hasicorp vault roles code example
Example 1: approle hashicorp vault
vault write auth/approle/role/jenkins token_policies="jenkins-policy"
vault write auth/approle/role/mysql token_policies="approle-policy" token_ttl=1h token_max_ttl=4h
vault write sys/auth/jenkins type=approle
vault read auth/approle/role/jenkins
vault read auth/approle/role/mysql
vault read auth/approle/role/jenkins/role-id
vault write -f auth/approle/role/jenkins/secret-id
vault write auth/approle/login role_id="<PUT ROLE ID GENERATED FROM ABOVE COMMAND>"
secret_id="<PUT SECRET ID>"
vault write -wrap-ttl=60s -f auth/approle/role/jenkins/secret-id
vault write auth/approle/role/jenkins token_policies="jenkins" \
token_ttl=1h token_max_ttl=4h \
secret_id_num_uses=10
VAULT_TOKEN=<TOKEN_OUTPUT_FROM_ABOVE_COMMAND> vault kv get secret/mysql/webapp
Example 2: Token capabilities in vault
>> vault token capabilities <TOKEN> <PATH>