ads.vault package
Submodules
ads.vault module
- class ads.vault.vault.Vault(vault_id: Optional[str] = None, key_id: Optional[str] = None, compartment_id=None, secret_client_auth=None, vault_client_auth=None, auth=None)
Bases:
object
- Parameters
vault_id ((str, optional). Default None) – ocid of the vault
key_id ((str, optional). Default None) – ocid of the key that is used for encrypting the content
compartment_id ((str, optional). Default None) – ocid of the compartment_id where the vault resides. When available in environment variable - NB_SESSION_COMPARTMENT_OCID, will defult to that.
secret_client_auth ((dict, optional, deprecated since 2.5.1). Default None.) – deprecated since 2.5.1. Use auth instead
vault_client_auth ((dict, optional, deprecated since 2.5.1). Default None.) – deprecated since 2.5.1. Use auth instead
auth ((dict, optional)) – Dictionay returned from ads.common.auth.api_keys() or ads.common.auth.resource_principal(). By default, will follow what is set in ads.set_auth. Use this attribute to override the default.
- create_secret(value: dict, secret_name: Optional[str] = None, description: Optional[str] = None, encode=True, freeform_tags: Optional[dict] = None, defined_tags: Optional[dict] = None) str
Saves value into vault as a secret.
- Parameters
value (dict) – The value to store as a secret.
secret_name (str, optional) – The name of the secret.
description (str, optional) – The description of the secret.
encode ((bool, optional). Default True) – Whether to encode using the default encoding.
freeform_tags ((dict, optional). Default None) – freeform_tags as defined by the oci sdk
defined_tags ((dict, optional). Default None) – defined_tags as defined by the oci sdk
- Return type
The secret ocid that correspond to the value saved as a secret into vault.
- get_secret(secret_id: str, decoded=True) dict
Retrieve secret content based on the secret ocid provided
- Parameters
secret_id (str) – The secret ocid.
decoded ((bool, optional). Default True) – Whether to decode the content that is retrieved from vault service using the default decoder.
- Return type
The secret content as a dictionary.
- update_secret(secret_id: str, secret_content: dict, encode: bool = True) str
Updates content of a secret.
- Parameters
secret_id (str) – The secret id where the stored secret will be updated.
secret_content (dict,) – The updated content.
encode ((bool, optional). Default True) – Whether to encode the secret_content using default encoding
- Return type
The secret ocid with updated content.