HomeDevCentral

Allow to issue Vault token with admin policy

Description

Allow to issue Vault token with admin policy

Summary:
Ops need to authenticate to Vault to manage PKI, credentials, mounts, policies.
This is covered by the 'admin' policy.

To facilitate the authentication, this script allows each ops member to issue
such token as a self-service facility.

Usage: sudo utils/vault/issue-admin-token.py [--insecure]

The --insecure argument allows to use this script even if the TLS certificate
has expired. That's required to issue through Vault a new certificate.

Ref T1975

Test Plan:
Tested on Complector with sudo utils/vault/issue-admin-token.py
by Dorian and me to get our new tokens.

Reviewers: DorianWinty

Reviewed By: DorianWinty

Maniphest Tasks: T1975

Differential Revision: https://devcentral.nasqueron.org/D3357

Details

Provenance
derecksonAuthored on Sun, Jul 7, 13:51
derecksonPushed on Tue, Jul 9, 22:33
Reviewer
DorianWinty
Differential Revision
D3357: Allow to issue Vault token with admin policy
Parents
rOPSac101a5a5af9: Require pre-commit itself
Branches
Unknown
Tags
Unknown
Tasks
T1975: Allow ops to login to Vault