Page MenuHomeDevCentral

Allow to issue Vault token with admin policy
ClosedPublic

Authored by dereckson on Jul 7 2024, 14:23.
Tags
None
Referenced Files
Unknown Object (File)
Sat, Jun 21, 10:04
Unknown Object (File)
Thu, Jun 19, 03:56
Unknown Object (File)
Tue, Jun 17, 12:20
Unknown Object (File)
Sun, Jun 15, 23:49
Unknown Object (File)
Fri, Jun 13, 16:15
Unknown Object (File)
Sat, Jun 7, 17:18
Unknown Object (File)
Fri, Jun 6, 17:32
Unknown Object (File)
Fri, Jun 6, 15:42
Subscribers
None

Details

Summary

Ops need to authenticate to Vault to manage PKI, credentials, mounts, policies.
This is covered by the 'admin' policy.

To facilitate the authentication, this script allows each ops member to issue
such token as a self-service facility.

Usage: sudo utils/vault/issue-admin-token.py [--insecure]

The --insecure argument allows to use this script even if the TLS certificate
has expired. That's required to issue through Vault a new certificate.

Ref T1975

Test Plan

Tested on Complector with sudo utils/vault/issue-admin-token.py
by Dorian and me to get our new tokens.

Diff Detail

Repository
rOPS Nasqueron Operations
Lint
Lint Not Applicable
Unit
Tests Not Applicable