Hi, This is my first post on this portal.
What is Vault:
Vault is a tool by which you can securely access you credentials. It is developed by Hashicorp. It is similar to AWS Parameter store. It helps in managing credentials effectively.
Sample Code for CRUD Operations in Vault:
package main
import (
"fmt"
"net/http"
"time"
"github.com/hashicorp/vault/api"
)
var httpClient = &http.Client{
Timeout: 10 * time.Second,
}
func main() {
token := "your token"
vaultAddr := "your url"
client, err := api.NewClient(&api.Config{Address: vaultAddr, HttpClient: httpClient})
if err != nil {
panic(err)
}
client.SetToken(token)
//writing the data
inputData := map[string]interface{}{
"data": map[string]interface{}{
"first": "ankit",
},
}
output, err := client.Logical().Write("secret/data/hello", inputData)
fmt.Println(output)
if err != nil {
panic(err)
}
//reading the data
data, err := client.Logical().Read("secret/data/hello")
if err != nil {
panic(err)
}
fmt.Println(data.Data)
//deleting the data
output, err = client.Logical().Delete("secret/metadata/hello")
fmt.Println(output)
if err != nil {
panic(err)
}
}
Things to Focus here is code
If we look at in this code then it is very easy to miss the write operation. We need to check inputData
and how it is structured because according to golang object type it seems that we should use in this way rather than of how we used it.
inputData := map[string]interface{}{
"first": "ankit",
}
Where should I use Vault?
- It should be used when we are initialising the project.
- All the configurations should be read from Vault or any other secret manager.
- There should be no configurations saved on server.
Read Next - Go - Authenticate Your vault sdk with Kubenetes
Top comments (1)
It's a nice start.
Probably you mean, read the data.