saltext-vault: Integrate Salt with HashiCorp Vault¶
This Salt Extension provides modules for interacting with Vault by HashiCorp, a secrets and encryption management system. You only need to setup your Salt master, which will then orchestrate minion authentications for you.
OpenBao, a community fork of HashiCorp Vault, is supported as well.
Currently, you can¶
manage and dynamically retrieve secrets from the KV v1 and v2 secret backends
manage Vault policies
manage the Database secret engine
request, renew and monitor short-lived database credentials
manage and issue certificates via the PKI secret engine
manage and issue credentials/certificates via the SSH secret engine
write your own modules on top of the provided utilities
There’s more coming though.
References¶
- What’s Salt?
A remote execution, configuration management and automation system written in Python. See the Salt guide for details.
- What’s Vault?
A self-hostable service that allows you to securely store and retrieve secrets, manage dynamic database credentials, a centralized Public Key Infrastructure and more. See the Vault homepage for details.
The community fork named OpenBao is supported as well.
- Want to contribute?
Come over to our GitHub repo.
- Found a bug or missing a feature?
File a report on our issue tracker.