Module io.helidon.integrations.vault.secrets.transit
Package io.helidon.integrations.vault.secrets.transit

Interface TransitSecrets

All Superinterfaces:
Secrets
public interface TransitSecrets extends Secrets
API operations for Vault's Transit Secrets Engine.

  • Field Details

  • Method Details

    • list

      VaultOptionalResponse<ListSecrets.Response> list(ListSecrets.Request request)
      List available keys.
      Specified by:
      list in interface Secrets
      Parameters:
      request - list request, path is ignored
      Returns:
      list of available keys

    • createKey

      CreateKey.Response createKey(CreateKey.Request request)
      Creates a new named encryption key of the specified type.
      Parameters:
      request - create key request
      Returns:
      response

    • deleteKey

      DeleteKey.Response deleteKey(DeleteKey.Request request)
      Delete a named ecryption key. Deletion is not allowed by default, updateKeyConfig(io.helidon.integrations.vault.secrets.transit.UpdateKeyConfig.Request) must be called before deleting.
      Parameters:
      request - delete key request
      Returns:
      response

    • updateKeyConfig

      UpdateKeyConfig.Response updateKeyConfig(UpdateKeyConfig.Request request)
      Tune configuration of a key.
      Parameters:
      request - update configuration request
      Returns:
      response
      See Also:

    • encrypt

      Encrypt.Response encrypt(Encrypt.Request request)
      Encrypts the provided plaintext using the named key. This path supports the create and update policy capabilities as follows: if the user has the create capability for this endpoint in their policies, and the key does not exist, it will be upserted with default values (whether the key requires derivation depends on whether the context parameter is empty or not). If the user only has update capability and the key does not exist, an error will be returned.
      Parameters:
      request - encrypt request
      Returns:
      response

    • encrypt

      EncryptBatch.Response encrypt(EncryptBatch.Request request)
      Encrypts the provided batch of plaintext strings using the named key. This path supports the create and update policy capabilities as follows: if the user has the create capability for this endpoint in their policies, and the key does not exist, it will be upserted with default values (whether the key requires derivation depends on whether the context parameter is empty or not). If the user only has update capability and the key does not exist, an error will be returned.
      Parameters:
      request - encrypt request
      Returns:
      response

    • decrypt

      Decrypt.Response decrypt(Decrypt.Request request)
      Decrypts the provided ciphertext using the named key.
      Parameters:
      request - decrypt request
      Returns:
      response

    • decrypt

      DecryptBatch.Response decrypt(DecryptBatch.Request request)
      Decrypts the provided batch of ciphertext strings using the named key.
      Parameters:
      request - decrypt request
      Returns:
      response

    • hmac

      Hmac.Response hmac(Hmac.Request request)
      Hmac of a message. Equivalent of a signature when using symmetric keys.
      Parameters:
      request - hmac request
      Returns:
      hmac response

    • sign

      Sign.Response sign(Sign.Request request)
      Sign a message.
      Parameters:
      request - signature request
      Returns:
      signature response

    • verify

      Verify.Response verify(Verify.Request request)
      Verify a message signature.
      Parameters:
      request - verification request
      Returns:
      verification response