Package org.forgerock.secrets.vault
Secrets backend that reads secrets from a remote Hashicorp Vault server.
-
Interface Summary Interface Description VaultKeyValueSecretStore.SecretFieldDecoder Determines how a field in the Vault JSON response should be decoded into one or more fields on aSecretBuilderobject. -
Class Summary Class Description AppRoleTokenStore Authenticates to Vault using the AppRole authentication backend to obtain a token that can be used for further operations.JwtAuthenticationTokenStore A secret store that authenticates to Vault using a JWT.VaultCipher Cipher implementation for the Hashicorp Vault transit backend.VaultConfig Encapsulates the common configuration required for Hashicorp Vault secret backends.VaultConfig.Builder Builder object for Vault configuration settings.VaultDatabaseCredentialsSecretStore A secret store that can fetch fresh database credentials from the Vault Database secret engine.VaultKeyValueSecretStore A secret store that fetches secrets from a Hashicorp Vault server, using version 2 of the key-value backend.VaultMac Provides HMAC support using the Hashicorp Vault transit backend.VaultMac.HmacSha224 HMAC-SHA-224.VaultMac.HmacSha256 HMAC-SHA-256.VaultMac.HmacSha384 HMAC-SHA-384.VaultMac.HmacSha512 HMAC-SHA-512.VaultPkiSecretStore A secret store that is able to retrieve PKI certificates and private keys from the Hashicorp Vault PKI backend.VaultSignature Provides signature support using the Hashicorp Vault transit backend.VaultSignature.EcdsaP256Sha256Signature ECDSA with SHA-256.VaultSignature.EcdsaP384Sha384Signature ECDSA with SHA-384.VaultSignature.EcdsaP521Sha512Signature ECDSA with SHA-512.VaultSignature.Ed25519Signature Ed25519.VaultSignature.GenericRsaPssSignature Generic RSA with PSS padding.VaultSignature.RsaPkcs1Sha256Signature RSA with SHA-256 and PKCS#1 v1.5 padding.VaultSignature.RsaPkcs1Sha384Signature RSA with SHA-384 and PKCS#1 v1.5 padding.VaultSignature.RsaPkcs1Sha512Signature RSA with SHA-512 and PKCS#1 v1.5 padding.VaultSignature.RsaPssSha256Signature RSA with SHA-256 and PSS padding.VaultSignature.RsaPssSha384Signature RSA with SHA-384 and PSS padding.VaultSignature.RsaPssSha512Signature RSA with SHA-512 and PSS padding.VaultTransitProvider Cryptographic provider that delegates cryptographic operations to the Hashicorp Vault transit backend.VaultTransitSecretStore Implements a store for cryptographic keys based on Vault's transit engine, which implements cryptography as a service. -
Enum Summary Enum Description VaultKeyValueSecretStore.SecretField Standard implementations ofVaultKeyValueSecretStore.SecretFieldDecoderfor common fields.