Share this page
Working with HashiCorp Vault
You can add API functions to your scripts to retrieve HashiCorp Vault secrets during replay and scenario runs.
Note: The HashiCorp Vault integration is available from version 25.3.
VuGen's HashiCorp APIs
HashiCorp Vault stores confidential data, such as passwords, certificates, or keys, in the form of secrets. VuGen includes API functions you can add to Vuser scripts to enable access to the Vault secrets, when running your scripts. You can insert these APIs manually into scripts written in C, C#, Java, and JavaScript.
The API functions retrieve secrets from HashiCorp Vault either by a token-base request or by authenticating via JWT, AppRole, or UserPass. A helper function is also available to extract a specific secret value from the Vault response. To use these APIs, ensure the machine running the script can reach the HashiCorp Vault server, for example, by successfully running a simple curl request.
For details, see HashiCorp Vault API Functions in the Function Reference and the hashicorp.com website.
Retrieve HashiCorp Vault secrets
You use the HashiCorp Vault API functions to retrieve key vault secrets through a Vuser script.
To retrieve HashiCorp key vault secrets:
-
Insert one of the following functions into your script:
-
lr_hashicorp_vault_get_secret_with_token
-
lr_hashicorp_vault_get_secret_with_jwt_auth
-
lr_hashicorp_vault_get_secret_with_approle_auth
-
lr_hashicorp_vault_get_secret_with_userpass_auth
-
-
Use the editor's auto-completion feature to see the required arguments for each function.
- To extract the secret from the full response received above, insert the lr_hashicorp_vault_save_secret_from_json function.
See also:
