vault-vouch

command module

v0.1.7 Latest Latest Go to latest Published: Apr 26, 2018 License: MIT Imports: 7 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/securityscorecard/vault-vouch

Links

Open Source Insights

README ¶

vault-vouch

This tool is designed to act as glue between a Trusted Third Party & Hashicorp Vault. The target use case is with consul-template.

The only supported Trusted Third Party is currently AWS IAM.

Usage

Command Argument	Environment Variable	Default	Description
`-role=`	`IV_ROLE`	`nil`	Role to request from Vault
`-aws_arn_role=`	`IV_AWS_ARN_ROLE`	`nil`	ARN of AWS role to use for auth payload for Vault
`-aws_role=`	`IV_AWS_ROLE`	`nil`	AWS role to use for auth payload for Vault - it uses the current account's credentials to build the ARN
`-vault_addr=`	`IV_VAULT_ADDR`	`nil`	Vault address
`-wrap_token_ttl=`	`IV_WRAP_TOKEN_TTL`	`5m`	TTL for wrapped token, to disable wrapping set to `0`

Example

export VAULT_ADDR=https://vault.contoso.com
export VAULT_TOKEN=$(vault-vouch -role="my-role")
consul-template -template "in.tpl:out.conf" -config "conf.hcl" -vault-unwrap-token -vault-renew-token=false

Documentation ¶

There is no documentation for this package.

Source Files ¶

View all Source files

main.go

Directories ¶

Path	Synopsis
vault
aws

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL