salt.sdb.vault module

Vault SDB Module

maintainer

SaltStack

maturity

New

platform

all

New in version 2016.11.0.

This module allows access to Hashicorp Vault using an sdb:// URI.

Base configuration instructions are documented in the execution module docs. Below are noted extra configuration required for the sdb module, but the base configuration must also be completed.

Like all sdb modules, the vault module requires a configuration profile to be configured in either the minion configuration file or a pillar. This profile requires only setting the driver parameter to vault:

myvault:
  driver: vault

Once configured you can access data using a URL such as:

password: sdb://myvault/secret/passwords/mypassword

In this URL, myvault refers to the configuration profile, secret/passwords is the path where the data resides, and mypassword is the key of the data to return.

The above URI is analogous to running the following vault command:

$ vault read -field=mypassword secret/passwords
salt.sdb.vault.get(key, profile=None)

Get a value from the vault service

salt.sdb.vault.set_(key, value, profile=None)

Set a key/value pair in the vault service