Sequelize Vault: A Sequelize plugin for easily integrating Hashicorp Vault.
Installation
$ npm install sequelize-vault
Usage
This package transparently encrypts and decrypts columns in _encrypted
format using Hashicorp Vault.
Node.js:
const Sequelize = require('sequelize')
const SequelizeVault = require('sequelize-vault')
const s = new Sequelize({
username: 'root',
password: '',
dialect: 'sqlite',
database: 'test',
})
const User = s.define('user', {
ssn_encrypted: Sequelize.STRING,
ssn: Sequelize.VIRTUAL,
})
SequelizeVault.Vault.app = 'fooapp'
SequelizeVault.Vault.address = 'http://master-vault'
SequelizeVault.default(User)
const u = await User.create({ ssn: '123-45-6789' })
console.log(u.ssn_encrypted)
TypeScript:
import {Sequelize, Table, Column, Model} from 'sequelize-typescript'
import SequelizeVault, {Vault} from 'sequelize-vault'
const s = new Sequelize({
username: 'root',
password: '',
dialect: 'sqlite',
database: 'test',
})
@Table
class User extends Model<User> {
@Column
ssn_encrypted: string
@Column(DataType.VIRTUAL)
ssn: string
}
s.addModels([User])
Vault.app = 'fooapp'
Vault.address = 'http://master-vault'
SequlizeVault(User)
const u = await User.create({ ssn: '123-45-6789' })
console.log(u.ssn_encrypted)
Options
Key | Value |
---|
enabled | true or false(default) |
app | my-app |
token | abcd1234 |
address | https://vault.example.com |
suffix | _encrypted |
convergented | true or false(default) |
context | Vault.app(default) |
path | v1/transit |
timeout | 3 * 60 * 1000 |
ua | sequelize-vault/1.0.0 (+https://github.... |
Contribution
- Fork (https://github.com/linyows/sequelize-vault/fork)
- Create a feature branch
- Commit your changes
- Rebase your local changes against the master branch
- Run test suite with the
npm ci
command and confirm that it passes - Create a new Pull Request
Author
linyows