salt.runners.vault
- maintainer
-
SaltStack
- maturity
-
new
- platform
-
all
Runner functions supporting the Vault modules. Configuration instructions are documented in the execution module docs.
-
Generate a Vault token for minion minion_id
- minion_id
-
The id of the minion that requests a token
- signature
-
Cryptographic signature which validates that the request is indeed sent by the minion (or the master, see impersonated_by_master).
- impersonated_by_master
-
If the master needs to create a token on behalf of the minion, this is True. This happens when the master generates minion pillars.
- ttl
-
Ticket time to live in seconds, 1m minutes, or 2h hrs
- uses
-
Number of times a token can be used
salt.runners.vault.generate_token(minion_id, signature, impersonated_by_master=False, ttl=None, uses=None)
-
Show the Vault policies that are applied to tokens for the given minion
- minion_id
-
The minions id
CLI Example:
salt-run vault.show_policies myminion
salt.runners.vault.show_policies(minion_id)
-
Unseal Vault server
This function uses the 'keys' from the 'vault' configuration to unseal vault server
- vault:
-
- keys:
-
n63/TbrQuL3xaIW7ZZpuXj/tIfnK1/MbVxO4vT3wYD2A
S9OwCvMRhErEA4NVVELYBs6w/Me6+urgUr24xGK44Uy3
F1j4b7JKq850NS6Kboiy5laJ0xY8dWJvB3fcwA+SraYl
1cYtvjKJNDVam9c7HNqJUfINk4PYyAXIpjkpN/sIuzPv
3pPK5X6vGtwLhNOFv1U2elahECz3HpRUfNXJFYLw6lid
CLI Examples:
salt-run vault.unseal
salt.runners.vault.unseal()
© 2021 SaltStack.
Licensed under the Apache License, Version 2.0.
https://docs.saltproject.io/en/latest/ref/runners/all/salt.runners.vault.html