Metadata-Version: 2.1
Name: django_informixdb_vault
Version: 0.6.2
Summary: A database driver for Django to connect to an Informix db via ODBC, obtaining the credentials from Hashicorp Vault
Author-email: Reecetech <opensource@reecetech.com.au>
License: APLv2
Project-URL: Homepage, https://github.com/reecetech/django_informixdb_vault
Project-URL: Repository, https://github.com/reecetech/django_informixdb_vault
Keywords: django,informix,vault
Classifier: Development Status :: 4 - Beta
Classifier: Intended Audience :: Developers
Classifier: Topic :: Software Development
Classifier: Topic :: Scientific/Engineering
Classifier: License :: OSI Approved :: Apache Software License
Classifier: Programming Language :: Python :: 3
Classifier: Programming Language :: Python :: 3.9
Classifier: Programming Language :: Python :: 3.10
Description-Content-Type: text/x-rst
License-File: LICENSE

Django InformixDB Vault
=======================

Extends the database driver for Django `django_informixdb` to retrieve credentials from a Hashicorp Vault service.


Assumptions
-----------

This driver expects the credentials to be stored in a KV v2 secret in Vault, as keys `username` and `password`.


Supported Authentication
------------------------

Two methods, with highest priority first:
- K8s JWT
- Basic Token


Settings Required
-----------------

Do not provide `USER` and `PASSWORD`.  Instead provide these settings:

============================  ===========  ===========
Setting                       Required     Description
============================  ===========  ===========
`VAULT_ADDR`                  Yes          The HTTPS endpoint for Vault
`VAULT_PATH`                  Yes          The path in Vault to the KV v2 secret storing the Informix credentials
`VAULT_K8S_AUTH_MOUNT_POINT`  No           The Vault mount point to use for Kubernetes authentication, default value: ``kubernetes``
`VAULT_K8S_JWT`               No           The path to the JWT in a K8s container, default vault: ``/var/run/secrets/kubernetes.io/serviceaccount/token``
`VAULT_K8S_ROLE`              Conditional  Provide the K8s role *if* using K8s JWT authentication to Vault
`VAULT_KVV2_MOUNT_POINT`      No           The Vault mount point to use for KVv2 secrets, default value: ``secret``
`VAULT_TOKEN`                 Conditional  Provide the token *if* using basic token authentication to Vault
============================  ===========  ===========
