open-vault/website/source/api/secret/mssql/index.html.md

251 lines
5.8 KiB
Markdown
Raw Normal View History

---
2017-03-17 18:06:03 +00:00
layout: "api"
page_title: "MSSQL - Secrets Engines - HTTP API"
New Docs Website (#5535) * conversion stage 1 * correct image paths * add sidebar title to frontmatter * docs/concepts and docs/internals * configuration docs and multi-level nav corrections * commands docs, index file corrections, small item nav correction * secrets converted * auth * add enterprise and agent docs * add extra dividers * secret section, wip * correct sidebar nav title in front matter for apu section, start working on api items * auth and backend, a couple directory structure fixes * remove old docs * intro side nav converted * reset sidebar styles, add hashi-global-styles * basic styling for nav sidebar * folder collapse functionality * patch up border length on last list item * wip restructure for content component * taking middleman hacking to the extreme, but its working * small css fix * add new mega nav * fix a small mistake from the rebase * fix a content resolution issue with middleman * title a couple missing docs pages * update deps, remove temporary markup * community page * footer to layout, community page css adjustments * wip downloads page * deps updated, downloads page ready * fix community page * homepage progress * add components, adjust spacing * docs and api landing pages * a bunch of fixes, add docs and api landing pages * update deps, add deploy scripts * add readme note * update deploy command * overview page, index title * Update doc fields Note this still requires the link fields to be populated -- this is solely related to copy on the description fields * Update api_basic_categories.yml Updated API category descriptions. Like the document descriptions you'll still need to update the link headers to the proper target pages. * Add bottom hero, adjust CSS, responsive friendly * Add mega nav title * homepage adjustments, asset boosts * small fixes * docs page styling fixes * meganav title * some category link corrections * Update API categories page updated to reflect the second level headings for api categories * Update docs_detailed_categories.yml Updated to represent the existing docs structure * Update docs_detailed_categories.yml * docs page data fix, extra operator page remove * api data fix * fix makefile * update deps, add product subnav to docs and api landing pages * Rearrange non-hands-on guides to _docs_ Since there is no place for these on learn.hashicorp, we'll put them under _docs_. * WIP Redirects for guides to docs * content and component updates * font weight hotfix, redirects * fix guides and intro sidenavs * fix some redirects * small style tweaks * Redirects to learn and internally to docs * Remove redirect to `/vault` * Remove `.html` from destination on redirects * fix incorrect index redirect * final touchups * address feedback from michell for makefile and product downloads
2018-10-19 15:40:11 +00:00
sidebar_title: "MSSQL <sup>DEPRECATED</sup>"
sidebar_current: "api-http-secret-mssql"
description: |-
This is the API documentation for the Vault MSSQL secrets engine.
---
# MSSQL Secrets Engine (API)
~> **Deprecation Note:** This secrets engine is deprecated in favor of the
combined databases secrets engine added in v0.7.1. See the API documentation for
the new implementation of this secrets engine at
[MSSQL database plugin HTTP API](/api/secret/databases/mssql.html).
This is the API documentation for the Vault MSSQL secrets engine. For general
information about the usage and operation of the MSSQL secrets engine, please
see the [Vault MSSQL documentation](/docs/secrets/mssql/index.html).
This documentation assumes the MSSQL secrets engine is enabled at the `/mssql`
path in Vault. Since it is possible to enable secrets engines at any location,
please update your API calls accordingly.
## Configure Connection
This endpoint configures the connection DSN used to communicate with Microsoft
SQL Server.
| Method | Path |
| :--------------------------- | :--------------------- |
| `POST` | `/mssql/config/connection` |
### Parameters
- `connection_string` `(string: <required>)`  Specifies the MSSQL DSN.
- `max_open_connections` `(int: 2)`  Specifies the maximum number of open
connections to the database.
- `max_idle_connections` `(int: 0)`  Specifies the maximum number of idle
connections to the database. A zero uses the value of `max_open_connections`
and a negative value disables idle connections. If larger than
`max_open_connections` it will be reduced to be equal.
