stenio123

This code shows the steps to enable the transit secret engine, configure a key, and use the sign leveraging Vault.

vault secrets enable transit

# Default key type doesn't support signing
vault write -f transit/keys/my-key type=rsa-4096

# Encode a string as base64
echo -n 'This was created by Stenio, you can trust me!' | openssl base64

stenio123

oldContainers="$(docker ps -f "status=exited" | grep -E 'Exited \(.*\) [5-9] h|Exited \(.*\) \d\d h' | awk '{ print $1 }')"

echo -e -n "\nRemoving containers older than 4 hours"

if [ "$oldContainers" != "" ]; then
  echo ""
  docker rm $oldContainers
else
  echo "...none found."
fi

stenio123

Vault Examples

Examples highligthing different Vault features.

To have a list of valid CLI flags, use

vault -h
vault <FEATURE> -h

HA Replication

stenio123

Vault Kubernetes Mutating Hook

This is an example showing how to use mutating admission hooks in kubernetes to automate the addition of init and sidecar containers to pods. This will allow using only one annotation in the deployment to automate retrieval of secrets from Vault.

Environment

Vault

1. Download Vault
2. Execute

vault server -dev -dev-root-token-id=root

stenio123

Big List of Real Estate APIs

Listings / Property Data

####Rets Rabbit http://www.retsrabbit.com

Rets Rabbit removes the nightmare of importing thousands of real estate listings and photos from RETS or ListHub and gives you an easy to use import and Web API server so you can focus on building your listing search powered website or app.

stenio123

Example Azure Terraform Enterprise Workflow

This document describes the steps required to demo an opinionated workflow deploying and managing Azure resources using Terraform Enterprise.

Requirements

In order to complete this demo, you need to have:

• a Terraform Enterprise account
• a git account

Steps

stenio123

# All tokens within Vault have an associated TTL (Root is the exception, having "infinite" TTL).
# For long running services, Vault allows the creation of "periodic tokens".
# These are special types of tokens created for long running services - for example a Jenkins server. 
# We needed to accomodate the fact that every token in Vault needs to have a ttl, however we expect this service to be long 
# lived, therefore it allows us to create a special token that can be renewed indefinitely, allowing a Vault admin to have 
# different max_ttl strategies without impacting long running services. The "period" parameter will work as the TTL for the 
# token, which needs to be renewed within that period. If it doesn't, Vault will not accept requests using that token
# until it is renewed.

# Example, confidering default system max_ttl and default_ttl:

stenio123

#!/bin/bash
defaults write com.oracle.workbench.MySQLWorkbench NSRequiresAquaSystemAppearance -bool yes
echo "Successfully patched!"
echo "Now restart MySQL Workbench to see the Workbench in light theme."
#Restart MySQL Workbench after executing this.

stenio123

# Checkout the bank-vaults project
 2
 3git clone git@github.com:banzaicloud/bank-vaults.git
 4
 5cd bank-vaults
 6
 7# Install the vault-operator and create a Vault instance
 8# with it, which has the Kubernetes auth method configured
 9

stenio123

# Number of requests on Vault
## Author: Ranjit
```
cat ~/vault.log | tr '\n' ',' | sed 's/^/[/' | sed 's/,$/]/' | jq '. | map(select(.type == "request")) | length'
```

## Author: Ancil
```
awk '/"type":"request"/{++cnt} END {print "Count = ", cnt}' vaultaudit.log
```