Difference between revisions of "Hashicorp Vault"
Jump to navigation
Jump to search
Line 1: | Line 1: | ||
− | |||
[[wikipedia:HashiCorp|Vault]] ([[2015]]) provides [[secrets management]], [[identity-based access]], [[encrypting]] application data and [[auditing]] of secrets for applications, systems, and users. | [[wikipedia:HashiCorp|Vault]] ([[2015]]) provides [[secrets management]], [[identity-based access]], [[encrypting]] application data and [[auditing]] of secrets for applications, systems, and users. | ||
Revision as of 06:17, 8 March 2021
Vault (2015) provides secrets management, identity-based access, encrypting application data and auditing of secrets for applications, systems, and users.
MacOS installation
brew install vault
To have launchd start vault now and restart at login: brew services start vault Or, if you don't want/need a background service you can just run: vault server -dev
Commands
vault -version
vault kv put
vault kv get
vault server
vault server -config
Starting vault:
vault server -dev .../... export VAULT_DEV_ROOT_TOKEN_ID="s.TVr0O4kUldB9uPKOkq78XJPT" export VAULT_ADDR='http://127.0.0.1:8200' vault status Key Value --- ----- Seal Type shamir Initialized true Sealed false Total Shares 1 Threshold 1 Version 1.3.4 Cluster Name vault-cluster-2ebb06b4 Cluster ID b4fc7a4e-874b-a219-df41-b9ddb9dgg581 HA Enabled false
vault kv put secret/hello foo=world MY_FIRST_KEY=MY_FIRST_VALUE
vault kv put secret/hello foo=world ADDITIONAL_KEY=ADDITIONAL_VALUE
Read:
vault kv get secret/hello ====== Metadata ====== Key Value --- ----- created_time 2020-03-29T13:34:29.337076Z deletion_time n/a destroyed false version 2 ===== Data ===== Key Value --- ----- MY_FIRST_KEY MY_FIRST_VALUE ADDITIONAL_KEY ADDITIONAL_VALUE
vault kv get -field=ADDITIONAL_KEY secret/hello ADDITIONAL_VALUE
vault server -dev
Error initializing listener of type tcp: listen tcp 127.0.0.1:8200: bind: address already in use
vault kv put secret/hello foo=world Get https://127.0.0.1:8200/v1/sys/internal/ui/mounts/secret/hello: dial tcp 127.0.0.1:8200: connect: connection refused
vault kv put secret/hello foo=world Get https://127.0.0.1:8200/v1/sys/internal/ui/mounts/secret/hello: http: server gave HTTP response to HTTPS client
vault server -config vault-config.hcl error loading configuration from vault-config.hcl: stat vault-config.hcl: no such file or directory
Vault Changelog
Related terms
See also
vault [ secrets enable | kv put | kv get | server | operator | auth | token | secrets | auth enable | status
] Vault Changelog,vault help
- GDPR
- CA, Root Certificates, FreeIPA, PKI, OpenCA, Wildcard certificate,
certtool
,certbot
(Let's Encrypt),certinfo
(Cloudflare), ACME, Boulder,cfssl
(Cloudflare), Public key certificate, public key, TLS and X.509, OCSP, Subject Alternative Name (SAN),openssl ca
, Self signed certificate, CSR,keytool
, ACM, KMS,aws acm
, IdenTrust, multirootca, cert-manager, ca_cert_identifier - HashiCorp: HCP, Terraform, Vault, Nomad, Vagrant, Sentinel, Consul, Packer, Waypoint, Boundary, Mitchell Hashimoto, Armon Dadgar
- Secrets: Kubernetes secrets,
ansible-vault
, Hashicorp Vault, AWS Secrets Manager, Google Secret Manager,git-crypt
, SOPS: Secrets OPerationS, Google Cloud Secret Manager, GitHub secret scanning alerts
Advertising: