String
Azure Key Vault Connector 1.1 Reference - Mule 4
Anypoint Connector for Azure Key Vault (Azure Key Vault Connector) enables you to retrieve secrets, keys, or certificates, and encrypt or decrypt content.
Configuration
Default Configuration for Azure Key Vault Connector.
Name | Type | Description | Default Value | Required |
---|---|---|---|---|
Name |
Name for this configuration. Connectors reference the configuration with this name. |
x |
||
Connection |
Connection types for this configuration. |
x |
||
Name |
String |
ID used to reference this configuration. |
x |
|
Expiration Policy |
Configures the minimum amount of time that a dynamic configuration instance can remain idle before Mule considers it eligible for expiration. |
Connection - Connection Type
Uses a client ID, client secret, and cryptography client cache for authentication. Note that the connector configuration does not allow properties such as client_id
and client_secret
to be hard coded.
Name | Type | Description | Default Value | Required |
---|---|---|---|---|
Client Id |
String |
Client ID. |
x |
|
Tenant Id |
String |
Tenant ID. |
x |
|
Client Secret |
String |
Client secret. |
x |
|
Vault Name |
String |
Vault name. |
x |
|
Use Azure Default Credential |
Boolean |
Uses the authentication parameters taken from environment variables. |
false |
|
Uri Override |
String |
The URI override for the key vault. If you configure this field, then the value for the Vault Name field is not considered for the connection configuration. If the key vault is not located on Azure Commercial Cloud, then configure this field. |
||
Cryptography Client Cache |
The cryptography client is created based on a key. If the key does not change (no new versions are created), the client is cached and the Encrypt Message and Decrypt Message operations take less time. When encrypting or decrypting a message, a key must be retrieved internally. Retrieving a key every time makes the operation take longer to execute. Enable Cryptography Client Cache to save time when retrieving the key. |
|||
Reconnection |
Configures a reconnection strategy to use when a connector operation fails to connect to an external server. |
|||
Pooling Profile |
Characteristics of the connection pool. |
Operations
Decrypt Message
<azure-key-vault:decrypt-message>
Decrypts a message.
Name | Type | Description | Default Value | Required |
---|---|---|---|---|
Configuration |
String |
Name of the configuration to use. |
x |
|
Algorithm |
Enumeration, one of:
|
Algorithm type. |
x |
|
Key Name |
String |
Key name. |
x |
|
Key Version |
String |
Key version. |
||
Message |
Any |
Message to decrypt. |
|
|
Config Ref |
ConfigurationProvider |
Name of the configuration to use to execute this component. |
x |
|
Target Variable |
String |
Name of the variable that stores the operation’s output. |
||
Target Value |
String |
Expression that evaluates the operation’s output. The outcome of the expression is stored in the Target Variable field. |
|
|
Reconnection Strategy |
Retry strategy in case of connectivity errors. |
Encrypt Message
<azure-key-vault:encrypt-message>
Encrypts a message.
Name | Type | Description | Default Value | Required |
---|---|---|---|---|
Configuration |
String |
Name of the configuration to use. |
x |
|
Algorithm |
Enumeration, one of:
|
Algorithm type. |
x |
|
Key Name |
String |
Key name. |
x |
|
Key Version |
String |
Key version. |
||
Message |
Any |
Message to encrypt. |
|
|
Config Ref |
ConfigurationProvider |
Name of the configuration to use to execute this component. |
x |
|
Target Variable |
String |
Name of the variable that stores the operation’s output. |
||
Target Value |
String |
Expression that evaluates the operation’s output. The outcome of the expression is stored in the Target Variable field. |
|
|
Reconnection Strategy |
Retry strategy in case of connectivity errors. |
Get Certificate
<azure-key-vault:get-certificate>
Retrieves a certificate.
Name | Type | Description | Default Value | Required |
---|---|---|---|---|
Configuration |
String |
Name of the configuration to use. |
x |
|
Certificate Name |
String |
Certificate name. |
x |
|
Certificate Version |
String |
Certificate version. |
||
Config Ref |
ConfigurationProvider |
Name of the configuration to use to execute this component. |
x |
|
Target Variable |
String |
Name of the variable that stores the operation’s output. |
||
Target Value |
String |
Expression that evaluates the operation’s output. The outcome of the expression is stored in the Target Variable field. |
|
|
Reconnection Strategy |
Retry strategy in case of connectivity errors. |
Get Secret
<azure-key-vault:get-secret>
Retrieves a secret.
Name | Type | Description | Default Value | Required |
---|---|---|---|---|
Configuration |
String |
Name of the configuration to use. |
x |
|
Secret Name |
String |
Secret name. |
x |
|
Secret Version |
String |
Secret version. |
||
Config Ref |
ConfigurationProvider |
Name of the configuration to use to execute this component. |
x |
|
Target Variable |
String |
Name of the variable that stores the operation’s output. |
||
Target Value |
String |
Expression that evaluates the operation’s output. The outcome of the expression is stored in the Target Variable field. |
|
|
Reconnection Strategy |
Retry strategy in case of connectivity errors. |
Object Types
Cached Cryptography Client Configuration
Configures the cached cryptography client configuration.
The cryptography client is created based on a key. If the key does not change (no new versions are created), the client is cached and the Encrypt Message and Decrypt Message operations take less time.
