Skip to content

kloia/vaultdotnetapp

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1 Commit
.gitignore
.gitignore
 
 
Program.cs
Program.cs
 
 
README.MD
README.MD
 
 
VaultDotNetApp.csproj
VaultDotNetApp.csproj
 
 
VaultDotNetApp.sln
VaultDotNetApp.sln
 
 

Repository files navigation

Setup Vault with AppRole

export VAULT_ADDR='http://127.0.0.1:8200'
export VAULT_TOKEN='some-root-token'
export VAULT_SKIP_VERIFY="true"

vault auth enable approle

vault secrets enable -path='projects-api/secrets' -version=2 kv
vault kv put projects-api/secrets/static 'password=Testing!123'

cat <<EOF > projects-role-policy.hcl
path "projects-api/*" {
  capabilities = ["read"]
}
EOF

vault policy write projects-api ./projects-role-policy.hcl

vault write auth/approle/role/projects-api-role \
          role_id="projects-api-role" \
                token_policies="projects-api" \
                token_ttl=1h \
                token_max_ttl=2h \
                secret_id_num_uses=0

echo "projects-api-role" > role-id
vault write -f -field=secret_id auth/approle/role/projects-api-role/secret-id > secret-id

Install windows agent or run proxy mode

Sample Agent config file

pid_file = "C:/vault/pidfile"

vault {
   address = "http://<ip_addresss>:8200"
   tls_skip_verify = true
}

auto_auth {
  method {
    type = "approle"

    config = {
      role_id_file_path = "C:/vault/role_id.txt"
      secret_id_file_path = "C:/vault/secret_id.txt"
      remove_secret_id_file_after_reading = false
    }
  }


  sink {
    type = "file"
    config = {
      path = "C:/vault/sink.txt"
    }
  }
}

listener "tcp" {
   address     = "127.0.0.1:8100"
   tls_disable = true
}

api_proxy {
   use_auto_auth_token = true
   enforce_consistency = "always"
}

cache {
   //cache_static_secrets = true
}

Proxy Mode

Open Powershell as a administrator.

C:/vault vault.exe proxy -config=C:\vault\agent-config.hcl

Run as Windows Service

Open Powershell as a administrator.

sc.exe create VaultAgent binPath="C:\vault\vault.exe agent -config=C:\vault\agent-config.hcl" displayName="Vault Agent" start=auto

Reference Documents

VaultSharp
https://github.com/rajanadar/VaultSharp

Agent documentation
https://developer.hashicorp.com/vault/tutorials/vault-agent/agent-caching https://developer.hashicorp.com/vault/docs/agent-and-proxy/agent/winsvc https://developer.hashicorp.com/vault/tutorials/vault-agent/agent-quick-start https://developer.hashicorp.com/vault/docs/agent-and-proxy

AppRole Auth
https://developer.hashicorp.com/vault/docs/agent-and-proxy/autoauth/methods/approle

Windows Setup
https://developer.hashicorp.com/vault/downloads#windows https://developer.hashicorp.com/vault/tutorials/app-integration/dotnet-httpclient

About

No description, website, or topics provided.

Resources

Readme
Activity
Custom properties

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages