Vault Interface

The Hashicorp Vault is a solution for secrets storage, and this driver makes pulling secrets down from the vault easy.

Use

We start by importing the necessary interfaces and establish the service factory.

#include "aossl/vault/include/factory_vault.h"
#include "aossl/vault/include/vault_interface.h"

int main( int argc, char** argv )
{
AOSSL::VaultComponentFactory vault_factory;
AOSSL::VaultInterface *vault = vault_factory.get_command_line_interface( argc, argv );

We have access to an opt_exist method to determine if an option was entered, and we can use get_opt to pull parameter values.

if ( vault->opt_exist("name") ) {
  AOSSL::StringBuffer buf;
  vault->get_opt("name", buf);
  std::cout << buf.val << std::endl;
}

return 0;
}

In addition, the method gen_ssl_cert can be used to call the Generate Certificate method from the Vault PKI secrets engine.

AOSSL::SslCertificateBuffer buf; std::string role_name = "test"; std::string common_name = "www.test.com"; vault->gen_ssl_cert(role_name, common_name, buf);

Multi-Threading

The Vault Interface is threadsafe, and one instance can be shared across threads.

Go Home