GitHub - IBM/secrets-manager-nodejs-sdk: Node.js SDK for the IBM Cloud Secrets M...
source link: https://github.com/IBM/secrets-manager-nodejs-sdk
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
IBM Cloud Secrets Manager Node.js SDK
A Node.js client library to interact with the IBM Cloud® Secrets Manager APIs.
Table of Contents
Overview
The IBM Cloud Secrets Manager Node.js SDK allows developers to programmatically interact with the following IBM Cloud services:
| Service name | Import path |
|---|---|
| Secrets Manager | @ibm-cloud/secrets-manager/secrets-manager/v1 |
Prerequisites
-
An IBM Cloud API key that allows the SDK to access your account.
-
Node.js version 12 or above.
This SDK is tested with Node versions 12 and up. The SDK may work on previous versions, but this is not supported officially.
Installation
npm install @ibm-cloud/secrets-managerAuthentication
Secrets Manager uses token-based Identity and Access Management (IAM) authentication.
With IAM authentication, you supply an API key that is used to generate an access token. Then, the access token is included in each API request to Secrets Manager. Access tokens are valid for a limited amount of time and must be regenerated.
Authentication for this SDK is accomplished by
using IAM authenticators. Import
authenticators from @ibm-cloud/secrets-manager/auth.
Examples
Programmatic credentials
import { IamAuthenticator } from '@ibm-cloud/secrets-manager/auth';
const authenticator = new IamAuthenticator({
apikey: '{apikey}',
});External configuration
import { getAuthenticatorFromEnvironment } from '@ibm-cloud/secrets-manager/auth';
// env vars
// SECRETS_MANAGER_API_APIKEY==<apikey>
const iamAuthenticator = getAuthenticatorFromEnvironment('SECRETS_MANAGER_API');To learn more about IAM authenticators and how to use them in your Node.js application, see the IBM Node.js SDK Core documentation.
Using the SDK
Basic usage
- All methods return a Promise that either resolves with the response from the service or rejects with an Error. The response contains the body, the headers, the status code, and the status text. If using async/await, use try/catch for handling errors.
- Use the
serviceUrlparameter to set the endpoint URL that is specific to your Secrets Manager service instance. To find your endpoint URL, you can copy it from the Endpoints page in the Secrets Manager UI.
Examples
Construct a service client and use it to create and retrieve a secret from your Secrets Manager instance.
const SecretsManager = require('@ibm-cloud/secrets-manager/secrets-manager/v1');
const { IamAuthenticator } = require('@ibm-cloud/secrets-manager/auth');
async function secretsManagerSdkExample() {
// Authenticate with IAM using your IBM Cloud API key
const authenticator = new IamAuthenticator({
apikey: process.env.SECRETS_MANAGER_API_APIKEY,
});
// Create an instance of the SDK by providing an authentication mechanism and your Secrets Manager instance URL
const secretsManager = new SecretsManager({
authenticator,
serviceUrl:
'https://example-instance.us-south.secrets-manager.appdomain.cloud',
});
// Use the Secrets Manager API to create a secret
let res = await secretsManager.createSecret({
secretType: 'username_password',
'metadata': {
'collection_type': 'application/vnd.ibm.secrets-manager.secret+json',
'collection_total': 1,
},
'resources': [
{
'name': 'example-username-password-secret',
'description': 'Extended description for this secret.',
'username': 'user123',
'password': '123456789',
'labels': ['label1', 'label2'],
'expiration_date': '2030-04-01T09:30:00Z',
},
],
});
console.log('Secret created:\n' + JSON.stringify(res.result.resources[0], null, 2));
// Get the ID of the newly created secret
const secretId = res.result.resources[0].id;
// Use the Secrets Manager API to get the secret using the secret ID
res = await secretsManager.getSecret({
secretType: 'username_password',
id: secretId,
});
console.log('Get secret:\n', JSON.stringify(res.result.resources, null, 2));
}
secretsManagerSdkExample();To delete a secret, specify the secretType and its id.
res = await secretsManager.deleteSecret({
secretType: 'username_password',
id: secretId,
});
console.log('Secret deleted.');Create a secret group, and then add a new secret to this group.
