Sign in Get Started

vault hashicorp cheat sheet

Foreign student 
#Enabling and Disabling Auth Methods

  $ vault auth enable userpass
  $ vault auth list
  $ vault auth list -detailed
  $ vault auth enable -path=my-login userpass
  $ vault write sys/auth/my-auth type=userpass
#Check
  $ vault read sys/auth/
  $ vault read sys/mounts/auth/token/tune
  $ vault path-help auth/my-auth

#Creation/Lookup a token

  $ vault token create
  $ vault token create -format=json -policy="admin"
  $ vault token lookup <TOKEN-ID>

#Create a token with use limit 
  $ vault token create -policy=default -use-limit=2
#Create periodic token with period of 24h
  $ vault write auth/token/roles/zabbix allowed_policies="default" period="24h"
  $ vault token create -role=zabbix

#Accessor token check
  $ vault list auth/token/accessors
  $ vault token lookup -accessor <TOKEN-ID>

#Login/Revoke/Renew with the new token

  $ vault login <TOKENID>
  $ vault login $VAULT_TOKEN
  $ vault token revoke <TOKENID>
  $ vault token renew <token>
  $ vault token renew -increment=<EXTENSION> <TOKEN>

#Token Capabilities
    
  $ vault token capabilities <TOKEN_ID> <PATH>

#login using the different auth method
  
  $ vault login -method=<auth-method> token=<TOKEN_ID>
  
#Write Policy for different auth-Methods.

  $ vault policy write <POLICY_NAME> <POLICY_FILE_PATH_WITH .HCL_EXTENSION>

#List all enabled policies:

  $ vault policy list
        
#Delete the policy named my-policy:

  $ vault policy delete my-policy

#Read the policy
  
  $ vault policy read <POLICY_NAME>

#Wrapping the password like secret-id in approle method
  $ vault write -wrap-ttl=60s -f auth/approle/role/jenkins/secret-id

#Generating Orphan Tokens
  $  vault token create -orphan

/*Creation of the batch tokens. Notice that the token value is much longer than the service tokens. 
This is because batch tokens are encrypted by the Vault's barrier*/
  $  vault token create -type=batch -policy="test"
View another examples Add Own solution
Log in, to leave a comment

3.5
4
SemperMelior 100 points 

                                    #Change Default and Max TTL's in system which is 32 days
  $ vault write sys/mounts/auth/token/tune default_lease_ttl=6m max_lease_ttl=24h

3.5 (4 Votes)
0
4
9
Theindustrypro 100 points 

                                    Vault sheet

4 (9 Votes)
0
0
0
Slobster 115 points 

                                    #Get the Token Count
  $ vault read sys/internal/counters/tokens

0
0
Are there any code examples left?
Find Add Code snippet
New code examples in category Shell/Bash
SHOW MORE
Create a Free Account
Unlock the power of data and AI by diving into Python, ChatGPT, SQL, Power BI, and beyond.
Sign up
Develop soft skills on BrainApps
Complete the IQ Test
Relative searches
hashicorp vault cheat sheet vault hashicorp cheat sheet
Made with love
This website uses cookies to make IQCode work for you. By using this site, you agree to our cookie policy

Welcome Back!

Sign up to unlock all of IQCode features:
  • Test your skills and track progress
  • Engage in comprehensive interactive courses
  • Commit to daily skill-enhancing challenges
  • Solve practical, real-world issues
  • Share your insights and learnings
Create an account
Sign in
Recover lost password
Or log in with
Not registered?
Sign up takes less than a minute

Create a Free Account

Sign up to unlock all of IQCode features:
  • Test your skills and track progress
  • Engage in comprehensive interactive courses
  • Commit to daily skill-enhancing challenges
  • Solve practical, real-world issues
  • Share your insights and learnings
Create an account
Sign up
Or sign up with
By signing up, you agree to the Terms and Conditions and Privacy Policy. You also agree to receive product-related marketing emails from IQCode, which you can unsubscribe from at any time.
Creating a new code example
Code snippet title
Source