When encrypting or decrypting a message, a key must be retrieved internally. Retrieving a key every time makes the operation take longer to execute. Enable Cryptography Client Cache to save time when retrieving the key.
Field | Type | Description | Default Value | Required |
---|---|---|---|---|
Cached Crypto Client Ttl |
String |
Cached crypto client time-to-live (TTL) value. |
|
|
Unit |
Enumeration, one of:
|
Time unit for the Cached Crypto Client Ttl field. |
|
Cryptography Result
Configures the cryptography result type.
Field | Type | Description | Default Value | Required |
---|---|---|---|---|
Data |
Binary |
Data. |
||
Encryption Algorithm |
Enumeration, one of:
|
Encryption algorithm type. |
||
Key |
String |
Key. |
Expiration Policy
Configures an expiration policy strategy.
Field | Type | Description | Default Value | Required |
---|---|---|---|---|
Max Idle Time |
Number |
Configures the maximum amount of time that a dynamic configuration instance can remain idle before Mule considers it eligible for expiration. |
||
Time Unit |
Enumeration, one of:
|
Time unit for the Max Idle Time field. |
Pooling Profile
Configures the pooling profile type.
Field | Type | Description | Default Value | Required |
---|---|---|---|---|
Max Active |
Number |
Controls the maximum number of Mule components that can be borrowed from a session at one time. When set to a negative value, there is no limit to the number of components that are active at one time. When Max Active is exceeded, the pool is exhausted. |
||
Max Idle |
Number |
Controls the maximum number of Mule components that sit idle in the pool at any time. When set to a negative value, there is no limit to the number of Mule components that are idle at one time. |
||
Max Wait |
Number |
Specifies the number of milliseconds to wait for a pooled component to become available when the pool is exhausted and when Exhausted Action is set to |
||
Min Eviction Millis |
Number |
Determines the minimum amount of time an object sits idle in the pool before the object is eligible for eviction. When non-positive, no objects are evicted from the pool due to idle time alone. |
||
Eviction Check Interval Millis |
Number |
Specifies the number of milliseconds between runs of the object evictor. When non-positive, no object evictor is executed. |
||
Exhausted Action |
Enumeration, one of:
|
Specifies the behavior of the Mule component pool when the pool is exhausted:
|
||
Initialisation Policy |
Enumeration, one of:
|
Determines how components in a pool should be initialized:
|
||
Disabled |
Boolean |
Specifies whether pooling is disabled or not. |
Reconnect
Configures a standard reconnection strategy, which specifies how often to reconnect and how many reconnection attempts the connector source or operation can make.
Field | Type | Description | Default Value | Required |
---|---|---|---|---|
Frequency |
Number |
How often to attempt to reconnect, in milliseconds. |
||
Blocking |
Boolean |
If |
||
Count |
Number |
How many reconnection attempts the Mule app can make. |
Reconnect Forever
Configures a forever reconnection strategy by which the connector source or operation attempts to reconnect at a specified frequency for as long as the Mule app runs.
Field | Type | Description | Default Value | Required |
---|---|---|---|---|
Frequency |
Number |
How often to attempt to reconnect, in milliseconds. |
||
Blocking |
Boolean |
If |
Reconnection
Configures a reconnection strategy for an operation.
Field | Type | Description | Default Value | Required |
---|---|---|---|---|
Fails Deployment |
Boolean |
Configures a reconnection strategy to use when a connector operation fails to connect to an external server. |
||
Reconnection Strategy |
Reconnection strategy to use. |
Vault Certificate
Configures the vault certificate type.
Field | Type | Description | Default Value | Required |
---|---|---|---|---|
Certificate |
Binary |
Certificate. |
||
Certificate Content Type |
String |
Certificate content type. |
||
Certificate Key Type |
String |
Certificate key type. |
||
Certificate Secret |
Certificate secret. |
|||
Certificate Type |
String |
Certificate type. |
||
Created On |
DateTime |
Date the vault certificate is created. |
||
Enabled |
Boolean |
Specifies whether the vault certificate is enabled. |
||
Expires On |
DateTime |
Specifies the expiration of the vault certificate. |
||
Key Id |
String |
Key ID. |
||
Name |
String |
Name. |
||
Not Before |
DateTime |
Specifies which DateTime the vault certificate must be not before. |
||
Recovery Level |
String |
Recovery level. |
||
Secret Id |
String |
Secret ID. |
||
Updated On |
DateTime |
Specifies which DateTime the vault certificate is updated on. |
||
Version |
String |
Version of the vault certificate. |
Vault Secret
Configures the vault secret type.
Field | Type | Description | Default Value | Required |
---|---|---|---|---|
Content Type |
String |
Content type. |
||
Created On |
DateTime |
Date the vault secret is created. |
||
Enabled |
Boolean |
Specifies whether the vault secret is enabled. |
||
Expires On |
DateTime |
Specifies the expiration of the vault secret. |
||
Id |
String |
ID. |
||
Name |
String |
Name. |
||
Not Before |
DateTime |
Specifies which DateTime the vault secret must be not before. |
||
Recovery Level |
String |
Recovery level. |
||
Updated On |
DateTime |
Specifies which DateTime the vault secret is updated on. |
||
Value |
String |
Value. |
||
Version |
String |
Version of the vault secret. |