HashiCorp Vault

Basic API Examples

vault_auth.sh

#!/usr/bin/env bash
VAULT_ADDR="https://vault.megacorp.local"
ROLE_ID="00000000-0000-0000-0000-000000000000"
SECRET_ID="ffffffff-ffff-ffff-ffff-ffffffffffff"

TOKEN=$(curl -sX POST "${VAULT_ADDR}/v1/auth/approle/login" \
    --data "{\"role_id\": \"${ROLE_ID}\", \"secret_id\": \"${SECRET_ID}\"}" | jq -r .auth.client_token)

echo "[+] Vault Token: $TOKEN"

vault_list_mounts.sh

#!/usr/bin/env bash
VAULT_ADDR="https://vault.megacorp.local"
TOKEN="<X_VAULT_TOKEN>"

curl -sH "X-Vault-Token: ${TOKEN}" -X GET "${VAULT_ADDR}/v1/sys/mounts" | jq

vault_list_path.sh

#!/usr/bin/env bash
VAULT_ADDR="https://vault.megacorp.local"
TOKEN="<X_VAULT_TOKEN>"

curl -sH "X-Vault-Token: ${TOKEN}" -X LIST "${VAULT_ADDR}/v1/${1}/metadata/" | jq

vault_get_secret.sh

#!/usr/bin/env bash
VAULT_ADDR="https://vault.megacorp.local"
TOKEN="<X_VAULT_TOKEN>"

curl -sH "X-Vault-Token: ${TOKEN}" -X GET "${VAULT_ADDR}/v1/${1}/data/${2}" | jq

vault_revert_token.sh

#!/usr/bin/env bash
VAULT_ADDR="https://vault.megacorp.local"
TOKEN="<X_VAULT_TOKEN>"

curl -sH "X-Vault-Token: ${TOKEN}" -X POST "${VAULT_ADDR}/v1/auth/token/revoke-self"

Last updated 4 months ago