Hashicorp Vault

Introduction

This guide will show you how to use Hashicorp Vault KV Secrets Engine - Version 2 to manage configurations via the Configu interface. Learn about the concept of stores.

Working with the store

CLI installation

Linux
MacOs
Windows
1curl https://cli.configu.com/install.sh | sh

CLI usage

Create the store URI as follows:

hashicorp-vault://[token]@[address]?[engine=][&protocol=]

Environment variables:

  • VAULT_ADDR: The address of the vault.
  • VAULT_TOKEN: Authentication token for accessing the vault.

CLI Upsert

configu upsert --set "example" --schema "example.cfgu.json" --store "hashicorp-vault:// token@127.0.0.1:8200?engine=example&protocol=http" --config "FOO=value" --config "BAR=bar"

CLI Export

configu export --set "example" --schema "example.cfgu.json" --store "hashicorp-vault:// token@127.0.0.1:8200?engine=example&protocol=http" --format "Dotenv"

CLI Delete

configu delete --set "example" --schema "example.cfgu.json" --store --store "hashicorp-vault:// token@127.0.0.1:8200?engine=example&protocol=http"

SDK installation

Install the node.js SDK

// * Using yarn
yarn add @configu/node
// * Using npm
npm install --save @configu/node

SDK usage

import { Cfgu, Set, UpsertCommand, EvalCommand, DeleteCommand, HashiCorpVaultStore} from "@configu/node";
import path from "path";

const store = new HashiCorpVaultStore({ address, token, engine});
const schema = new Cfgu(path.resolve(__dirname, "./example.cfgu.json"));
const set = new Set("dev");

// * Example upsert command
await new UpsertCommand({ store, set, schema, configs: [{ key: "foo", value: "bar" }] }).run();

// * Example eval command
const configs = await new EvalCommand({ store, set, schema }).run();

// * Example delete command
await new DeleteCommand({ store, set, schema }).run();

References

To reference a value from this store, use the following reference format:

{{hashicorp-vault://<engine>@[set/]<schema>[.key][?key=[key]]}}

Example:

{{hashicorp-vault://engine@example-set/example-schema.foo}}