// Create a secret group
const createGroupParams = {
metadata: {
collection_type: 'application/vnd.ibm.secrets-manager.secret.group+json',
collection_total: 1,
},
resources: [{ name: 'Test Group', description: 'Group my test secrets' }],
};
let res = await secretsManager.createSecretGroup(createGroupParams);
const secretGroupId = res.result.resources[0].id;
// Create a secret and associate it with your secret group
res = await secretsManager.createSecret({
metadata: {
collection_type: 'application/vnd.ibm.secrets-manager.secret+json',
collection_total: 1,
},
secretType: 'username_password',
resources: [
{
secret_group_id: secretGroupId,
name: "Test secret",
description: 'Secret used for testing.',
username: 'test_user',
password: 'test_password',
labels: ['label1'],
expiration_date: '2030-04-01T09:30:00Z',
},
],
});Create a rotation policy of one month for a secret.
let res = await secretsManager.putPolicy({
metadata: {
collection_type: 'application/vnd.ibm.secrets-manager.secret.policy+json',
collection_total: 1,
},
secretType: 'username_password',
id: secretId,
resources: [
{
type: 'application/vnd.ibm.secrets-manager.secret.policy+json',
rotation: {
interval: 1,
unit: 'month',
},
},
],
});For more information and IBM Cloud SDK usage examples for Node.js, see the IBM Cloud SDK Common documentation
Tests
This project includes unit tests test/unit and integration tests test/integration.
The integration tests are run against an actual Secrets Manager instance and require the following environment variables to be set:
SECRETS_MANAGER_API_APIKEY=<API_KEY>
SERVICE_URL=<SECRETS_MANAGER_ENDPOINT_URL>
To run the tests:
npm testQuestions
If you're having difficulties using this SDK, you can ask questions about this project by
using Stack Overflow. Be sure to include
the ibm-cloud and ibm-secrets-manager tags.
You can also check out the Secrets Manager documentation and API reference for more information about the service.
Issues
If you encounter an issue with the project, you're welcome to submit a bug report to help us improve.
Contributing
For general contribution guidelines, see CONTRIBUTING.
License
This SDK project is released under the Apache 2.0 license. The license's full text can be found in LICENSE.
Recommend
-
5
Stephen Sennett Feb 7, 2022 10 Minute Read What’s going on with
-
9
Detect Secrets Stream Description Detect Secrets Stream is a server tool which ingests metadata of all (public repositories by default, private repositories are opt-in only) git pushes on your company's GitHub Enterprise server....
-
7
IBM Cloud Networking Node.js SDK Node.js client library to interact with various IBM Cloud Networking Service APIs. Disclaimer: this SDK is bein...
-
9
ibm-cert-manager-operator Important: Do not install this operator directly. Only install this operator using the IBM Common Services Operator. For more information about installing this operator and other Com...
-
11
IBM Cloud Container Registry Node.js SDK Node.js client library to interact with the IBM Cloud Container Registry API, and
-
5
README.md Overview of DB2 NodeJS Mock Web...
-
12
IBM Cloud Secrets Manager Go SDK A Go client library to interact with the IBM Cloud® Secrets Manager APIs. Table of Contents Overvie...
-
5
IBM Cloud Secrets Manager Node.js SDK A Node.js client library to interact with the IBM Cloud® Secrets Manager APIs. Table of Contents
-
4
IBM Cloud Secrets Manager Python SDK A Python client library to interact with the IBM Cloud® Secrets Manager APIs. Table of Contents
-
7
IBM Cloud Secrets Manager Java SDK A Java client library to interact with the IBM Cloud® Secrets Manager APIs. Table of Contents Ove...
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK