kong.vault

    Checks if the passed in reference looks like a reference. Valid references start with and end with }.

    If you need more thorough validation, use kong.vault.parse_reference.

    Parameters

    • reference (string): reference to check

    Returns

    • boolean: true is the passed in reference looks like a reference, otherwise false

    Usage

    Parses and decodes the passed in reference and returns a table containing its components.

    Given a following resource:

    1.  "{vault://env/cert/key?prefix=SSL_#1}"

    Parameters

    • reference (string): reference to parse

    Returns

    1. table|nil: a table containing each component of the reference, or nil on error

    Usage

    1. local ref, err = kong.vault.parse_reference("{vault://env/cert/key?prefix=SSL_#1}") -- table

    Resolves the passed in reference and returns the value of it.

    Parameters

    • reference (string): reference to resolve

    1. string|nil: resolved value of the reference

    2. string|nil: error message on failure, otherwise nil

    Usage

    Helper function for automatic secret rotation. Currently experimental.

    Parameters

    • callback (function): callback function
    • options (table): options containing credentials and references

    Returns

    1. string|nil: return value of the callback function

    Usage

    1. local function connect(options)
    2. end
    4. local connection, err = kong.vault.try(connect, {
    5.   username = "john",
    6.   password = "doe",
    7.   ["$refs"] = {
    8.     username = "{vault://aws/database-username}",
    9.     password = "{vault://aws/database-password}",