Class VaultSecureStoreConfig
- java.lang.Object
-
- com.hazelcast.config.SecureStoreConfig
-
- com.hazelcast.config.VaultSecureStoreConfig
-
public class VaultSecureStoreConfig extends SecureStoreConfig
HashiCorp Vault Secure Store configuration.The Vault Secure Store uses the Vault REST API to communicate with Vault. The relevant configuration properties are the Vault REST server address; the secret path; the authentication token; and, optionally, the SSL/TLS configuration for HTTPS support.
Only the KV secrets engine (see https://www.vaultproject.io/docs/secrets/kv/index.html) is supported.
The encryption key is expected to be stored at the specified secret path and represented as a single key/value pair in the following format:
name=Base64-encoded-data
wherename
can be an arbitrary string. Multiple key/value pairs under the same secret path are not supported.If KV secrets engine V2 is used, the Vault Secure Store is able to retrieve the available previous versions of the encryption keys.
Changes to the encryption key can be detected automatically if polling (see
setPollingInterval(int)
) is enabled.
-
-
Field Summary
Fields Modifier and Type Field Description static int
DEFAULT_POLLING_INTERVAL
Default interval (in seconds) for polling for changes to the encryption key: 0 (polling disabled).
-
Constructor Summary
Constructors Constructor Description VaultSecureStoreConfig(java.lang.String address, java.lang.String secretPath, java.lang.String token)
Creates a new Vault Secure Store configuration.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description boolean
equals(java.lang.Object o)
java.lang.String
getAddress()
Returns the Vault server address.int
getPollingInterval()
Returns the Vault polling interval (in seconds).java.lang.String
getSecretPath()
Returns the Vault secret path.SSLConfig
getSSLConfig()
Returns the SSL/TLS configuration.java.lang.String
getToken()
Returns the Vault access token.int
hashCode()
VaultSecureStoreConfig
setAddress(java.lang.String address)
Sets the Vault server address.VaultSecureStoreConfig
setPollingInterval(int pollingInterval)
Sets the polling interval (in seconds) for checking for changes in Vault.VaultSecureStoreConfig
setSecretPath(java.lang.String secretPath)
Sets the Vault secret path where the encryption keys is expected to be stored.VaultSecureStoreConfig
setSSLConfig(SSLConfig sslConfig)
Sets the SSL/TLS configuration.VaultSecureStoreConfig
setToken(java.lang.String token)
Sets the Vault access token.java.lang.String
toString()
-
-
-
Field Detail
-
DEFAULT_POLLING_INTERVAL
public static final int DEFAULT_POLLING_INTERVAL
Default interval (in seconds) for polling for changes to the encryption key: 0 (polling disabled).- See Also:
- Constant Field Values
-
-
Constructor Detail
-
VaultSecureStoreConfig
public VaultSecureStoreConfig(java.lang.String address, java.lang.String secretPath, java.lang.String token)
Creates a new Vault Secure Store configuration.- Parameters:
address
- the Vault server addresssecretPath
- the secret pathtoken
- the access token
-
-
Method Detail
-
getAddress
public java.lang.String getAddress()
Returns the Vault server address.- Returns:
- the Vault server address
-
setAddress
public VaultSecureStoreConfig setAddress(java.lang.String address)
Sets the Vault server address.- Parameters:
address
- the Vault server address
-
getToken
public java.lang.String getToken()
Returns the Vault access token.- Returns:
- the Vault access token
-
setToken
public VaultSecureStoreConfig setToken(java.lang.String token)
Sets the Vault access token.- Parameters:
token
- the access token- Returns:
- the updated
VaultSecureStoreConfig
instance - Throws:
java.lang.IllegalArgumentException
- if token is {code null}
-
getSecretPath
public java.lang.String getSecretPath()
Returns the Vault secret path.- Returns:
- the Vault secret path
- See Also:
setSecretPath(String)
-
setSecretPath
public VaultSecureStoreConfig setSecretPath(java.lang.String secretPath)
Sets the Vault secret path where the encryption keys is expected to be stored.- Parameters:
secretPath
- the secret path- Returns:
- the updated
VaultSecureStoreConfig
instance - Throws:
java.lang.IllegalArgumentException
- if secretPath is {code null}
-
getPollingInterval
public int getPollingInterval()
Returns the Vault polling interval (in seconds).- Returns:
- the polling interval
-
setPollingInterval
public VaultSecureStoreConfig setPollingInterval(int pollingInterval)
Sets the polling interval (in seconds) for checking for changes in Vault. The value 0 (default) disables polling.- Parameters:
pollingInterval
- the polling interval- Returns:
- the updated
VaultSecureStoreConfig
instance - Throws:
java.lang.IllegalArgumentException
- if pollingInterval is less than zero
-
getSSLConfig
public SSLConfig getSSLConfig()
Returns the SSL/TLS configuration.- Returns:
- the SSL/TLS configuration
-
setSSLConfig
public VaultSecureStoreConfig setSSLConfig(SSLConfig sslConfig)
Sets the SSL/TLS configuration.- Parameters:
sslConfig
- the SSL/TLS configuration- Returns:
- the updated
VaultSecureStoreConfig
instance
-
toString
public java.lang.String toString()
- Overrides:
toString
in classjava.lang.Object
-
equals
public final boolean equals(java.lang.Object o)
- Overrides:
equals
in classjava.lang.Object
-
hashCode
public final int hashCode()
- Overrides:
hashCode
in classjava.lang.Object
-
-