Vaultx.Secrets.RabbitMQ.Behaviour behaviour (Vaultx v0.7.0)
View SourceBehaviour definition for HashiCorp Vault RabbitMQ secrets engine operations.
This behaviour defines the interface that RabbitMQ secrets engine implementations must provide, ensuring consistency and type safety across different implementations.
Core Operations
The RabbitMQ secrets engine supports the following operations:
Configuration Operations
configure_connection/2- Configure RabbitMQ connection parametersconfigure_lease/2- Configure lease settings for generated credentials
Role Management Operations
create_role/3- Create or update a RabbitMQ roleread_role/2- Read a RabbitMQ role configurationdelete_role/2- Delete a RabbitMQ role
Credential Operations
generate_credentials/2- Generate dynamic RabbitMQ credentials
API Compliance
This behaviour ensures compliance with:
Summary
Types
Result of a configuration operation.
RabbitMQ connection configuration parameters.
Result of a role creation operation.
Generated RabbitMQ credentials.
Result of a role delete operation.
Result of a credential generation operation.
RabbitMQ lease configuration parameters.
Options for RabbitMQ secrets engine operations.
Result of a role read operation.
RabbitMQ role configuration parameters.
RabbitMQ role name. Must be a non-empty string with valid characters.
Callbacks
Configure connection information for RabbitMQ.
Configure lease settings for generated credentials.
Create or update a RabbitMQ role.
Delete a RabbitMQ role.
Generate credentials for a RabbitMQ role.
Read a RabbitMQ role configuration.
Types
@type configure_result() :: :ok | {:error, Vaultx.Base.Error.t()}
Result of a configuration operation.
@type connection_config() :: %{ :connection_uri => String.t(), :username => String.t(), :password => String.t(), optional(:verify_connection) => boolean(), optional(:password_policy) => String.t(), optional(:username_template) => String.t() }
RabbitMQ connection configuration parameters.
@type create_role_result() :: :ok | {:error, Vaultx.Base.Error.t()}
Result of a role creation operation.
Generated RabbitMQ credentials.
@type delete_role_result() :: :ok | {:error, Vaultx.Base.Error.t()}
Result of a role delete operation.
@type generate_credentials_result() :: {:ok, credentials()} | {:error, Vaultx.Base.Error.t()}
Result of a credential generation operation.
@type lease_config() :: %{ optional(:ttl) => non_neg_integer(), optional(:max_ttl) => non_neg_integer() }
RabbitMQ lease configuration parameters.
@type operation_opts() :: [ mount_path: String.t(), timeout: pos_integer(), retry_attempts: non_neg_integer() ]
Options for RabbitMQ secrets engine operations.
@type read_role_result() :: {:ok, role_config()} | {:error, Vaultx.Base.Error.t()}
Result of a role read operation.
@type role_config() :: %{ optional(:tags) => String.t(), optional(:vhosts) => String.t(), optional(:vhost_topics) => String.t() }
RabbitMQ role configuration parameters.
@type role_name() :: String.t()
RabbitMQ role name. Must be a non-empty string with valid characters.
Callbacks
@callback configure_connection(connection_config(), operation_opts()) :: configure_result()
Configure connection information for RabbitMQ.
Sets up the connection parameters that Vault will use to communicate with RabbitMQ and generate credentials.
Parameters
config- Connection configuration parametersopts- Operation options
Returns
:ok- Successfully configured connection{:error, error}- Failed to configure connection
Examples
config = %{
connection_uri: "http://localhost:15672",
username: "admin",
password: "admin123"
}
:ok = MyRabbitMQ.configure_connection(config, [])@callback configure_lease(lease_config(), operation_opts()) :: configure_result()
Configure lease settings for generated credentials.
Sets the default TTL and maximum TTL for dynamically generated RabbitMQ credentials.
Parameters
config- Lease configuration parametersopts- Operation options
Returns
:ok- Successfully configured lease settings{:error, error}- Failed to configure lease settings
Examples
config = %{
ttl: 1800,
max_ttl: 3600
}
:ok = MyRabbitMQ.configure_lease(config, [])@callback create_role(role_name(), role_config(), operation_opts()) :: create_role_result()
Create or update a RabbitMQ role.
Configures a role that can be used to generate RabbitMQ credentials. The role defines the permissions, virtual hosts, and tags that will be assigned to generated users.
Parameters
name- Role nameconfig- Role configuration parametersopts- Operation options
Returns
:ok- Successfully created/updated role{:error, error}- Failed to create/update role
Examples
config = %{
tags: "management",
vhosts: "{"/": {"configure":".*", "write":".*", "read": ".*"}}"
}
:ok = MyRabbitMQ.create_role("web-role", config, [])@callback delete_role(role_name(), operation_opts()) :: delete_role_result()
Delete a RabbitMQ role.
Parameters
name- Role name to deleteopts- Operation options
Returns
:ok- Successfully deleted role{:error, error}- Failed to delete role
Examples
:ok = MyRabbitMQ.delete_role("old-role", [])@callback generate_credentials(role_name(), operation_opts()) :: generate_credentials_result()
Generate credentials for a RabbitMQ role.
Generates dynamic RabbitMQ credentials based on the given role definition.
Parameters
name- Role name to generate credentials foropts- Operation options
Returns
{:ok, credentials}- Successfully generated credentials{:error, error}- Failed to generate credentials
Examples
{:ok, creds} = MyRabbitMQ.generate_credentials("web-role", [])@callback read_role(role_name(), operation_opts()) :: read_role_result()
Read a RabbitMQ role configuration.
Parameters
name- Role name to readopts- Operation options
Returns
{:ok, config}- Successfully read role configuration{:error, error}- Failed to read role
Examples
{:ok, config} = MyRabbitMQ.read_role("web-role", [])