### Sample Payload
```json
{
"connection_string": "Server=myServerAddress;Database=myDataBase;User Id=myUsername; Password=myPassword;"
}
```
### Sample Request
```
$ curl \
--header "X-Vault-Token: ..." \
--request POST \
--data @payload.json \
2018-03-23 15:41:51 +00:00
http://127.0.0.1:8200/v1/mssql/config/connection
```
## Configure Lease
This endpoint configures the lease settings for generated credentials.
| Method | Path |
| :--------------------------- | :--------------------- |
| `POST` | `/mysql/config/lease` |
### Parameters
- `lease` `(string: <required>)`  Specifies the lease value provided as a
string duration with time suffix. "h" (hour) is the largest suffix.
- `lease_max` `(string: <required>)`  Specifies the maximum lease value
provided as a string duration with time suffix. "h" (hour) is the largest
suffix.
### Sample Payload
```json
{
"lease": "12h",
"lease_max": "24h"
}
```
### Sample Request
```
$ curl \
--header "X-Vault-Token: ..." \
--request POST \
--data @payload.json \
2018-03-23 15:41:51 +00:00
http://127.0.0.1:8200/v1/mssql/config/lease
```
## Create Role
This endpoint creates or updates the role definition.
| Method | Path |
| :--------------------------- | :--------------------- |
| `POST` | `/mssql/roles/:name` |
### Parameters
- `sql` `(string: <required>)`  Specifies the SQL statements executed to create
and configure the role. The '{{name}}' and '{{password}}' values will be
substituted. Must be a semicolon-separated string, a base64-encoded
semicolon-separated string, a serialized JSON string array, or a
base64-encoded serialized JSON string array.
### Sample Payload
```json
{
"sql": "CREATE LOGIN ..."
}
```
### Sample Request
```
$ curl \
--header "X-Vault-Token: ..." \
--request POST \
--data @payload.json \
2018-03-23 15:41:51 +00:00
http://127.0.0.1:8200/v1/mssql/roles/my-role
```
## Read Role
This endpoint queries the role definition.
| Method | Path |
| :--------------------------- | :--------------------- |
| `GET` | `/mssql/roles/:name` |
### Parameters
- `name` `(string: <required>)` Specifies the name of the role to read. This
is specified as part of the URL.
### Sample Request
```
$ curl \
--header "X-Vault-Token: ..." \
2018-03-23 15:41:51 +00:00
http://127.0.0.1:8200/v1/mssql/roles/my-role
```
### Sample Response
```json
{
"data": {
"sql": "CREATE LOGIN..."
}
}
```
## List Roles
This endpoint returns a list of available roles. Only the role names are
returned, not any values.
| Method | Path |
| :--------------------------- | :--------------------- |
| `LIST` | `/mssql/roles` |
### Sample Request
```
$ curl \
--header "X-Vault-Token: ..." \
--request LIST \
2018-03-23 15:41:51 +00:00
http://127.0.0.1:8200/v1/mssql/roles
```
### Sample Response
```json
{
"auth": null,
"data": {
"keys": ["dev", "prod"]
},
"lease_duration": 2764800,
"lease_id": "",
"renewable": false
}
```
## Delete Role
This endpoint deletes the role definition.
| Method | Path |
| :--------------------------- | :--------------------- |
| `DELETE` | `/mssql/roles/:name` |
### Parameters
- `name` `(string: <required>)` Specifies the name of the role to delete. This
is specified as part of the URL.
### Sample Request
```
$ curl \
--header "X-Vault-Token: ..." \
--request DELETE \
2018-03-23 15:41:51 +00:00
http://127.0.0.1:8200/v1/mssql/roles/my-role
```
## Generate Credentials
This endpoint generates a new set of dynamic credentials based on the named
role.
| Method | Path |
| :--------------------------- | :--------------------- |
| `GET` | `/mssql/creds/:name` |
### Parameters
- `name` `(string: <required>)` Specifies the name of the role to create
credentials against. This is specified as part of the URL.
### Sample Request
```
$ curl \
--header "X-Vault-Token: ..." \
2018-03-23 15:41:51 +00:00
http://127.0.0.1:8200/v1/mssql/creds/my-role
```
### Sample Response
```json
{
"data": {
"username": "root-a147d529-e7d6-4a16-8930-4c3e72170b19",
"password": "ee202d0d-e4fd-4410-8d14-2a78c5c8cb76"
}
}
```