final class Rekey[F[_]] extends AnyRef
- Alphabetic
- By Inheritance
- Rekey
- AnyRef
- Any
- by StringFormat
- by Ensuring
- by ArrowAssoc
- Hide All
- Show All
- Public
- Protected
Value Members
- final def !=(arg0: Any): Boolean
- Definition Classes
- AnyRef → Any
- final def ##: Int
- Definition Classes
- AnyRef → Any
- def ->[B](y: B): (Rekey[F], B)
- final def ==(arg0: Any): Boolean
- Definition Classes
- AnyRef → Any
- final def asInstanceOf[T0]: T0
- Definition Classes
- Any
- val cancel: F[Unit]
Cancels any in-progress rekey.
Cancels any in-progress rekey. This clears the rekey settings as well as any progress made. This must be called to change the parameters of the rekey. Note: verification is still a part of a rekey. If rekeying is canceled during the verification flow, the current unseal keys remain valid.
- def clone(): AnyRef
- Attributes
- protected[lang]
- Definition Classes
- AnyRef
- Annotations
- @throws(classOf[java.lang.CloneNotSupportedException]) @native()
- def ensuring(cond: (Rekey[F]) => Boolean, msg: => Any): Rekey[F]
- def ensuring(cond: (Rekey[F]) => Boolean): Rekey[F]
- def ensuring(cond: Boolean, msg: => Any): Rekey[F]
- def ensuring(cond: Boolean): Rekey[F]
- final def eq(arg0: AnyRef): Boolean
- Definition Classes
- AnyRef
- def equals(arg0: AnyRef): Boolean
- Definition Classes
- AnyRef → Any
- def finalize(): Unit
- Attributes
- protected[lang]
- Definition Classes
- AnyRef
- Annotations
- @throws(classOf[java.lang.Throwable])
- def formatted(fmtstr: String): String
- final def getClass(): Class[_ <: AnyRef]
- Definition Classes
- AnyRef → Any
- Annotations
- @native()
- def hashCode(): Int
- Definition Classes
- AnyRef → Any
- Annotations
- @native()
- final def isInstanceOf[T0]: Boolean
- Definition Classes
- Any
- final def ne(arg0: AnyRef): Boolean
- Definition Classes
- AnyRef
- final def notify(): Unit
- Definition Classes
- AnyRef
- Annotations
- @native()
- final def notifyAll(): Unit
- Definition Classes
- AnyRef
- Annotations
- @native()
- val progress: F[RekeyProgress]
- returns
the configuration and progress of the current rekey attempt.
- def put(key: String, nonce: String): F[RekeyProgress]
This endpoint is used to enter a single master key share to progress the rekey of the Vault.
This endpoint is used to enter a single master key share to progress the rekey of the Vault. If the threshold number of master key shares is reached, Vault will complete the rekey. Otherwise, this API must be called multiple times until that threshold is met. The rekey nonce operation must be provided with each call.
If verification was requested, successfully completing this flow will immediately put the operation into a verification state, and provide the nonce for the verification operation.
- key
Specifies a single master key share.
- nonce
Specifies the nonce of the attempt.
- def start(shares: Int, threshold: Int, pgpKeys: Option[List[String]] = None, backup: Boolean = false, requireVerification: Boolean = false): F[RekeyProgress]
Start a new rekey attempt.
Start a new rekey attempt. Only a single rekey attempt can take place at a time.
- shares
the number of shares to split the master key into.
- threshold
the number of shares required to reconstruct the master key. This must be less than or equal to secretShares.
- pgpKeys
an array of PGP public keys used to encrypt the output unseal keys. Ordering is preserved. The keys must be base64-encoded from their original binary representation. The size of this array must be the same as secretShares.
- backup
if using PGP-encrypted keys, whether Vault should also store a plaintext backup of the PGP-encrypted keys at
core/unseal-keys-backup
in the physical storage backend. These can then be retrieved and removed via thesys/rekey/backup
endpoint.- requireVerification
turns on verification functionality. When verification is turned on, after successful authorization with the current unseal keys, the new unseal keys are returned but the master key is not actually rotated. The new keys must be provided to authorize the ctual rotation of the master key. This ensures that the new keys have been successfully saved and protects against a risk of the keys being lost after rotation but before they can be persisted. This can be used with without pgp_keys, and when used with it, it allows ensuring that the returned keys can be successfully decrypted before committing to the new shares, which the backup functionality does not provide.
- returns
the configuration and progress of the current rekey attempt.
- final def synchronized[T0](arg0: => T0): T0
- Definition Classes
- AnyRef
- def toString(): String
- Definition Classes
- AnyRef → Any
- final def wait(): Unit
- Definition Classes
- AnyRef
- Annotations
- @throws(classOf[java.lang.InterruptedException])
- final def wait(arg0: Long, arg1: Int): Unit
- Definition Classes
- AnyRef
- Annotations
- @throws(classOf[java.lang.InterruptedException])
- final def wait(arg0: Long): Unit
- Definition Classes
- AnyRef
- Annotations
- @throws(classOf[java.lang.InterruptedException]) @native()
- object backupKey
- object verify
Deprecated Value Members
- def →[B](y: B): (Rekey[F], B)
- Implicit
- This member is added by an implicit conversion from Rekey[F] toArrowAssoc[Rekey[F]] performed by method ArrowAssoc in scala.Predef.
- Definition Classes
- ArrowAssoc
- Annotations
- @deprecated
- Deprecated
(Since version 2.13.0) Use
->
instead. If you still wish to display it as one character, consider using a font with programming ligatures such as Fira Code.