Add unwrap and wrap scripts for handling wrapped secrets in Vault
This commit is contained in:
10
bin/unwrap.sh
Executable file
10
bin/unwrap.sh
Executable file
@@ -0,0 +1,10 @@
|
|||||||
|
#!/usr/bin/env bash
|
||||||
|
|
||||||
|
# Usage: ./unwrap.sh <VAULT_TOKEN>
|
||||||
|
# This script unwraps a wrapped secret in HashiCorp Vault using the provided token.
|
||||||
|
|
||||||
|
curl -s -X PUT \
|
||||||
|
-H "X-Vault-Token: $1" \
|
||||||
|
-H "X-Vault-Request: true" \
|
||||||
|
-d 'null' \
|
||||||
|
https://vault.koszewscy.waw.pl/v1/sys/wrapping/unwrap | jq '.data'
|
||||||
10
bin/wrap.sh
Executable file
10
bin/wrap.sh
Executable file
@@ -0,0 +1,10 @@
|
|||||||
|
#!/usr/bin/env bash
|
||||||
|
|
||||||
|
DEFAULT_TTL="60"
|
||||||
|
|
||||||
|
curl \
|
||||||
|
--header "X-Vault-Token: $VAULT_TOKEN" \
|
||||||
|
--header "X-Vault-Wrap-TTL: $DEFAULT_TTL" \
|
||||||
|
--request POST \
|
||||||
|
--data "$1" \
|
||||||
|
$VAULT_ADDR/v1/sys/wrapping/wrap | jq
|
||||||
Reference in New Issue
Block a user