Vault Authentication Configuration
Vault Authentication Configuration
Super class
vaultr::vault_client_object
-> vault_client_auth
Public fields
approle
Interact with vault's AppRole authentication. See
vault_client_auth_approle
for more information.github
Interact with vault's GitHub authentication. See
vault_client_auth_github
for more information.token
Interact with vault's token authentication. See
vault_client_token
for more information.userpass
Interact with vault's username/password based authentication. See
vault_client_auth_userpass
for more information.ldap
Interact with vault's LDAP based authentication. See
vault_client_auth_ldap
for more information.
Methods
Inherited methods
Method new()
Create a vault_client_auth
object. Not typically
called by users.
Usage
vault_client_auth$new(api_client)
Arguments
api_client
A vault_api_client object
Method backends()
Return a character vector of supported
authentication backends. If a backend x
is present, then
you can access it with $auth$x
. Note that vault calls
these authentication methods but we use backends here to
differentiate with R6 methods. Note that these are backends
supported by vaultr
and not necessarily supported by the
server - the server may not have enabled some of these
backends, and may support other authentication backends not
directly supported by vaultr. See the $list()
method to
query what the server supports.
Method list()
List authentication backends supported by the vault server, including information about where these backends are mounted.
Method enable()
Enable an authentication backend in the vault server.
Arguments
type
The type of authentication backend (e.g.,
userpass
,github
,ldap
)description
Human-friendly description of the backend; will be returned by
$list()
local
Specifies if the auth method is local only. Local auth methods are not replicated nor (if a secondary) removed by replication.
path
Specifies the path in which to enable the auth method. Defaults to be the same as
type
.
Examples
server <- vaultr::vault_test_server(if_disabled = message)
#> ...waiting for Vault to start
#> ...waiting for Vault to start
if (!is.null(server)) {
client <- server$client()
# List configured authentication backends
client$auth$list()
# cleanup
server$kill()
}