This is an example for Lowkey Vault. It demonstrates a basic scenario where a key is used for encrypt/decrypt operations and database connection specific credentials as well as getting a PKCS12 store with a certificate and matching private key inside.
Note
In order to better understand what is needed in general to make similar examples work, please find a generic overview here.
- Key "repository"
- Secret "repository"
- Certificate "repository"
- Empty credentials for connecting to Lowkey Vault
- Tests
- Key "repository"
- Secret "repository"
- Certificate "repository"
- Empty credentials for connecting to Lowkey Vault (Not needed when using Assumed Identity container)
- Docker Compose to allow easy testing locally
- Tests
- Start Lowkey Vault by following the steps here.
- Make sure it is accessible on
https://localhost:8443 - If you want to use DefaultAzureCredential
- start Assumed Identity
- in the Managed Identity tests, make sure to:
- Set
IDENTITY_ENDPOINTenvironment variable to point to the/metadata/identity/oauth2/tokenpath of Assumed Identity e.g., http://localhost:8080/metadata/identity/oauth2/token - Set
IDENTITY_HEADERenvironment variable to anything (just needs to exist) e.g.,header
- Set
- Make sure it is accessible on
- Run the tests
Tip
Since v2.4.2, Lowkey Vault is providing the same token endpoint on the 8080 port by default. Therefore, you don't need to start another container.