56 lines
1.2 KiB
Bash
Executable File
56 lines
1.2 KiB
Bash
Executable File
#!/bin/bash
|
||
# Vault开发环境快速开始指南
|
||
|
||
echo "===== Vault开发环境快速开始 ====="
|
||
|
||
# 1. 设置环境变量
|
||
echo "1. 设置环境变量"
|
||
source /root/mgmt/security/secrets/vault/dev/vault_env.sh
|
||
echo "VAULT_ADDR: $VAULT_ADDR"
|
||
echo "VAULT_TOKEN: $VAULT_TOKEN"
|
||
|
||
# 2. 检查Vault状态
|
||
echo ""
|
||
echo "2. 检查Vault状态"
|
||
vault status
|
||
|
||
# 3. 存储密钥值
|
||
echo ""
|
||
echo "3. 存储密钥值"
|
||
vault kv put secret/example/api_key value="my_secret_api_key_12345"
|
||
|
||
# 4. 读取密钥值
|
||
echo ""
|
||
echo "4. 读取密钥值"
|
||
vault kv get secret/example/api_key
|
||
|
||
# 5. 列出密钥路径
|
||
echo ""
|
||
echo "5. 列出密钥路径"
|
||
vault kv list secret/example/
|
||
|
||
# 6. 创建策略示例
|
||
echo ""
|
||
echo "6. 创建示例策略"
|
||
cat > /tmp/example-policy.hcl << EOF
|
||
# 示例策略 - 允许读取secret/example路径下的密钥
|
||
path "secret/example/*" {
|
||
capabilities = ["read", "list"]
|
||
}
|
||
|
||
# 允许列出密钥引擎
|
||
path "sys/mounts" {
|
||
capabilities = ["read"]
|
||
}
|
||
EOF
|
||
|
||
vault policy write example-policy /tmp/example-policy.hcl
|
||
|
||
# 7. 创建有限权限令牌
|
||
echo ""
|
||
echo "7. 创建有限权限令牌"
|
||
vault token create -policy=example-policy
|
||
|
||
echo ""
|
||
echo "===== Vault开发环境快速开始完成 ====="
|
||
echo "您现在可以开始在开发环境中使用Vault了!" |