dghadge/vault - database plugin setup

## vault - database plugin setup
$ vault mount database

$ vault write database/config/mysql plugin_name=mysql-database-plugin \
          connection_url="vaultadmin:vaultpass@tcp(127.0.0.1:3306)/"
$ vault write database/roles/readonly sql="CREATE USER '{{name}}'@'%' IDENTIFIED BY '{{password}}'; GRANT SELECT ON *.* TO '{{name}}'@'%';"

$ vault policy-write mysql-readonly mysql-policy.conf
 --------Start : mysql-policy.conf --------------------
          path "sys/*" {
          policy = "deny"
        }
          path "database/config/mysql" {
          policy = "deny"
        }
          path "database/roles/readonly" {
          policy = "read"
          capabilities = ["read"]
        }
--------End : mysql-policy.conf --------------------

$ vault read mysql/roles/readonly
	$ vault mount database

	$ vault write database/config/mysql plugin_name=mysql-database-plugin \
	connection_url="vaultadmin:vaultpass@tcp(127.0.0.1:3306)/"
	$ vault write database/roles/readonly sql="CREATE USER '{{name}}'@'%' IDENTIFIED BY '{{password}}'; GRANT SELECT ON . TO '{{name}}'@'%';"

	$ vault policy-write mysql-readonly mysql-policy.conf
	--------Start : mysql-policy.conf --------------------
	path "sys/*" {
	policy = "deny"
	}
	path "database/config/mysql" {
	policy = "deny"
	}
	path "database/roles/readonly" {
	policy = "read"
	capabilities = ["read"]
	}
	--------End : mysql-policy.conf --------------------

	$ vault read mysql/roles/readonly