Learn R Programming

vaultr

Interact with HashiCorp's vault, to securely use secrets from R. This package wraps the vault http API to allow secrets to be accessed from R. Secrets might be passwords, tokens, certificates or any other sensitive data.

  • Authenticate with several different providers (token, username and password, GitHub, LDAP, and "approle")
  • Read and write secrets into vault using its key-value stores (version 1 or 2), cubbyhole and in-transit "encryption-as-a-service"
  • Inspect and work with vault tokens
  • Read, write and update vault policies
  • Allows a degree of access to operator maintenance
  • Work with vault's audit devices

Usage

Create a vault client with the vault_client function:

vault <- vaultr::vault_client(login = TRUE)
## Verifying token

Interact with vault using this object:

vault$list("secret/database")
## [1] "admin"    "readonly"

and read secrets with

vault$read("secret/database/admin")
## $value
## [1] "s3cret"
vault$read("secret/database/readonly", field = "value")
## [1] "passw0rd"

or set secrets with

vault$write("secret/webserver", list(password = "horsestaple"))
vault$read("secret/webserver")

or delete secrets with

vault$delete("/secret/database/readonly")

Installation

Install vaultr from CRAN with

install.packages("vaultr")

To install our internally released version (which might be ahead of CRAN) via r-universe, use

install.packages(
  "vaultr",
  repos = c("https://vimc.r-universe.dev", "https://cloud.r-project.org"))

or install the bleeding edge with

remotes::install_gitub("vimc/vaultr", upgrade = FALSE)

License

MIT © Imperial College of Science, Technology and Medicine

Copy Link

Version

Install

install.packages('vaultr')

Monthly Downloads

1,709

Version

1.2.0

License

MIT + file LICENSE

Issues

4

Pull Requests

0

Stars

25

Forks

9

Maintainer

Rich FitzJohn

Last Published

November 9th, 2023

Functions in vaultr (1.2.0)

vault_client_kv1

Key-Value Store (Version 1)
vault_client_audit

Vault Audit Devices
vault_client_cubbyhole

Cubbyhole secret store
vault_client_auth

Vault Authentication Configuration
vault_client_auth_approle

Vault AppRole Authentication Configuration
vault_client

Make a vault client
vault_client_auth_userpass

Vault Username/Password Authentication Configuration
vault_client_auth_github

Vault GitHub Authentication Configuration
vault_client_auth_ldap

Vault LDAP Authentication Configuration
vault_api_client

Vault Low-Level Client
vault_client_secrets

Vault Secret Configuration
vault_client_token

Vault Tokens
vaultr-package

Vault Client for Secrets and Sensitive Data
vault_client_policy

Vault Policy Configuration
vault_client_operator

Vault Administration
vault_resolve_secrets

Resolve secrets from R objects
vault_test_server

Control a test vault server
vault_client_tools

Vault Tools
vault_client_object

Base object type
vault_client_transit

Transit Engine
vault_client_kv2

Key-Value Store (Version 2)