🚀 Big News: Socket Acquires Coana to Bring Reachability Analysis to Every Appsec Team.Learn more
Socket
DemoInstallSign in
Socket
DemoInstallSign in

hashicorp-vault-django

Package Overview
Dependencies
Maintainers
1
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

hashicorp-vault-django

A Django app to manage the application secrets using hashicorp.

0.0.6
PyPI
Maintainers
1

Hashicorp-vault-python

Hashicorp vault is a Python-Django app for the improvement application security leveraging secrets

Installation

* pip install hashicorp-vault-django
* Add ``hashicorp_vault`` to your ``INSTALLED_APPS``

::

Setup in settings

* make config directory at project root level and create application.yml file inside config directory 
* application.yml sample for vault configuration
    * vault:
          host: vault url  # https
          secret_engine: mount path  # secrests-config
          application: application path # secrets-ai
          username: username
          password: password
* if your secrets stored in `/vault/secrets/secrets-config/kv/secrets-ai/` then use secrets-config as secret_engine and secrets-ai as application in vault configuration
* consume vault secrets in your settings.py file 
      from hashicorp_vault.vault import get_vault_secrets

      vault_secrets = get_vault_secrets(BASE_DIR)

      DATABASES = {
        "default": {
            "ENGINE": config["datasource"]["DATABASE_ENGINE"],
            "NAME": vault_secrets.get("db_database"),
            "USER": vault_secrets.get("db_user"),
            "PASSWORD": vault_secrets.get("db_password"),
            "HOST": vault_secrets.get("host"),
            "PORT": vault_secrets.get("db_port"),
            "OPTIONS": {"charset": "utf8mb4"},
        },
    }
* Use secret keys to access to secret values from vault

::

Compatibility

{py3.8, py3.10}-django{4.* above}

Keywords

vault
vault-django
hashicorp
hashicorp-vault-django
hashicorp_vault_django
hashicorp-vault

FAQs

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

60 Malicious npm Packages Leak Network and Host Data in Active Malware Campaign

Research

Security News

60 Malicious npm Packages Leak Network and Host Data in Active Malware Campaign

Socket’s Threat Research Team has uncovered 60 npm packages using post-install scripts to silently exfiltrate hostnames, IP addresses, DNS servers, and user directories to a Discord-controlled endpoint.

By Kirill Boychenko  -  May 23, 2025