Vault 是一个很不错的访问控制,secret api key 管理工具
新的0.10 有好多新的功能的添加,最棒的是有一个web ui 了
包含的新特性如下:
- K/V Secrets Engine v2 with Secret Versioning: Vault's Key-Value Secrets Engine now supports additional features, including secret versioning and check-and-set operations.
- Open Source Vault Web UI: The previously Enterprise-only UI has been made open source and is now released in all versions of Vault along with many enhancements.
- Root DB Credential Rotation: Root/admin credentials for databases controlled by Vault's Combined DB secrets engine can now be securely rotated with only Vault knowing the new credentials.
- Azure Auth Method: Azure Machines can now log into Vault via their Azure Active Directory credentials.
- GCP Secrets Engine: Vault can now create dynamic IAM credentials for accessing Google Cloud Platform environments.
安装
mac os
- 下载
wget https://releases.hashicorp.com/vault/0.11.1/vault_0.11.1_darwin_amd64.zip- 启动
./vault server --dev- 启动效果
登陆token从控制台获取
参考资料
https://www.hashicorp.com/blog/vault-0-10/