ex_azure_key_vault v0.3.0 ExAzureKeyVault.Client View Source
Client for creating or getting Azure Key Vault.
Link to this section Summary
Functions
Connects to Azure Key Vault using client assertion.
Connects to Azure Key Vault.
Creates a new secret.
Deletes a secret.
Returns secret value.
Returns list of secrets.
Returns next page of secrets in the pagination.
Creates %ExAzureKeyVault.Client{}
struct with connection information.
Link to this section Types
Link to this section Functions
certConnect(vault_name \\ nil, tenant_id \\ nil, client_id \\ nil, cert_base64_thumbprint \\ nil, cert_private_key_pem \\ nil)
View SourceConnects to Azure Key Vault using client assertion.
Examples
When defining environment variables and/or adding to configuration.
$ export AZURE_CLIENT_ID="14e79d90-9abf..."
$ export AZURE_TENANT_ID="14e7a376-9abf..."
$ export AZURE_VAULT_NAME="my-vault"
$ export AZURE_CERT_BASE64_THUMBPRINT="Dss7v2YI3GgCGfl..."
$ export AZURE_CERT_PRIVATE_KEY_PEM="-----BEGIN PRIVATE KEY-----\nMIIEvQIBADANBgkqhkiG9w0BAQEF..."
# Config.exs
config :ex_azure_key_vault,
azure_client_id: {:system, "AZURE_CLIENT_ID"},
azure_tenant_id: {:system, "AZURE_TENANT_ID"},
azure_vault_name: {:system, "AZURE_VAULT_NAME"}
azure_cert_base64_thumbprint: {:system, "AZURE_CERT_BASE64_THUMBPRINT"},
azure_cert_private_key_pem: {:system, "AZURE_CERT_PRIVATE_KEY_PEM"}
iex(1)> ExAzureKeyVault.Client.certConnect()
%ExAzureKeyVault.Client{
api_version: "2016-10-01",
bearer_token: "Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
vault_name: "my-vault"
}
Passing custom parameters.
iex(1)> ExAzureKeyVault.Client.certConnect("custom-vault", "14e7a376-9abf...", "14e79d90-9abf...", "Dss7v2YI3GgCGfl...", "-----BEGIN PRIVATE KEY-----\nMIIEvQIBADANBgkqhkiG9w0BAQEF...")
%ExAzureKeyVault.Client{
api_version: "2016-10-01",
bearer_token: "Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
vault_name: "custom-vault"
}
connect(vault_name \\ nil, tenant_id \\ nil, client_id \\ nil, client_secret \\ nil)
View SourceConnects to Azure Key Vault.
Examples
When defining environment variables and/or adding to configuration.
$ export AZURE_CLIENT_ID="14e79d90-9abf..."
$ export AZURE_CLIENT_SECRET="14e7a11e-9abf..."
$ export AZURE_TENANT_ID="14e7a376-9abf..."
$ export AZURE_VAULT_NAME="my-vault"
# Config.exs
config :ex_azure_key_vault,
azure_client_id: {:system, "AZURE_CLIENT_ID"},
azure_client_secret: {:system, "AZURE_CLIENT_SECRET"},
azure_tenant_id: {:system, "AZURE_TENANT_ID"},
azure_vault_name: {:system, "AZURE_VAULT_NAME"}
iex(1)> ExAzureKeyVault.Client.connect()
%ExAzureKeyVault.Client{
api_version: "2016-10-01",
bearer_token: "Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
vault_name: "my-vault"
}
Passing custom parameters.
iex(1)> ExAzureKeyVault.Client.connect("custom-vault", "14e7a376-9abf...", "14e79d90-9abf...", "14e7a11e-9abf...")
%ExAzureKeyVault.Client{
api_version: "2016-10-01",
bearer_token: "Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
vault_name: "custom-vault"
}
create_secret(params, secret_name, secret_value)
View Sourcecreate_secret(ExAzureKeyVault.Client.t(), String.t(), String.t()) :: :ok | {:error, any()}
Creates a new secret.
Examples
iex(1)> ExAzureKeyVault.Client.connect() |> ExAzureKeyVault.Client.create_secret("my-new-secret", "my-new-value")
:ok
delete_secret(params, secret_name)
View Sourcedelete_secret(ExAzureKeyVault.Client.t(), String.t()) :: :ok | {:error, any()}
Deletes a secret.
