class Vault::AuthTLS
Public Instance Methods
certificate(name)
click to toggle source
Get the certificate by the given name. If a certificate does not exist by that name, nil
is returned.
@example
Vault.auth_tls.certificate("web") #=> #<Vault::Secret lease_id="...">
@return [Secret, nil]
# File lib/vault/api/auth_tls.rb, line 56 def certificate(name) json = client.get("/v1/auth/cert/certs/#{encode_path(name)}") return Secret.decode(json) rescue HTTPError => e return nil if e.code == 404 raise end
certificates(options = {})
click to toggle source
The list of certificates in vault auth backend.
@example
Vault.auth_tls.certificates #=> ["web"]
@return [Array<String>]
# File lib/vault/api/auth_tls.rb, line 70 def certificates(options = {}) headers = extract_headers!(options) json = client.list("/v1/auth/cert/certs", options, headers) return Secret.decode(json).data[:keys] || [] rescue HTTPError => e return [] if e.code == 404 raise end
delete_certificate(name)
click to toggle source
Delete the certificate with the given name. If a certificate does not exist, vault will not return an error.
@example
Vault.auth_tls.delete_certificate("web") #=> true
@param [String] name
the name of the certificate
# File lib/vault/api/auth_tls.rb, line 87 def delete_certificate(name) client.delete("/v1/auth/cert/certs/#{encode_path(name)}") return true end
set_certificate(name, options = {})
click to toggle source
Saves a certificate with the given name and attributes. The certificate with the given name must already exist.
@example
Vault.auth_tls.set_certificate("web", { display_name: "web-cert", certificate: "-----BEGIN CERTIFICATE...", policies: "default", ttl: 3600, }) #=> true
@param [String] name
the name of the certificate
@param [Hash] options @option options [String] :certificate
The PEM-formatted CA certificate.
@option options [String] :policies
A comma-separated list of policies issued when authenticating with this CA.
@option options [String] :display_name
The name to display on tokens issued against this CA.
@option options [Fixnum] :ttl
The TTL period of the token, provided as a number of seconds.
@return [true]
# File lib/vault/api/auth_tls.rb, line 43 def set_certificate(name, options = {}) headers = extract_headers!(options) client.post("/v1/auth/cert/certs/#{encode_path(name)}", JSON.fast_generate(options), headers) return true end