What is Vault? See my HackMD file
Some useful demo see here
Agent? see here
Run up Vault:
$ export VAULT_ADDR=http://localhost:8200
$ sh server.sh
目錄
Use agent to help you auto-renew token or lease.
You can also use consul-template to output the result!
GitHub or AppRole as example
Build a standby node and step-down the active node.
You will see the original standby node become active.
Build your TLS certificate by Vault.
This will need consul-template, please install first.
Do some token stuff
- List accessor
- Batch token
- Wrap token
- Revoke token by accessor
Encryption as server
- Encryption
- Decryption
- Key rotate
- Disable old key to encrypt / decrypt
- Rewrap cipher
- Remove old key
See in LICENSE file