mirror of
https://gitea.com/mcereda/oam.git
synced 2026-02-09 05:44:23 +00:00
40 lines
896 B
Markdown
40 lines
896 B
Markdown
# Hashicorp Vault
|
|
|
|
## TL;DR
|
|
|
|
```sh
|
|
# Install the CLI.
|
|
brew tap hashicorp/tap && brew install hashicorp/tap/vault
|
|
|
|
# Settings.
|
|
export VAULT_ADDR='https://vault.address/'
|
|
export VAULT_NAMESPACE='namespace_name'
|
|
|
|
# Check the connection to the Vault server.
|
|
vault status
|
|
|
|
# Login.
|
|
vault login
|
|
vault login -method='oidc'
|
|
|
|
# Unwrap a token.
|
|
# This operation may only be attempted once; after this attempt, the token will
|
|
# die and will need to be regenerated.
|
|
export VAULT_TOKEN='s.WVDAitOTTTfcjlklwk8AADDs' && vault unwrap
|
|
|
|
# Create a secret.
|
|
vault kv put secret/demo-app/config username='foo' password='bar'
|
|
|
|
# Get a secret.
|
|
# Note: "data" need to be added here in the path (secret/demo-app/config), as
|
|
# it is a property of the Vault API.
|
|
vault read -format 'json' 'secret/data/demo-app/config'
|
|
```
|
|
|
|
## Further readings
|
|
|
|
- [HashiCorp Vault]
|
|
|
|
<!-- -->
|
|
[hashicorp vault]: https://www.vaultproject.io/
|