Examples
iex(1)> ExAzureKeyVault.Client.connect() |> ExAzureKeyVault.Client.delete_secret("my-secret")
:ok
get_secret(params, secret_name, secret_version \\ nil)
View Sourceget_secret(ExAzureKeyVault.Client.t(), String.t(), String.t() | nil) :: {:ok, String.t()} | {:error, any()}
Returns secret value.
Examples
Ignoring secret version.
iex(1)> ExAzureKeyVault.Client.connect() |> ExAzureKeyVault.Client.get_secret("my-secret")
{:ok, "my-value"}
Passing secret version.
iex(1)> ExAzureKeyVault.Client.connect() |> ExAzureKeyVault.Client.get_secret("my-secret", "03b424a49ac3...")
{:ok, "my-other-value"}
get_secrets(params, max_results \\ nil)
View Sourceget_secrets(ExAzureKeyVault.Client.t(), integer() | nil) :: {:ok, String.t()} | {:error, any()}
Returns list of secrets.
Examples
Passing a maximum number of 2 results in a page.
iex(1)> ExAzureKeyVault.Client.connect() |> ExAzureKeyVault.Client.get_secrets(2)
{:ok,
%{
"nextLink" => "https://my-vault.vault.azure.net:443/secrets?api-version=2016-10-01&$skiptoken=eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6...&maxresults=2",
"value" => [
%{
"attributes" => %{
"created" => 1533704004,
"enabled" => true,
"recoveryLevel" => "Purgeable",
"updated" => 1533704004
},
"id" => "https://my-vault.vault.azure.net/secrets/my-secret"
},
%{
"attributes" => %{
"created" => 1532633078,
"enabled" => true,
"recoveryLevel" => "Purgeable",
"updated" => 1532633078
},
"id" => "https://my-vault.vault.azure.net/secrets/another-secret"
}
]
}}
Ignoring maximum number of results.
iex(1)> ExAzureKeyVault.Client.connect() |> ExAzureKeyVault.Client.get_secrets()
{:ok,
%{
"nextLink" => nil,
"value" => [
%{
"attributes" => %{
"created" => 1533704004,
"enabled" => true,
"recoveryLevel" => "Purgeable",
"updated" => 1533704004
},
"id" => "https://my-vault.vault.azure.net/secrets/my-secret"
},
%{
"attributes" => %{
"created" => 1532633078,
"enabled" => true,
"recoveryLevel" => "Purgeable",
"updated" => 1532633078
},
"id" => "https://my-vault.vault.azure.net/secrets/another-secret"
},
%{
"attributes" => %{
"created" => 1532633078,
"enabled" => true,
"recoveryLevel" => "Purgeable",
"updated" => 1532633078
},
"id" => "https://my-vault.vault.azure.net/secrets/test-secret"
}
]
}}
get_secrets_next(params, next_link)
View Sourceget_secrets_next(ExAzureKeyVault.Client.t(), String.t()) :: {:ok, String.t()} | {:error, any()}
Returns next page of secrets in the pagination.
Examples
iex(1)> client = ExAzureKeyVault.Client.connect()
...
iex(1)> {_, secrets} = client |> ExAzureKeyVault.Client.get_secrets(2)
...
iex(1)> {_, next_secrets} = client |> ExAzureKeyVault.Client.get_secrets_next(secrets["nextLink"])
{:ok,
%{
"nextLink" => nil,
"value" => [
%{
"attributes" => %{
"created" => 1532633078,
"enabled" => true,
"recoveryLevel" => "Purgeable",
"updated" => 1532633078
},
"id" => "https://my-vault.vault.azure.net/secrets/test-secret"
}
]
}}
new(bearer_token, vault_name, api_version \\ nil)
View Sourcenew(String.t(), String.t(), String.t() | nil) :: ExAzureKeyVault.Client.t()
Creates %ExAzureKeyVault.Client{}
struct with connection information.
Examples
Using default API version.
iex(1)> ExAzureKeyVault.Client.new("Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...", "my-vault")
%ExAzureKeyVault.Client{
api_version: "2016-10-01",
bearer_token: "Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
vault_name: "my-vault"
}
Passing custom API version.
iex(1)> ExAzureKeyVault.Client.new("Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...", "my-vault", "2015-06-01")
%ExAzureKeyVault.Client{
api_version: "2015-06-01",
bearer_token: "Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
vault_name: "my-vault"
}