AireVault Mapping

Mapping AireVault Variables & Secrets

Using the AireVault API you can create variables and secrets that can be used within AireFlow's workflow definition. Each of these have a key and a number of scoped values that can be specified.

Similar to using liquid to map data within the context, AireVault variables and secrets are mapped in the same way.

Below would be an example request to AireVault to create a new vault variable to store an error email address:

{
      "key": "erroremail",
      "values": [{
        "scope": "flow:workflowDefinitionKey:workflowDefinitionVersion",
        "value": "dev.aireflowerror@airelogic.com"
      }]
}

The workflowDefinitionKey and workflowDefinitionVersion segment of the scope would be replaced with the related values.

Mapping

Within the workflow definition you can access the vault variables with the following expression {{ vault.variables.erroremail }}

Similarly if it was a vault secret you wanted to access you could do {{ vault.secrets.erroremail }}

Scopes

Depending on what scopes you have stored against the key, it will return different values. For workflow mapping, AireFlow requests use the scope of flow:workflowDefinitionKey:workflowDefinitionVersion, so this would return dev.aireflowerror@airelogic.com.

However if you wanted a value to match only on the workflowDefinitionKey for all versions you could remove the last segment of the scope when creating the variable/secret e.g. flow:workflowDefinitionKey

If you were to have the scope as flow, it would now match for all the AireFlow calls across all workflow definitions.