bikranz4u/getting-started-with-hashicorp-vault-in-simple-steps.md

## getting-started-with-hashicorp-vault-in-simple-steps.md

      
    Raw
  

              getting-started-with-hashicorp-vault-in-simple-steps.md
            
          
    Install Vault

Download Vault

wget https://releases.hashicorp.com/vault/0.8.3/vault_0.8.3_linux_amd64.zip

Install unzip package and unzip the package

apt install unzip
unzip vault_0.8.3_linux_amd64.zip

Move vault to path

sudo mv vault /usr/bin

Check if vault is running okay

vault version

Place for Vault configuration

sudo mkdir /etc/vault.d 

Create a server config file

sudo touch /etc/vault.d/server.hcl

Contents of the server.hcl

storage "file" {
  path = "/mnt/vault/data"
}
listener "tcp" {
 address = "127.0.0.1:8200"
 tls_disable = 1
}

Start the server (Ideally services file)

vault server -config /etc/vault.d/server.hcl

Client access (On a new terminal, leave the other one as it is)

Export the VAULT_ADDR
export VAULT_ADDR=http://127.0.0.0.1:8200

vault init

Output of the command (Your will differ)

Unseal Key 1: Dg4b+HyyfOWOAveHdYXxZlZQSni9AKKR9QhjYSuHDhl2
Unseal Key 2: ZokjX02fcfEw6Cn6mvRIMATKbMY0IQ5qlbwwn+afAQMj
Unseal Key 3: uEhK3geZKMj4Oi7m2916GLHLIPgRojm8XsFkfglZGqtB
Unseal Key 4: LiX6Ei+mrX+SE87fe74dqt1mA8fFGeCRBX4lvCIyao9l
Unseal Key 5: kMynTwrBxFAsee2HNc13odq47Ir9L6o+oLlnlUO2StEr
Initial Root Token: 3debacdf-f513-8952-8bdf-f6b6e6cf16f5

Export the VAULT TOKEN

export VAULT_TOKEN=3debacdf-f513-8952-8bdf-f6b6e6cf16f5

Create your first secret and store it in the vault

vault write secret/password value=badpassword

Read your secret

vault read secret/password

Generate 20 random passwords

for i in `seq 1 20`
do
vault write secret/password$i value=`openssl rand -base64 24`
done

Read the randomly generated passwords

for i in `seq 1 20`
do
vault read secret/password$i
done

Write a JSON value

echo -n '{"value":"itsasecret"}' | vault write secret/password -