vault-静态密码kv - 少年老余

一、创建kv：

1.登录http://10.1.50.41:32200/ui

激活kv

创建路径

创建secret

创建secret 路径，输入key value

查看：

可以json或者小眼睛

二、给user创建token：

1.创建policy

输入name

策略，注意kv-v1根据实际情况修改

path "kv-v1/*" {

capabilities = [ "read", "update", "list" ]

}

注：实际工作参考：

path "kv/" {  capabilities = ["read","list"]} 
path "kv/metadata/" {  capabilities = ["read","list"]}
path "kv/+/wfm4/" {  capabilities = ["read","list"]}
path "kv/+/wfm4/hr/" {  capabilities = ["read","list","create","update", "delete"]} 
path "kv/+/wfm4/hr/*" {  capabilities = ["read","list","create","update", "delete"]}

2.创建token，把token信息给开发

vault write auth/token/create policies=test

发表于 2021-11-24 11:45 少年老余阅读(153) 评论(0) 收藏举报