Python Application that reads secrets out of Vaults and returns them via web interface
Switch branches/tags
Nothing to show
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
README.md
exvault.conf
pyvault.py
returnkey.py
vaultinit.py

README.md

PyVault:

[X] Set up Vault

[X] Learn about the requests library

[X] Learn how to get a client token returned so the root token won't be used

[X] Create something that reads a secret out of Vault and returns it (Python)

[X] Make it accessible via a web interface

[ ] Refactor so it's not as gross

[ ] Add ability to write keysÂ

[ ] Add ability to grab any key you want

Setup Steps:

  • Install Vault

  • Start your vault server with something like vault server -config=exvault.conf

  • Visit http://localhost:8080/pyvault in your browser

  • Celebrate!

Questions, Issues, etc:

What is a secret: Things you don't want to be exposed, database credentials, SSL certificates, etc

What is secret management? Secret management centralizes sensitive information. There are many different services that provide this like Crypt, Conjur, and Configuration Storage Systems like Consul or etcd.

Why do we need this? In the past there was one hero who had access to all the passwords. This made it difficult for anyone else to get access to these applications. But managing passwords, making sure they're all a certain length containing certain special characters, and managing access is a hard challenge. Secret management makes it so you can restrict and grant access when you need to, as well as change passwords without having to tell the whole organization.