Vault Audit Devices

Description

Vault Audit Devices

Vault Audit Devices

Details

Interact with vault's audit devices. For more details, see https://developer.hashicorp.com/vault/docs/audit

Super class

vaultr::vault_client_object -> vault_client_audit

Methods

Public methods

• vault_client_audit$new()

• vault_client_audit$list()

• vault_client_audit$enable()

• vault_client_audit$disable()

• vault_client_audit$hash()

Method new()

Create an audit object

Usage

vault_client_audit$new(api_client)

Arguments

Method list()

List active audit devices. Returns a data.frame of names, paths and descriptions of active audit devices.

Usage

vault_client_audit$list()

Method enable()

This endpoint enables a new audit device at the supplied path.

Usage

vault_client_audit$enable(
  type,
  description = NULL,
  options = NULL,
  path = NULL
)

Arguments

Method disable()

Disable an audit device

Usage

vault_client_audit$disable(path)

Arguments

Method hash()

The hash method is used to calculate the hash of the data used by an audit device's hash function and salt. This can be used to search audit logs for a hashed value when the original value is known.

Usage

vault_client_audit$hash(input, device)

Arguments

Examples

server <- vaultr::vault_test_server(if_disabled = message)
if (!is.null(server)) {
  client <- server$client()
  # By default no audit engines are enabled with the testing server
  client$audit$list()

  # Create a file-based audit device on a temporary file:
  path <- tempfile()
  client$audit$enable("file", options = list(file_path = path))
  client$audit$list()

  # Generate some activity on the server:
  client$write("/secret/mysecret", list(key = "value"))

  # The audit logs contain details about the activity - see the
  # vault documentation for details in interpreting this
  readLines(path)

  # cleanup
  server$kill()
  unlink(path)
}