jefferai/find_destroy_consul_tokens.sh

## find_destroy_consul_tokens.sh
#!/bin/bash

# Tested with jq 1.5. Should work with jq >= 1.4.

# Note: this script is an example to show how tokens can be listed
# and managed by jq into a removal function. You should not use this
# script as-is, in particular without examining the list output to
# exclude unwanted tokens from being removed. For instance, if
# your management token for Vault itself (storage, or the Consul
# dynamic backend) has a name that begins with "Vault", this
# script will not differentiate.

set -e

CONSUL_TOKEN="test"
CONSUL_ADDR="http://127.0.0.1:8500"

for i in $(curl -s -X GET -H "X-Consul-Token: ${CONSUL_TOKEN}" "${CONSUL_ADDR}/v1/acl/list" | jq -r 'map(select(.Name | startswith("Vault")))|.[].ID')
  do
    echo "${i}"
    # Commented out for safety
    #curl -X PUT -H "X-Consul-Token: ${CONSUL_TOKEN}" "${CONSUL_ADDR}/v1/acl/destroy/${i}"
  done
	#!/bin/bash

	# Tested with jq 1.5. Should work with jq >= 1.4.

	# Note: this script is an example to show how tokens can be listed
	# and managed by jq into a removal function. You should not use this
	# script as-is, in particular without examining the list output to
	# exclude unwanted tokens from being removed. For instance, if
	# your management token for Vault itself (storage, or the Consul
	# dynamic backend) has a name that begins with "Vault", this
	# script will not differentiate.

	set -e

	CONSUL_TOKEN="test"
	CONSUL_ADDR="http://127.0.0.1:8500"

	for i in $(curl -s -X GET -H "X-Consul-Token: ${CONSUL_TOKEN}" "${CONSUL_ADDR}/v1/acl/list" \| jq -r 'map(select(.Name \| startswith("Vault")))\|.[].ID')
	do
	echo "${i}"
	# Commented out for safety
	#curl -X PUT -H "X-Consul-Token: ${CONSUL_TOKEN}" "${CONSUL_ADDR}/v1/acl/destroy/${i}"
	done