GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → sethvargo → vault-token-helper-osx-keychain

sethvargo / vault-token-helper-osx-keychain

Licence: MIT License
An example @hashicorp Vault token helper for Mac OS X Keychain.

Programming Languages

go
31211 projects - #10 most used programming language
shell
77523 projects
Makefile
30231 projects

Labels

vaulthashicorp

Projects that are alternatives of or similar to vault-token-helper-osx-keychain

vauth
VMware vSphere VM Identity Platform
Stars: ✭ 32 (-50%)
Mutual labels:  vault, hashicorp
vim-hcl
Syntax highlighting for HashiCorp Configuration Language (HCL)
Stars: ✭ 83 (+29.69%)
Mutual labels:  vault, hashicorp
hookpick
A tool to manage some operational concepts of Hashicorp Vault
Stars: ✭ 83 (+29.69%)
Mutual labels:  vault, hashicorp
hashicorp-labs
Deploy locally on VM an Hashicorp cluster formed by Vault, Consul and Nomad. Ready for deploying and testing your apps.
Stars: ✭ 32 (-50%)
Mutual labels:  vault, hashicorp
vault-load-testing
Automated load tests for Vault and Consul using the locust.io Python framework
Stars: ✭ 44 (-31.25%)
Mutual labels:  vault, hashicorp
vault-plugin-secrets-wireguard
Vault's plugin for managing server and dynamic client configurations
Stars: ✭ 41 (-35.94%)
Mutual labels:  vault, hashicorp
vault-consul-docker
Vault + Consul + Docker
Stars: ✭ 75 (+17.19%)
Mutual labels:  vault, hashicorp
Kubernetes External Secrets
Integrate external secret management systems with Kubernetes
Stars: ✭ 2,412 (+3668.75%)
Mutual labels:  vault, hashicorp
teller
Cloud native secrets management for developers - never leave your command line for secrets.
Stars: ✭ 998 (+1459.38%)
Mutual labels:  vault, hashicorp
vault-consul-swarm
Deploy Vault and Consul with Docker Swarm
Stars: ✭ 20 (-68.75%)
Mutual labels:  vault, hashicorp
vault-consul-kubernetes
vault + consul on kubernetes
Stars: ✭ 60 (-6.25%)
Mutual labels:  vault, hashicorp
vault-terraform-demo
Deploy HashiCorp Vault with Terraform in GKE.
Stars: ✭ 47 (-26.56%)
Mutual labels:  vault, hashicorp
Ansible Vault
🔑 Ansible role for Hashicorp Vault
Stars: ✭ 189 (+195.31%)
Mutual labels:  vault, hashicorp
vaultrs
An asynchronous Rust client library for the Hashicorp Vault API
Stars: ✭ 63 (-1.56%)
Mutual labels:  vault, hashicorp
Hashi Helper
Disaster Recovery and Configuration Management for Consul and Vault
Stars: ✭ 155 (+142.19%)
Mutual labels:  vault, hashicorp
vaulter
No description or website provided.
Stars: ✭ 23 (-64.06%)
Mutual labels:  vault, hashicorp
Vaultron
🤖 Vault clusters Terraformed onto Docker for great fun and learning!
Stars: ✭ 96 (+50%)
Mutual labels:  vault, hashicorp
Hashi Up
bootstrap HashiCorp Consul, Nomad, or Vault over SSH < 1 minute
Stars: ✭ 113 (+76.56%)
Mutual labels:  vault, hashicorp
nomad-box
Nomad Box - Simple Terraform-powered setup to Azure of clustered Consul, Nomad and Traefik Load Balancer that runs Docker/GoLang/Java workloads. NOTE: Only suitable in dev environments at the moment until I learn more Terraform, Consul, Nomad, Vault :P
Stars: ✭ 18 (-71.87%)
Mutual labels:  vault, hashicorp
vault-ctrl-tool
Simple tool for managing authentication, secrets, and leases for services.
Stars: ✭ 23 (-64.06%)
Mutual labels:  vault, hashicorp
View All Similar Projects ➔

Vault Token Helper for OS X Keychain

This is sample code and a proof-of-concept for creating an external HashiCorp Vault Token Helper.

By default, Vault authenticates users locally and caches their token in ~/.vault-token. For shared systems or systems where security is paramount, this may not be ideal. Fortunately, this storage mechanism is an abstraction known as a "token helper".

This code demonstrates one possible example of an external token helper. When requesting or storing a token, Vault delegates to this binary.

Installation

  1. Download and install the binary from GitHub. I supplied both a signed DMG with my personal Apple Developer ID or you can download the binary directly. If neither of those options suffice, you can audit and compile the code yourself.

  2. Put the binary somewhere on disk, like ~/.vault.d/token-helpers:

    $ mv vault-token-helper ~/.vault.d/token-helpers/vault-token-helper

  3. Create a Vault configuration file at ~/.vault with the contents:

    token_helper = "/Users/<your username>/.vault.d/token-helpers/vault-token-helper"

    Be sure to replace <your username> with your username. The value must be a full path (you cannot use a relative path).

    The local CLI will automatically pickup this configuration value.

Usage

  1. Use Vault normally. Commands like vault auth will automatically delegate to keychain access.

Development

There's a handy scripts/dev.sh that will start a Vault server in development mode pre-configured with the token helper.

License & Author

This project is licensed under the MIT license by Seth Vargo ([email protected]).

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].