en-us/about_SecretManagement.Hashicorp.Vault.KV.Extension.Help.txt
|
TOPIC about_SecretManagement.Hashicorp.Vault.KV.Extension SHORT DESCRIPTION Guide for using the Hashicorp Vault KV SecretManagement extension LONG DESCRIPTION QUICKSTART When registering a vault you need to provide at least these options: Register-SecretVault -ModuleName SecretManagement.Hashicorp.Vault.KV -Name PowerShellTest -VaultParameters @{ VaultServer = 'http://vault.domain.local:8200'; VaultAuthType = 'Token'} The vault name should match exactly as Hashicorp vault is case sensitive. If no VaultParameters are provided the functions will prompt you on the first execution in your session. Additionally you may provide which version of KV you are using when registering. It defaults to version 2 of KV. If you are wanting to run against a version 1 KV $VaultParameters = @{ VaultServer = 'https://vault-cluster.domain.local' VaultAuthType="userpass" KVVersion = 'v1'} Register-SecretVault -ModuleName SecretManagement.Hashicorp.Vault.KV -Name PowerShellTest -VaultParameters $VaultParameters KV Version 2 distinctions - Get-Secret only retrieves the newest secret - Get-SecretInfo retrieves the Hashicorp Metadata. - Set-Secret Adds/Updates without CheckAndSet. Althought it can be passed with `-Metadata @{cas=<versionNumber>}` - Remove-Secret Completely Removes the secret and all versions REGISTRATION PARAMETERS When registering a vault in SecretManagement there are several options you may provide: VaultServer - The base URL to the Vault instance (example: https://something.org:8200) VaultAuthType - The type of auth you will use to retrieve a token VaultToken - The Vault Token you are using. This must be input as ConvertFrom-SecureString output. VaultAPIVersion - Defaults to v1 KVVersion - Defaults to v2 SUPPORTED AUTHENTICATION TYPES Hashicorp supports multiple ways of authenticating to retrieve a token. This extension currently only supports the following: AppRole LDAP UserPass Token KEYWORDS SecretManagement HashiCorp Secret Vault SEEALSO https://www.vaultproject.io/docs/secrets/kv |