powershell 如何使用PowerCLI连接到Vault Hashicorp

mdfafbf1 于 2023-05-07 发布在 Shell

关注(0)|答案(1)|浏览(229)

我对Vault和PowerShell非常陌生，我需要连接到Vault并使用PowerShell获取密钥。
这是我的代码

$Vault_Address       = 'xxx'
$VAULT_ROOT          = $Vault_Address + '/v1'
$VAULT_LOGIN_APPROLE = $VAULT_ROOT+'/auth/approle/login'
$VAULT_KV_PATH       = $VAULT_ROOT+'/xx/xx/xx'

$RoleID              = 'default'
$SecretID            = 'default'

#Set env variable for vault address
$ENV:VAULT_ADDR = $Vault_Address

function Get-Vault
{
    [CmdletBinding()]
    [Alias()]
    [OutputType([PSCustomObject])]
    Param
    (
        # Server Address
        [Parameter(Position=0)]
        [String]
        $Address = $env:VAULT_ADDR,

        # Client token
        [Parameter(Position=1)]
        [String]
        $Token = $env:VAULT_TOKEN
    )

    [PSCustomObject]@{'uri'= $Address + $prefix
                      'auth_header' = @{'X-Vault-Token'=$Token}
                      } |
    Write-Output

}

它返回以下错误消息：enter image description here

powershell

来源：https://stackoverflow.com/questions/73155177/how-to-connect-to-vault-hashicorp-with-powercli

1条答案

按热度按时间

xnifntxz1#

让我告诉你什么对我有效，希望它能帮助你或其他人。
假设在UI上连接到https://vault.domain/ui/vault/secrets?namespace=myVaultNamespace，并且有一个密钥引擎kvSecretEngine，其中包含路径为PROD的键值密钥：

$namespace = "myVaultNamespace"
$mountpoint = "kvSecretEngine"
$vaultpath = "PROD"

$headers = @{
    'Accept' = 'application/json'
    'X-Vault-Namespace' = $namespace
    'X-Vault-Token' = $vault_token
    }
$uri = "https://vault.domain/v1/$mountpoint/$vaultpath"
$response = Invoke-RestMethod -Method Get -Headers $headers -Uri $uri

$secret = $response.data

$secret将包含一个包含所有秘密键值的JSON。希望能帮上忙。

赞(0）回复(0）举报 2023-05-07

我来回答

powershell 如何使用PowerCLI连接到Vault Hashicorp

1条答案

相关问题

热门标签

最新问答