Expand description
Vaultmux - Unified interface for multi-vault secret management.
Vaultmux provides a single API for interacting with multiple secret management systems. Write your code once and support Bitwarden, 1Password, pass, Windows Credential Manager, AWS Secrets Manager, Google Cloud Secret Manager, and Azure Key Vault with the same interface.
§Features
- Unified API: Single interface works with any backend
- Async/Await: Built on tokio for non-blocking I/O
- Type Safety: Leverage Rust’s type system for compile-time guarantees
- Session Caching: Avoid repeated authentication prompts
- Error Context: Rich error types with full context and chaining
- Feature Flags: Optional backend compilation to minimize dependencies
§Quick Start
use vaultmux::{factory, Config, BackendType, Backend};
#[tokio::main]
async fn main() -> vaultmux::Result<()> {
// Create backend configuration
let config = Config::new(BackendType::Pass)
.with_prefix("myapp");
// Initialize backend
let mut backend = factory::new_backend(config)?;
backend.init().await?;
// Authenticate
let session = backend.authenticate().await?;
// Store a secret
backend.create_item("api-key", "sk-secret123", &*session).await?;
// Retrieve it
let secret = backend.get_notes("api-key", &*session).await?;
println!("Secret: {}", secret);
Ok(())
}§Supported Backends
| Backend | Feature Flag | CLI Required | Notes |
|---|---|---|---|
| Mock | mock (default) | None | In-memory testing backend |
| Bitwarden | bitwarden | bw | CLI integration |
| 1Password | onepassword | op | CLI integration |
| pass | pass | pass, gpg | Unix only |
| Windows Credential Manager | wincred | PowerShell | Windows only |
| AWS Secrets Manager | aws | None | SDK-based |
| GCP Secret Manager | gcp | None | SDK-based |
| Azure Key Vault | azure | None | SDK-based |
§Feature Flags
Enable backends by adding feature flags to Cargo.toml:
[dependencies]
vaultmux = { version = "0.1", features = ["bitwarden", "aws"] }Or use full to enable all backends:
[dependencies]
vaultmux = { version = "0.1", features = ["full"] }Re-exports§
pub use backend::Backend;pub use config::BackendType;pub use config::Config;pub use error::Result;pub use error::VaultmuxError;pub use item::Item;pub use item::ItemType;pub use session::Session;
Modules§
- backend
- Backend trait definition for vault integrations.
- backends
- Backend implementations.
- cli
- Common utilities for CLI-based backends.
- config
- Configuration types for backend initialization.
- error
- Error types for vaultmux operations.
- factory
- Backend factory and registration system.
- item
- Item data structures for vault entries.
- session
- Session management for authenticated vault access.
- validation
- Input validation to prevent command injection and other attacks.
Functions§
- init
- Initializes the vaultmux library.