def get_client(**kwargs) -> "VaultClientBase":
"""
Reads the kwargs and associate them with the
config files and default values to produce
a configured client object ready to do calls.
All parameters are optional.
Parameters
----------
url : str
URL of the vault instance (default: https://localhost:8200)
verify : bool
Verify HTTPS certificate (default: True)
certificate : str
Path to the certificate to connect to vault
token : str
Token to connect to Vault
username : str
Username used for userpass authentication
password : str
Path to the file containing the password for userpass authentication
base_path : str
Base path for requests
backend : str or callable
Backend or name of the backend to use ('requests', 'hvac')
Returns
-------
An instance of the appropriate subclass of VaultClientBase
(or whatever was provided as "backend")
Client instance exposes the following methods:
- list_secrets(path)
Returns the name of all elements at the given path.
Folder names end with "/"
- get_secret(path)
Returns the value for the secret at the given path
- delete_secret(path)
Deletes the secret at the given path
- set_secret(path, value)
Writes the secret at the given path
- get_all_secrets(paths=None)
Given an iterable of paths, recursively returns all
the secrets
- delete_all_secrets(paths=None)
Given an iterable of paths, recursively yields then deletes
all the secrets under those paths. Use with extreme caution.
"""
options = settings.get_vault_options(**kwargs)
backend = options.pop("backend")
return get_client_from_kwargs(backend=backend, **options)
def get_client(**kwargs) -> "VaultClientBase":
"""
Reads the kwargs and associates them with the
config files and default values to produce
a configured client object ready to do calls.
All parameters are optional.
Parameters
----------
url : str
URL of the vault instance (default: https://localhost:8200)
verify : bool
Verify HTTPS certificate (default: True)
ca_bundle: str
Path to your CA bundle to check the certificate if non standard
base_path : str
Base path prepended to any requested path that doesn't start with /
login_cert : str
path to the public certificate to connect to the vault
login_cert_key : str
path to the certificate key to connect to the vault
token : str
Token to connect to Vault
username : str
Username used for userpass authentication
password : str
Path to the file containing the password for userpass authentication
config_file: str
Path to your config file, instead of the default ones
safe_write : bool
If set to True, will keep you from overwriting secrets without force=True
render : bool
If set to False, templated secrets will not be rendered
Returns
-------
A VaultClient object
"""
options = settings.get_vault_options(**kwargs)
client = get_client_class()(**options)
client.auth()
return client