A LoopBack 4 extension enabling seamless integration with HashiCorp Vault for secure secrets management in Node.js applications.
A loopback-next extension for HashiCorp's Vault integration in loopback-next applications
This tool is designed for developers building LoopBack 4 applications who need to integrate HashiCorp Vault for managing secrets, encryption keys, and automating security workflows. It simplifies connecting to Vault, reading and writing secrets, and managing Vault tokens within a LoopBack application context.
When updating Vault connection parameters via reconnect, be cautious as changing endpoints may cause disconnection from existing Vault data. Ensure environment variables for Vault URL, token, and unseal key are securely managed. This library relies on the node-vault client, so familiarity with its API enhances usage.
Run npm install @sourceloop/vault to add the package to your project
Add VaultComponent to your LoopBack application
Bind VaultSecurityBindings.CONFIG with Vault endpoint, token, and unseal key environment variablesthis.component(VaultComponent); this.bind(VaultSecurityBindings.CONFIG).to({ endpoint: process.env.VAULT_URL, token: process.env.VAULT_TOKEN, unsealKey: process.env.VAULT_UNSEAL_KEY });
Registers the Vault component and configures Vault connection parameters in a LoopBack application.
@inject(VaultSecurityBindings.VAULT_CONNECTOR) private readonly vaultConnector: VaultConnect;
Injects the Vault connector to access Vault APIs within the application.
await this.vaultConnector.read(credKey);
Reads a secret from Vault at the specified key.
await this.vaultConnector.write(credKey, {empty: true});
Writes data to Vault at the specified key.
await this.vaultConnector.reconnect(config: VaultProviderOptions);
Updates Vault connection parameters and reconnects to Vault dynamically.