HashiCorp Vault
Manage Secrets and Protect Sensitive Data through HashiCorp Vault.
Authentication & Identity Management · HashiCorp Vault
Configuration parameters
server— HashiCorp server URL (e.g., https://192.168.0.1:8200) (required)use_approle— Use AppRole Auth Methodcredentials— Username / Role IDcache_token— Cache the authentication tokentoken— Authentication tokencredentials_token—namespace— Vault enterprise namespaceunsecure— Trust any certificate (not secure)proxy— Use system proxy settingsisFetchCredentials— Fetches credentialsengines— CSV list of secrets engine types to fetch secrets fromconcat_username_to_cred_name— Concat username to credential object name
Commands (17)
-
hashicorp-configure-engineConfigure a secrets engine to fetch secrets from.
-
hashicorp-create-tokenCreates a new authentication token.
-
hashicorp-delete-secretDeletes the data under a specified secret given the secret path. Performs a soft delete that allows you to run the hashicorp-undelete-secret command if necessary (for KV V2 engine).
-
hashicorp-destroy-secretPermanently deletes a secret (for KV V2 engine).
-
hashicorp-disable-engineWhen a secrets engine is no longer needed, it can be disabled. All secrets under the engine are revoked and the corresponding vault data and configurations are removed.
-
hashicorp-enable-engineEnables a new secrets engine at the specified path.
-
hashicorp-generate-role-secretGenerates and issues a new SecretID on an existing AppRole.
-
hashicorp-get-policyGet information for a policy.
-
hashicorp-get-role-idRetrieves the AppRole ID for a specified role.
-
hashicorp-get-secret-metadataReturns information about a specified secret in a specified KV V2 engine.
-
hashicorp-list-policiesLists all configured policies.
-
hashicorp-list-secretsList secrets (names) for a specified KV engine.
-
hashicorp-list-secrets-enginesList all secrets engines that exist in HashiCorp Vault.
-
hashicorp-reset-configurationReset the engines configuration.
-
hashicorp-seal-vaultIf you suspect your data has been compromised, you can seal your vault to prevent access to your secrets.
-
hashicorp-undelete-secretUndeletes (restores) a secret on HashiCorp (for KV V2 engine).
-
hashicorp-unseal-vaultUse a single master key share to unseal the vault. If the master key shares threshold is met, the vault will attempt to unseal the vault. Otherwise, this API must be called until the threshold is met.