Hashicorp Vault 101: Creating your first secret in Vault CLI
Hashicorp Vault 101 is a series of blog posts, aimed towards making you a zero-to-hero in Vault.
Creating secrets in Vault using CLI
We already discussed interacting with Vault with UI, in this blog, we would be checking how we can also do the same using Vault CLI
To get started we need vault-cli installed on our machine, we need to set a couple of details such as VAULT_HOST & VAULT_TOKEN which provide the details of where the Vault Server is present along with the token.
# Vault Host
export VAULT_ADDR='http://127.0.0.1:8200'# Vault Token
export VAULT_TOKEN=<YOUR_VAULT_TOKEN># Provides Vault Status
vault status
Enabling the secret engine
We first need to enable a secret engine (Key-Value) to store secrets
# Enabling Key-Value Secret engine on /kv path
vault secrets enable -path=kv kv# List the Secrets Engines
vault secrets list
Creating the Secrets
Now since we have created and mounted the key-value secret engine on /kv path.
# Creating Vault secrets
vault kv put kv/user user=admin password=test # Getting Vault Secrets
vault kv get kv/user
Deleting the Secrets
We can delete the secret itself by using the following command
# Deleting the secrets as well
vault kv delete kv/user
Disabling the Secret Engine
We can directly disable a secret engine that will delete all the secrets under it, using the following command.
# Disable Secret Engine
vault secrets disable <SECRET_ENGINE_NAME>