This is the multi-page printable view of this section. Click here to print.

Return to the regular view of this page.

The Go library

The vault-sdk repository contains several Go packages for interacting with Vault, these packages are organized into the sdk Go module, which can be pulled in with go get and is versioned by the vX.Y.Z Git tags:

  • auth: Stores JWT bearer tokens in Vault.

    Note: The Gin handler is available at gin-utilz


  • vault: A wrapper for the official Vault client with automatic token renewal, and Kubernetes support.


  • db: A helper for creating database source strings (MySQL/PostgreSQL) with database credentials dynamically based on configured Vault roles (instead of username:password).


  • tls: A simple package to generate self-signed TLS certificates. Useful for bootstrapping situations, when you can’t use Vault’s PKI secret engine.

Examples for using the library part

Some examples are in cmd/examples/main.go of the vault-operator repository.