Vault - заметки по использованию

Посмотреть список движков секретов

root@tfd:/data/git/iac2/15_astra# vault secrets list
Path          Type         Accessor              Description
----          ----         --------              -----------
consul/       consul       consul_b2e31f66       n/a
cubbyhole/    cubbyhole    cubbyhole_7ca6cbc2    per-token private secret storage
identity/     identity     identity_0adb11a0     identity store
kv/           kv           kv_6296c4d0           n/a
sys/          system       system_894f1e1d       system endpoints used for control, policy and debugging
vmware/       kv           kv_f7bb2d52           n/a
windows/      kv           kv_9545bced           n/a

Настраиваем точку входа в consul engine

# vault write consul/config/access address="172.27.157.11:8500"
Success! Data written to: consul/config/access

# vault read consul/config/access
Key        Value
---        -----
address    172.27.157.11:8500
scheme     http

Генерируем токен доступа

# vault write consul/config/access address="10.55.82.48:8500"
Success! Data written to: consul/config/access
root@tfd:/data/git/iac2/15_astra# CONSUL_HTTP_TOKEN="<bootstrap-token>" consul acl token create -policy-name="global-management"
Failed to create new token: Unexpected response code: 401 (ACL support disabled)

Здесь не сработало, т.к. у нас отключена поддержка ACL в consul

Keys	Action
`?`	Open this help
`n`	Next page
`p`	Previous page
`s`	Search