Mon, 04 Feb 2019
Vault Secrets Engines
At home I make extensive use of both the Minio object storage server and the Backblaze B2 object storage service. I've also recently started making use of HashiCorp Vault.
Given how useful it is to generate dynamic secrets with Vault, I wanted to extend that to my usage of Minio and B2, so writing a secrets engine plugin for Vault has been on my project list for quite some time. A couple weeks ago I came across David Adams's Sample Vault Secrets Plugin, and after about an hour of staring at that and the Vault source, everything clicked and I started writing plugins.
It's a testament to the contributors to Vault that the plugins system is very well thought out and incredibly easy to use, making it a rather simple task to extend Vault. You can find both of mine on GitHub:
Full Disclosure:At the time that this post was written, I am a HashiCorp employee, although this post and the plugins were written as a personal project and are not official HashiCorp products. The views expressed in this posting are entirely personal and are not statements made on the behalf of HashiCorp, Inc.
Posted at: 12:42 | category: /computers/hashistack | Link