Available on crate feature
secrets only.Expand description
Secrets management with multi-provider support and resilient caching.
Provides a unified interface for loading certificates, credentials, and other sensitive data from multiple sources with automatic caching for resilience.
§Providers
- File: Local filesystem (always available)
- OpenBao/Vault: HashiCorp Vault API (requires
secrets-vaultfeature) - AWS Secrets Manager: AWS SDK (requires
secrets-awsfeature)
§Features
- Multi-provider support with unified API
- Local disk cache with TTL for resilience
- Stale cache fallback when providers are unavailable
- Background refresh for proactive secret renewal
- Rotation callbacks for application notification
§Example
use hyperi_rustlib::secrets::{SecretsManager, SecretsConfig, SecretSource};
#[tokio::main]
async fn main() -> Result<(), Box<dyn std::error::Error>> {
// Simple file-based usage
let secrets = SecretsManager::new(SecretsConfig::default())?;
let cert = secrets.get_file("/etc/ssl/cert.pem").await?;
// With named sources
let config = SecretsConfig {
sources: vec![
("tls_cert".into(), SecretSource::File { path: "/etc/ssl/cert.pem".into() }),
].into_iter().collect(),
..Default::default()
};
let secrets = SecretsManager::new(config)?;
let cert = secrets.get("tls_cert").await?;
Ok(())
}Structs§
- Cache
Config - Cache configuration.
- Cache
Stats - Cache statistics.
- File
Provider - Provider that loads secrets from local filesystem.
- Open
BaoConfig - OpenBao/Vault connection configuration.
- Open
BaoProvider - OpenBao/Vault secret provider.
- Rotation
Event - Event emitted when a secret is rotated.
- Secret
Cache - Secret cache with memory and disk tiers.
- Secret
Metadata - Metadata about a secret.
- Secret
Value - Value retrieved from a secrets provider.
- Secrets
Config - Main configuration for the secrets manager.
- Secrets
Manager - Secrets manager that coordinates providers and caching.
Enums§
- Open
BaoAuth - OpenBao/Vault authentication method.
- Secret
Source - Configuration for a secret source.
- Secrets
Error - Secrets module errors.
Traits§
- Secret
Provider - Trait for secret providers.
Type Aliases§
- Secrets
Result - Result type for secrets operations.