saltext-vault: Integrate Salt with HashiCorp Vault

This Salt Extension provides modules for interacting with Vault by HashiCorp, a secrets and encryption management system. You only need to setup your Salt master, which will then orchestrate minion authentications for you.

Currently, you can

  • manage and dynamically retrieve secrets from the KV v1 and v2 secret backends

  • manage Vault policies

  • manage the Database secret engine

  • request, renew and monitor short-lived database credentials

  • manage and issue certificates via the PKI secret engine

  • manage and issue credentials/certificates via the SSH secret engine

  • write your own modules on top of the provided utilities

There’s more coming though.

References

What’s Salt?

A remote execution, configuration management and automation system written in Python. See the Salt guide for details.

What’s Vault?

A self-hostable service that allows you to securely store and retrieve secrets, manage dynamic database credentials, a centralized Public Key Infrastructure and more. See the Vault homepage for details.

Want to contribute?

Come over to our GitHub repo.

Found a bug or missing a feature?

File a report on our issue tracker.

Indices and tables