Vault commands

[root@localhost ~]# vault kv get secret/hello
Error making API request.

URL: GET http://192.168.109.129:8200/v1/sys/internal/ui/mounts/secret/hello
Code: 403. Errors:

* permission denied

[root@localhost ~]# vault login 6KXLe97vFsafCg0kwt5jYzrZ
Success! You are now authenticated. The token information displayed below
is already stored in the token helper. You do NOT need to run “vault login”
again. Future Vault requests will automatically use this token.

Key Value
— —–
token 6KXLe97vFsafCg0kwt5jYzrZ
token_accessor 459nAo70QPB9ZiMdR7dIOJIs
token_duration ∞
token_renewable false
token_policies [“root”]
identity_policies []
policies [“root”]

[root@localhost ~]# vault kv put secret/hello foo=world
Success! Data written to: secret/hello

[root@localhost ~]# vault kv get secret/hello
=== Data ===
Key Value
— —–
foo world

This slideshow requires JavaScript.

[root@localhost ~]# vault kv put secret/hello foo=world excited=yes
Success! Data written to: secret/hello

vault1-3

[root@localhost ~]# vault kv delete secret/hello
Success! Data deleted (if it existed) at: secret/hello

[root@localhost ~]# vault secrets list
Path Type Accessor Description
—- —- ——– ———–
cubbyhole/ cubbyhole cubbyhole_e1646a67 per-token private secret storage
identity/ identity identity_6fbe316a identity store
kv/ kv kv_55bc05ee n/a
secret/ kv kv_5c6f0ddd key/value secret storage
sys/ system system_5e52197e system endpoints used for control, policy and debugging

#######################

Some Basic Commands

$ vault login <initial-root-token>
$ vault kv put secret/hello foo=world
$ vault kv put secret/hello foo=world excited=yes
$ vault kv get secret/hello
$ vault kv delete secret/hello
$ vault write foo/bar a=b
$ vault secrets enable -path=kv kv
$ vault secrets enable kv
$ vault secrets list
$ vault write kv/my-secret value=”s3c(eT”
$ vault write kv/hello target=world
$ vault write kv/airplane type=boeing class=787
$ vault list kv
$ vault secrets disable kv/
$ vault secrets enable -path=aws aws
$ vault read aws/creds/my-role
$ vault lease revoke aws/creds/my-role/0bce0782-32aa-25ec-f61d-c026ff22106
$ vault path-help aws
$ vault token create
$ vault token revoke 463763ae-0c3b-ff77-e137-af668941465c
$ vault login a402d075-6d59-6129-1ac7-3718796d4346
$ vault auth enable -path=github github
$ vault auth enable -path=github github
$ vault auth enable github
$ vault auth enable -path=my-github github
$ vault write auth/github/config organization=hashicorp
$ vault auth list
$ vault auth help github
$ vault login -method=github
$ vault token revoke -mode path auth/github
$ vault auth disable github
$ vault policy fmt my-policy.hcl
$ vault policy write my-policy my-policy.hcl
$ vault policy list
$ vault policy read my-policy
$ vault token create -policy=my-policy

Ref: https://www.hashicorp.com/resources/getting-vault-enterprise-installed-running

 

Leave a comment