Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Feature request : Read secret keys (without content )

See original GitHub issue

Due to security rights, we would need a method that can read the present secret keys without retrieving the actual secret content. We have currently implemented this functionality outside the library, but would prefer to have it in the library.

Hereby our code ` public const string VaultSubKeysPath = “/v1/secret/subkeys/”;

    private async Task<IList<string>> ReadAllKeys(string path)
    {
        _logger.LogDebug("Reading all Vault keys under {VaultPath}", path);
        var requestUri = new Uri(VaultConstants.VaultSubKeysPath + path, UriKind.Relative);
        var httpRequestMessage = new HttpRequestMessage(HttpMethod.Get, requestUri);
        httpRequestMessage.Headers.Add(VaultConstants.VaultRequestHeaderKey, "true");
        httpRequestMessage.Headers.Add(VaultConstants.VaultTokenHeaderKey, _options.Token);
        var httpResponseMessage = await _httpClient.SendAsync(httpRequestMessage);

        if (httpResponseMessage.IsSuccessStatusCode)
        {
            var responseText = await httpResponseMessage.Content.ReadAsStringAsync();
            if (!string.IsNullOrWhiteSpace(responseText))
            {
                var vaultResponse = JsonConvert.DeserializeObject<VaultResponse>(responseText);
                if (vaultResponse != null)
                    return vaultResponse.Data.Subkeys.Keys.ToList();
            }
            return new List<string>();
        }
        if (httpResponseMessage.StatusCode == HttpStatusCode.NotFound) // When the path in Vault is not present yet.
        {
            return new List<string>();
        }

        _logger.LogError("Error reading Vault keys under {VaultPath}, statusCode: {StatusCode}", path, httpResponseMessage.StatusCode);
        throw new Exception($"Error reading Vault keys under {path}");
    }

Issue Analytics

State:
Created a year ago
Comments:7 (5 by maintainers)

Top GitHub Comments

2reactions

konidev20commented, Jul 16, 2022

@stephdep I think I got what your requirement is after reading the Vault documentation.

This is the API you want in the library right? https://www.vaultproject.io/api-docs/secret/kv/kv-v2#read-secret-subkeys

0reactions

rajanadarcommented, Dec 6, 2022

Available here: https://www.nuget.org/packages/VaultSharp/1.7.2

Top Results From Across the Web

Option to read a value from inside the secret for key/ ...

Without this feature, I can't figure out how to workaround if we want to put all key/value pairs under one single SSM parameter...

How to hide secret keys in Google Colaboratory from users ...

Try getpass . For example: from getpass import getpass secret = getpass('Enter the secret value: '). Then, you can share the notebook and ......

KV Version 2: Unable to list keys #11545 - hashicorp/vault

Secrets are key value pairs. I should be able to list the keys without revealing the values and without giving the ability to...

3 ways to manage feature requests

Feature requests are critical part of the customer feedback loop, check out the 3 ways that can help you to manage your feature...

Versioned Key/value secrets engine | Vault

Learn how versioned key-value (kv-v2) secrets engine work to protect your data from accidental deletion, or compare the current data to previously stored ......