Hashicorp - Vault

Page content

some Hands’on with Hashicorp Vault

Source

https://developer.hashicorp.com/vault/docs/get-started/developer-qs

Install on macos

brew tap hashicorp/tap
brew install hashicorp/tap/vault

Run on Docker

in Background, you have to kill it later

docker run -d -p 8200:8200 -e 'VAULT_DEV_ROOT_TOKEN_ID=dev-only-token' vault
Unseal Key: 2KTIMp0Md52V2xTb0txxxxxxxxxxxxxxxxxxxxxxxxx=
Root Token: dev-only-token

this is a dev instance only and has no persistent data. don’t worry.

Open Browser

  • http://localhost:8200 -> root token

Export in Terminal

export VAULT_ADDR='http://0.0.0.0:8200'
export VAULT_TOKEN="dev-only-token"

Set Key

curl  --header "X-Vault-Token: $VAULT_TOKEN" \
      --header "Content-Type: application/json" \
      --request POST \
      --data '{"data": {"password": "Hashi123"}}' \
      -s http://127.0.0.1:8200/v1/secret/data/my-secret-password

-> Data get’s written to Store …

Read Key

curl  --header "X-Vault-Token: $VAULT_TOKEN" \
      -s http://127.0.0.1:8200/v1/secret/data/my-secret-password |\
      jq -r '.data.data'

… and you get the Password back …

{"password": "Hashi123"}

sha256: cc7af964d2f48ba04fa33580569abc007ff0591846d30f81e76311b1ab41f8ce