Editing Hashicorp Vault
Jump to navigation
Jump to search
Warning: You are not logged in. Your IP address will be publicly visible if you make any edits. If you log in or create an account, your edits will be attributed to your username, along with other benefits.
The edit can be undone. Please check the comparison below to verify that this is what you want to do, and then save the changes below to finish undoing the edit.
| Latest revision | Your text | ||
| Line 1: | Line 1: | ||
| − | + | {{Draft}} | |
| + | [[wikipedia:HashiCorp|Vault]] ([[2015]]) provides [[secrets management]], [[identity-based access]], [[encrypting]] application data and [[auditing]] of secrets for applications, systems, and users. | ||
| + | |||
| + | == MacOS installation == | ||
| + | <code>brew install vault</code> | ||
| + | <pre> | ||
| + | To have launchd start vault now and restart at login: | ||
| + | brew services start vault | ||
| + | Or, if you don't want/need a background service you can just run: | ||
| + | vault server -dev | ||
| + | </pre> | ||
| + | |||
| + | == Commands == | ||
| + | * <code>vault -version</code> | ||
| + | * <code>[[vault kv put]]</code> | ||
| + | * <code>[[vault kv get]]</code> | ||
| + | |||
| + | Starting vault: | ||
| + | <pre> | ||
| + | vault server -dev | ||
| + | .../... | ||
| + | export VAULT_DEV_ROOT_TOKEN_ID="s.TVr0O4kUldB9uPKOkq78XJPT" | ||
| + | export VAULT_ADDR='http://127.0.0.1:8200' | ||
| + | vault status | ||
| + | Key Value | ||
| + | --- ----- | ||
| + | Seal Type shamir | ||
| + | Initialized true | ||
| + | Sealed false | ||
| + | Total Shares 1 | ||
| + | Threshold 1 | ||
| + | Version 1.3.4 | ||
| + | Cluster Name vault-cluster-2ebb06b4 | ||
| + | Cluster ID b4fc7a4e-874b-a219-df41-b9ddb9dgg581 | ||
| + | HA Enabled false | ||
| + | </pre> | ||
| + | |||
| + | * <code>[[vault kv put]] secret/hello foo=world MY_FIRST_KEY=MY_FIRST_VALUE</code> | ||
| + | * <code>[[vault kv]] put secret/hello foo=world ADDITIONAL_KEY=ADDITIONAL_VALUE</code> | ||
| + | |||
| + | Read: | ||
| + | <pre> | ||
| + | vault kv get secret/hello | ||
| + | ====== Metadata ====== | ||
| + | Key Value | ||
| + | --- ----- | ||
| + | created_time 2020-03-29T13:34:29.337076Z | ||
| + | deletion_time n/a | ||
| + | destroyed false | ||
| + | version 2 | ||
| + | |||
| + | ===== Data ===== | ||
| + | Key Value | ||
| + | --- ----- | ||
| + | MY_FIRST_KEY MY_FIRST_VALUE | ||
| + | ADDITIONAL_KEY ADDITIONAL_VALUE | ||
| + | </pre> | ||
| + | |||
| + | [[vault kv]] get -field=ADDITIONAL_KEY secret/hello | ||
| + | ADDITIONAL_VALUE | ||
| + | |||
| + | vault server -dev | ||
| + | Error initializing listener of type tcp: listen tcp 127.0.0.1:8200: bind: address already in use | ||
| + | |||
| + | <pre> | ||
| + | vault kv put secret/hello foo=world | ||
| + | Get https://127.0.0.1:8200/v1/sys/internal/ui/mounts/secret/hello: dial tcp 127.0.0.1:8200: connect: connection refused | ||
| + | </pre> | ||
| + | <pre> | ||
| + | vault kv put secret/hello foo=world | ||
| + | Get https://127.0.0.1:8200/v1/sys/internal/ui/mounts/secret/hello: http: server gave HTTP response to HTTPS client | ||
| + | </pre> | ||
| + | |||
| + | vault server -config vault-config.hcl | ||
| + | error loading configuration from vault-config.hcl: stat vault-config.hcl: no such file or directory | ||
| + | |||
| + | == [[Vault Changelog]] == | ||
| + | |||
| + | |||
| + | == Related terms == | ||
| + | * [[X.509]] | ||
| + | * <code>[[vault secrets enable]] pki</code> | ||
| + | |||
| + | == See also == | ||
| + | * {{Vault}} | ||
| + | *[[GDPR]] | ||
| + | * {{CA}} | ||
| + | * {{HashiCorp}} | ||
| + | * {{secrets}} | ||
| + | |||
| + | [[Category:Security]] | ||
Advertising:
