21b11b47d6
Completed review comments Minor abbreviation fix Moved topics into its own VNF Integration section Fixed abbreviations Re-organized Kubernetes topics Change-Id: I8940d3572b789990d3b5f2d201f8ec8a46ce2943 Signed-off-by: Keane Lim <keane.lim@windriver.com>
42 lines
1.3 KiB
ReStructuredText
42 lines
1.3 KiB
ReStructuredText
|
|
.. rpr1596551983445
|
|
.. _vault-aware:
|
|
|
|
===========
|
|
Vault Aware
|
|
===========
|
|
|
|
The Vault Aware method involves writing an application to connect directly to
|
|
a Vault server using Vault REST APIs. The Vault REST APIs requires an
|
|
existing Auth method and policy to be created; the specific method depends on
|
|
the client libraries used.
|
|
|
|
The Vault REST API is used to allow an application to read and/or write secrets
|
|
to Vault, provided the applicable policy gives read and/or write permission at
|
|
the specified Vault path. The Vault REST API can be accessed from application
|
|
containers using the Vault endpoint **sva-vault**. Run the following command
|
|
to view Vault endpoints:
|
|
|
|
.. code-block:: none
|
|
|
|
$ kubectl get svc -n vault
|
|
|
|
.. seealso::
|
|
|
|
.. _vault-aware-ul-rlf-zw1-pmb:
|
|
|
|
- Vault REST API:
|
|
|
|
- `https://learn.hashicorp.com/vault/getting-started/apis
|
|
<https://learn.hashicorp.com/vault/getting-started/apis>`__
|
|
|
|
- `https://www.vaultproject.io/api-docs
|
|
<https://www.vaultproject.io/api-docs>`__
|
|
|
|
|
|
- Client libraries: `https://www.vaultproject.io/api/libraries.html
|
|
<https://www.vaultproject.io/api/libraries.html>`__
|
|
|
|
- Connect Vault with Python using the HVAC library:
|
|
`https://github.com/hvac/hvac <https://github.com/hvac/hvac>`__
|