A Passionate Techie

First install and configure vault using this tutorial: https://apassionatechie.wordpress.com/2017/03/05/hashicorp-vault/ Use the latest version of vault. Then install salt using the steps given here: https://docs.saltstack.com/en/latest/topics/installation/ If you face any issues then refer these links: https://apassionatechie.wordpress.com/2017/07/31/salt-issues/ https://apassionatechie.wordpress.com/2017/08/03/salt-stack-formulas/ Now let's integrate vault and salt so that we can access vault secrets from inside salt state. First let's add some key values into our vault. vault write secret/ssh/user1 password="abc123" Then you can check it by reading: vault read secret/ssh/user1 To allow salt to access your secrets you must firstly create a policy as follows: salt-policy.hcl [code] path "secret/*" { capabilities = ["read", "list"] } path "auth/*" { capabilities = ["read", "list","sudo",...

Consul must first be installed on your machine. Consul is distributed as a  binary package  for all supported platforms and architectures. This page will not cover how to compile Consul from source, but compiling from source is covered in the  documentation  for those who want to be sure they're compiling source they trust into the final binary. Installing Consul To install Consul, find the  appropriate package  for your system and download it. Consul is packaged as a zip archive. After downloading Consul, unzip the package. Consul runs as a single binary named  consul . Any other files in the package can be safely removed and Consul will still function. The final step is to make sure that the  consul  binary is available on the  PATH . See  this page  for instructions on setting the PATH on Linux and Mac.  This page  contains instructions for setting the PATH on Windows. Verifying the Installation After installing Consul, verify the installation worked by opening a new terminal se...

What is Vault? Vault is a tool for securely accessing  secrets . A secret is anything that you want to tightly control access to, such as API keys, passwords, certificates, and more. Vault provides a unified interface to any secret, while providing tight access control and recording a detailed audit log. A modern system requires access to a multitude of secrets: database credentials, API keys for external services, credentials for service-oriented architecture communication, etc. Understanding who is accessing what secrets is already very difficult and platform-specific. Adding on key rolling, secure storage, and detailed audit logs is almost impossible without a custom solution. This is where Vault steps in. The key features of Vault are: 1) Secure Secret Storage 2)  Dynamic Secrets 3)  Data Encryption 4)  Leasing and Renewal 5)  Revocation Terms used in Vault Storage Backend  - A storage backend is responsible for durable stor...

What is Vault? Vault is a tool for securely accessing  secrets . A secret is anything that you want to tightly control access to, such as API keys, passwords, certificates, and more. Vault provides a unified interface to any secret, while providing tight access control and recording a detailed audit log. A modern system requires access to a multitude of secrets: database credentials, API keys for external services, credentials for service-oriented architecture communication, etc. Understanding who is accessing what secrets is already very difficult and platform-specific. Adding on key rolling, secure storage, and detailed audit logs is almost impossible without a custom solution. This is where Vault steps in. The key features of Vault are: 1) Secure Secret Storage 2)  Dynamic Secrets 3)  Data Encryption 4)  Leasing and Renewal 5)  Revocation   Terms used in Vault   Storage Backend  - A storage backend is responsible for durable storage of  encrypted  data. Backends are not trusted by...