Hashicorp Vault - Getting Started with Python hvac
by
Jeremy Canfield |
Updated: April 15 2024
| Hashicorp Vault articles
This assumes the following has already been done.
Use the pip list command to determine if the hvac package is installed.
~]$ pip list
Package Version
------------------- ---------
hvac 1.2.1
If the hvac package is not listed, use the pip install command to install the hvac package.
pip install hvac
Here is the minimal boilerplate code needed to initialize the hvac client.
#!/usr/bin/python3
import hvac
client = hvac.Client(url='http://vault.example.com:8200')
However, more realistically, you probably will first login to Hashicorp Vault using one of the login methods, such as approle. Check out my article Login to the vault using Python hvac and approle for more details on this.
#!/usr/bin/python3
import hvac
client = hvac.Client(url='http://vault.example.com:8200')
is_client_authenticated = client.is_authenticated()
print(f"is_client_authenticated before approle login= {is_client_authenticated}")
client.auth.approle.login(
role_id="b4a68549-1464-7aac-b0cd-d22954985aa8",
secret_id="6039e2e2-6017-8db9-2e1b-dd6bd449f901"
)
is_client_authenticated = client.is_authenticated()
print(f"is_client_authenticated after approle login = {is_client_authenticated}")
And here is an event more realistic example, with error handling. Following are the exceptions you can catch.
- hvac.exceptions.BadGateway
- hvac.exceptions.Forbidden
- hvac.exceptions.InternalServerError
- hvac.exceptions.InvalidPath
- hvac.exceptions.InvalidRequest
- hvac.exceptions.ParamValidationError
- hvac.exceptions.RateLimitExceeded
- hvac.exceptions.Unauthorized
- hvac.exceptions.UnexpectedError
- hvac.exceptions.VaultDown
- hvac.exceptions.VaultError
#!/usr/bin/python3
import hvac
try:
client = hvac.Client(url='http://vault.example.com:8200')
except hvac.exceptions.BadGateway as badgateway:
print(badgateway)
except hvac.exceptions.Forbidden as forbidden:
print(forbidden)
except hvac.exceptions.InternalServerError as internalservererror:
print(internalservererror)
except hvac.exceptions.InvalidPath as invalidpath:
print(invalidpath)
except hvac.exceptions.InvalidRequest as invalidrequest:
print(invalidrequest)
except hvac.exceptions.ParamValidationError as paramvalidationerror:
print(paramvalidationerror)
except hvac.exceptions.RateLimitExceeded as ratelimitexceeded:
print(ratelimitexceeded)
except hvac.exceptions.Unauthorized as unauthorized:
print(unauthorized)
except hvac.exceptions.UnexpectedError as unexpectederror:
print(unexpectederror)
except hvac.exceptions.VaultDown as vaultdown:
print(vaultdown)
except hvac.exceptions.VaultError as vaulterror:
print(vaulterror)
except Exception as exception:
print(exception)
try:
client.auth.approle.login(
role_id="b4a68549-1464-7aac-b0cd-d22954985aa8",
secret_id="6039e2e2-6017-8db9-2e1b-dd6bd449f901"
)
except hvac.exceptions.BadGateway as badgateway:
print(badgateway)
except hvac.exceptions.Forbidden as forbidden:
print(forbidden)
except hvac.exceptions.InternalServerError as internalservererror:
print(internalservererror)
except hvac.exceptions.InvalidPath as invalidpath:
print(invalidpath)
except hvac.exceptions.InvalidRequest as invalidrequest:
print(invalidrequest)
except hvac.exceptions.ParamValidationError as paramvalidationerror:
print(paramvalidationerror)
except hvac.exceptions.RateLimitExceeded as ratelimitexceeded:
print(ratelimitexceeded)
except hvac.exceptions.Unauthorized as unauthorized:
print(unauthorized)
except hvac.exceptions.UnexpectedError as unexpectederror:
print(unexpectederror)
except hvac.exceptions.VaultDown as vaultdown:
print(vaultdown)
except hvac.exceptions.VaultError as vaulterror:
print(vaulterror)
except Exception as exception:
print(exception)
Did you find this article helpful?
If so, consider buying me a coffee over at 