns

Return Java Type Description

Map<String,Object>

the map


RabbitMQ Secrets Engine - Read Role

<vault:read-role-mq-secrets-engine>

Attributes

Name Java Type Description Default Value Required

config-ref

String

Specify which config to use

x 

roleName

String

x 

Returns

Return Java Type Description

Map<String,Object>


AWS Secrets Engine - Configure Root IAM Credentials

<vault:configure-root-iam-aws-secrets-engine>

Configures the root IAM credentials to communicate with AWS. There are multiple ways to pass root IAM credentials to the Vault server, specified below with the highest precedence first. If credentials already exist, this will overwrite them.

At present, this endpoint does not confirm that the provided AWS credentials are valid AWS credentials with proper permissions.

Attributes

Name Java Type Description Default Value Required

config-ref

String

Specify which config to use

x 

maxRetries

int

Specifies the max number of retries.

-1

 

accessKey

String

Specifies the AWS access key ID.

x 

secretKey

String

Specifies the AWS secret access key.

x 

region

String

Specifies the AWS region. If not set it will use the AWS_REGION env var, AWS_DEFAULT_REGION env var, or us-east-1 in that order.

 

iamEndpoint

String

Specifies the iam endpoint.

 

stsEndpoint

String

Specifies the sts endpoint.

 

Returns

Return Java Type Description

Map<String,Object>

response from the vault server.


Identity Secrets Engine - Group - Create a Group

<vault:create-group>

Creates a new group.

Attributes

Name Java Type Description Default Value Required

config-ref

String

Specify which config to use

x 

data

String

the data

#[payload]

 

Returns

Return Java Type Description

Map<String,Object>

response from the vault server.


AWS Secrets Engine - Configure Lease

<vault:configure-lease-aws-secrets-engine>

Configures lease settings for the AWS secret backend. It is optional, as there are default values for lease and lease_max.

.

Attributes

Name Java Type Description Default Value Required

config-ref

String

Specify which config to use

x 

lease

String

Specifies the lease value provided as a string duration with time suffix. "h" (hour) is the largest suffix.

x 

leaseMax

String

Specifies the maximum lease value provided as a string duration with time suffix. "h" (hour) is the largest suffix.

x 

Returns

Return Java Type Description

Map<String,Object>

response from the vault server.


Identity Secrets Engine - Group - Read Group by ID

<vault:read-group-by-id>

Reads group by its identifier.

Attributes

Name Java Type Description Default Value Required

config-ref

String

Specify which config to use

x 

id

String

the id

x 

Returns

Return Java Type Description

Map<String,Object>

response from the vault server.


Identity Secrets Engine - Group - Update Group by ID

<vault:update-group-by-id>

Updates a group by its identifier.

Attributes

Name Java Type Description Default Value Required

config-ref

String

Specify which config to use

x 

id

String

the id

x 

data

String

the data

#[payload]

 

Returns

Return Java Type Description

Map<String,Object>

response from the vault server.


AWS Secrets Engine - Read Lease

<vault:read-lease-aws-secrets-engine>

Returns the current lease settings for the AWS secret backend.

Attributes

Name Java Type Description Default Value Required

config-ref

String

Specify which config to use

x 

Returns

Return Java Type Description

Map<String,Object>

response from the vault server.


Identity Secrets Engine - Group - Delete Group by ID

<vault:delete-group-by-id>

Deletes a group by its identifier.

Attributes

Name Java Type Description Default Value Required

config-ref

String

Specify which config to use

x 

id

String

the id

x 

Returns

Return Java Type Description

Map<String,Object>

response from the vault server.


Identity Secrets Engine - Group - List Group by ID

<vault:list-groups-by-id>

Returns a list of groups by their identifier.

Attributes

Name Java Type Description Default Value Required

config-ref

String

Specify which config to use

x 

Returns

Return Java Type Description

Map<String,Object>

response from the vault server.


AWS Secrets Engine - Create/Update Role with Policy attributes

<vault:create-update-role-policy-aws-secrets-engine>

Creates or updates the role with the given name. If a role with the name does not exist, it will be created. If the role exists, it will be updated with the new attributes.

Attributes

Name Java Type Description Default Value Required

config-ref

String

Specify which config to use

x 

roleName

String

Specifies the name of the role to create. This is part of the request URL.

x 

policy

String

(required unless arn provided) Specifies the IAM policy in JSON format.

x 

Returns

Return Java Type Description

Map<String,Object>

response from the vault server.


Identity Secrets Engine - Group Alias - Create a Group Alias

<vault:create-group-alias>

Creates a new group alias.

