AOSharedServiceLibrary
|
The Hashicorp Vault is a solution for secrets storage, and this driver makes pulling secrets down from the vault easy.
We start by importing the necessary interfaces and establish the service factory.
#include "aossl/vault/include/factory_vault.h" #include "aossl/vault/include/vault_interface.h" int main( int argc, char** argv ) { AOSSL::VaultComponentFactory vault_factory; AOSSL::VaultInterface *vault = vault_factory.get_command_line_interface( argc, argv );
We have access to an opt_exist method to determine if an option was entered, and we can use get_opt to pull parameter values.
if ( vault->opt_exist("name") ) { AOSSL::StringBuffer buf; vault->get_opt("name", buf); std::cout << buf.val << std::endl; } return 0; }
In addition, the method gen_ssl_cert can be used to call the Generate Certificate method from the Vault PKI secrets engine.
AOSSL::SslCertificateBuffer buf; std::string role_name = "test"; std::string common_name = "www.test.com"; vault->gen_ssl_cert(role_name, common_name, buf);
The Vault Interface is threadsafe, and one instance can be shared across threads.