/vault-ui

Vault-UI — A beautiful UI to manage your Vault, written in React

Primary LanguageJavaScriptOtherNOASSERTION

Vault-UI

Run Status

A beautiful way to manage your secrets in Vault Landing Page

Secrets Management New Secrets

Configuration

Configuration is accessed by clicking on the configuration cog on the login page. Configuration

Vault Endpoint

Users can enter in the full endpoint to Vault, including scheme.

Authentication

Currently supported authentication backends:

Secrets

By default, secrets will display as their raw JSON value represented by the data field in the HTTP GET response metadata. However, users can apply a "Root Key" bias to the secrets through the settings page. The "Root Key" will be used when reading, creating and updating secrets such that the value displayed in the UI is the value stored at the "Root Key". For example, if the secret at secret/hello is { "value": "world" }, setting the "Root Key" to value will update the UI such that the secret will display as simply "world" instead of { "value": "world" }.

Policies

Policies can be entered in as JSON or as HCL. If entered in as HCL, it will be converted to JSON as required for the PUT command in Vault's API. However, existing policies that are in HCL will continue to be displayed in HCL.

Response Wrapping

Vault-UI supports response-wrapping raw values. It currently does not support wrapping of existing secrets. Response Wrapping

Run

Vault-UI Docker images are automatically built using an automated build on Docker Hub. To run Vault-UI using the latest Docker image:

docker run -d \
-p 8000:8000 \
--name vault-ui \
djenriquez/vault-ui

Skip TLS Verification

In the case that you need to skip TLS verification, say for self-signed certs, you can run Vault-UI with the environment variable NODE_TLS_REJECT_UNAUTHORIZED=0:

docker run -d \
-p 8000:8000 \
-e NODE_TLS_REJECT_UNAUTHORIZED=0 \
--name vault-ui \
djenriquez/vault-ui

Development

With Docker

The command below will use Docker Compose to spin up a Vault dev server and a Vault UI server that you can log into with username "test" and password "test":

./run-docker-compose-dev

Without Docker

The following will spin up a Vault UI server only. It will not set up Vault for you:

npm install

# If you do not have webpack installed globally
npm install -g webpack

npm start
webpack -w

Licensing

Vault-UI is licensed under BSD 2-Clause. See LICENSE for the full license text.