Attributes

Name Java Type Description Default Value Required

config-ref

String

Specify which config to use

x 

data

String

the alias parameter

#[payload]

 

Returns

Return Java Type Description

Map<String,Object>

response from the vault server.


AWS Secrets Engine - Read Role

<vault:read-role-aws-secrets-engine>

Queries an existing role by the given name. If the role does not exist, a 404 is returned.

Attributes

Name Java Type Description Default Value Required

config-ref

String

Specify which config to use

x 

roleName

String

Specifies the name of the role to read. This is part of the request URL.

x 

Returns

Return Java Type Description

Map<String,Object>

response from the vault server.


Identity Secrets Engine - Group Alias - Read Group Alias by ID

<vault:read-group-alias-by-id>

Reads a group alias by its identifier.

Attributes

Name Java Type Description Default Value Required

config-ref

String

Specify which config to use

x 

id

String

the identifier

x 

Returns

Return Java Type Description

Map<String,Object>

the map


Identity Secrets Engine - Group Alias - Delete Group Alias by ID

<vault:delete-group-alias-by-id>

Deletes group alias by its identifier.

Attributes

Name Java Type Description Default Value Required

config-ref

String

Specify which config to use

x 

id

String

the identifier

x 

Returns

Return Java Type Description

Map<String,Object>

the map


AWS Secrets Engine - List of Roles

<vault:get-roles-aws-secrets-engine>

Lists all existing roles in the backend.

Attributes

Name Java Type Description Default Value Required

config-ref

String

Specify which config to use

x 

Returns

Return Java Type Description

Map<String,Object>

the roles


Identity Secrets Engine - Group Alias - List Group Alias by ID

<vault:list-group-aliases-by-id>

Returns a List of group aliases by their identifiers.

Attributes

Name Java Type Description Default Value Required

config-ref

String

Specify which config to use

x 

Returns

Return Java Type Description

Map<String,Object>

the list of identifiers


Identity Secrets Engine - Lookup a Entity

<vault:lookup-entity>

Lookup entity queries the entity based on the given criteria. The criteria can be name, id, alias_id, or a combination of alias_name and alias_mount_accessor.

Attributes

Name Java Type Description Default Value Required

config-ref

String

Specify which config to use

x 

criteria

String

the criteria to filter with

x 

value

String

the value for the criteria to filter.

x 

Returns

Return Java Type Description

Map<String,Object>

the map


AWS Secrets Engine - Delete Role

<vault:delete-role-aws-secrets-engine>

Deletes an existing role by the given name. If the role does not exist, a 404 is returned.

Attributes

Name Java Type Description Default Value Required

config-ref

String

Specify which config to use

x 

roleName

String

Specifies the name of the role to delete. This is part of the request URL.

x 

Returns

Return Java Type Description

Map<String,Object>

the map


Identity Secrets Engine - Lookup a Group

<vault:lookup-group>

Lookup group queries the group based on the given criteria. The criteria can be name, id, alias_id, or a combination of alias_name and alias_mount_accessor.

Attributes

Name Java Type Description Default Value Required

config-ref

String

Specify which config to use

x 

criteria

String

the criteria to look up for a group.

x 

value

String

for the criteria.

x 

Returns

Return Java Type Description

Map<String,Object>

the map


AWS Secrets Engine - Generate Role IAM Credentials

<vault:generate-role-iam-credentials-aws-secrets-engine>

This method generates dynamic IAM credentials based on the named role. This role must be created before queried.

Attributes

Name Java Type Description Default Value Required

config-ref

String

Specify which config to use

x 

roleName

String

the role name

x 

Returns

Return Java Type Description

Map<String,Object>

the logical response


AWS Secrets Engine - Generate Role IAM Credentials with STS

<vault:generate-role-iam-credentials-sts-aws-secrets-engine>

This method generates a dynamic IAM credential with an STS token based on the named role.

Attributes

Name Java Type Description Default Value Required

config-ref

String

Specify which config to use

x 

roleName

String

Specifies the name of the role against which to create this STS credential.

x 

ttl

String

Specifies the TTL for the use of the STS token. This is specified as a string with a duration suffix. AWS documentation excerpt: The duration, in seconds, that the credentials should remain valid. Acceptable durations for IAM user sessions range from 900 seconds (15 minutes) to 129600 seconds (36 hours), with 43200 seconds (12 hours) as the default. Sessions for AWS account owners are restricted to a maximum of 3600 seconds (one hour). If the duration is longer than one hour, the session for AWS account owners defaults to one hour.

3600s

 

Returns

Return Java Type Description

Map<String,Object>

the logical response