HashiCorp Vault

Manage Secrets and Protect Sensitive Data through HashiCorp Vault.

Authentication & Identity Management · HashiCorp Vault

Configuration parameters

  • server — HashiCorp server URL (e.g., https://192.168.0.1:8200) (required)
  • use_approle — Use AppRole Auth Method
  • credentials — Username / Role ID
  • cache_token — Cache the authentication token
  • token — Authentication token
  • credentials_token
  • namespace — Vault enterprise namespace
  • unsecure — Trust any certificate (not secure)
  • proxy — Use system proxy settings
  • isFetchCredentials — Fetches credentials
  • engines — CSV list of secrets engine types to fetch secrets from
  • concat_username_to_cred_name — Concat username to credential object name

Commands (17)

  • hashicorp-configure-engine

    Configure a secrets engine to fetch secrets from.

  • hashicorp-create-token

    Creates a new authentication token.

  • hashicorp-delete-secret

    Deletes the data under a specified secret given the secret path. Performs a soft delete that allows you to run the hashicorp-undelete-secret command if necessary (for KV V2 engine).

  • hashicorp-destroy-secret

    Permanently deletes a secret (for KV V2 engine).

  • hashicorp-disable-engine

    When a secrets engine is no longer needed, it can be disabled. All secrets under the engine are revoked and the corresponding vault data and configurations are removed.

  • hashicorp-enable-engine

    Enables a new secrets engine at the specified path.

  • hashicorp-generate-role-secret

    Generates and issues a new SecretID on an existing AppRole.

  • hashicorp-get-policy

    Get information for a policy.

  • hashicorp-get-role-id

    Retrieves the AppRole ID for a specified role.

  • hashicorp-get-secret-metadata

    Returns information about a specified secret in a specified KV V2 engine.

  • hashicorp-list-policies

    Lists all configured policies.

  • hashicorp-list-secrets

    List secrets (names) for a specified KV engine.

  • hashicorp-list-secrets-engines

    List all secrets engines that exist in HashiCorp Vault.

  • hashicorp-reset-configuration

    Reset the engines configuration.

  • hashicorp-seal-vault

    If you suspect your data has been compromised, you can seal your vault to prevent access to your secrets.

  • hashicorp-undelete-secret

    Undeletes (restores) a secret on HashiCorp (for KV V2 engine).

  • hashicorp-unseal-vault

    Use a single master key share to unseal the vault. If the master key shares threshold is met, the vault will attempt to unseal the vault. Otherwise, this API must be called until the threshold is met.