Skip to content

Instantly share code, notes, and snippets.

View vincentramirez's full-sized avatar

Vinnie Ramirez vincentramirez

9 followers · 0 following
View GitHub Profile
@vincentramirez
vincentramirez / pcfauth.md
Created April 24, 2020 17:13
PCF Auth method info

Vault Cloud Foundry (CF) Authentication Configuration - Recommended Pattern

The objective of this document is to provide a thorough understanding of how Vault interacts with CF using the CF Authentication Method. It will also provide various methods for utilizing the CF auth method in the CF platform.

Prerequisites

It is assumed that there is a [Cloud Foundry][] (or [Pivotal Platform][]) instance available and a Vault (Open Source or Enterprise) cluster available. The CF platform must also support Instance Identity Credentials

Glossary

@vincentramirez
vincentramirez / consul_geo_failover_demo.md
Last active December 18, 2019 09:43
HashiCorp Consul Geo-Failover demo

This is a setp-by-step guide to help demonstrate the use of the HashiCorp Consul to provide automated geo-failover capability for a basic microservices based application.

Pre-reqs:

Terraform Open Source, v.0.12.17+
Git
A registered trial account with Packet.com
Basic understanding of linux commands and ssh and the use of public and private RSA keys
I am a Mac user and levarage my RSA keys located in ~/.ssh
The Packet free trial also provides information on the use of RSA keys
as a secure method for gaining ssh access to a remote linux server

Deploy the demo environment

@vincentramirez
vincentramirez / vaultdbengdemo.md
Last active May 8, 2021 18:16
HashiCorp Vault database engine demo

This is a setp-by-step guide to help demonstrate the use of the HashiCorp Vault database secrets engine with LDAP authentication, as well as a demonstration of Control Groups. The guide is written for Mac users to perform this demo locally.

Pre-reqs:

A fairly current version of Mac OS (v10.13.6 at time of this guide)
Docker (v18.09.2 at time of this guide)
Git
Vault binary (v1.1.1 at the time of this guide)
Optional Vault enterprise binary to demonstrate Control Groups
download the open source binary https://www.vaultproject.io/downloads.html
or contact HashiCorp to get access to an enterprise trial https://www.hashicorp.com/go/vault-enterprise

Run a local instance of Vault

@vincentramirez
vincentramirez / Lab01_consul_learn.md
Last active March 27, 2019 11:11
HashiCorp Consul Learn Lab01

This is a guide to supliment the https://learn.hashicorp.com/consul/ content

You will be given a list of IP address that you can use for the lab exercises

To access the vm's you will need the IP address and a copy of the private key your instructure created

On your local system perform the following

cd /tmp
mkdir keys
cd /tmp/keys
vi lab_rsa
@vincentramirez
vincentramirez / vaultnamespacepolicy.md
Last active June 13, 2020 00:10
Creating a HashiCorp Vault namespace with an admin ACL policy to grant full admin access to the individual namespace

These steps assume you are running at Vault v.0.11.0 or higher

Create new namespace:

Log into the root namespace via the Vault UI (root token)

Make sure you are in the root name space

Click on Access > Namespaces >create a namespace >

Create secrets engine and secret in the new namespace: