-
Notifications
You must be signed in to change notification settings - Fork 1
Proxysql Plugins
$ vault secrets disable database
$ vault secrets enable database
$ vault plugin info database mysql-database-plugin
$ vault write database/config/mysql-database
plugin_name=mysql-database-plugin
connection_url="{{username}}:{{password}}@tcp(127.0.0.1:3306)/"
allowed_roles="vault-mysql-role"
username="admin"
password="admin"
$ vault write database/roles/vault-mysql-role
db_name=mysql-database
creation_statements="CREATE USER '{{name}}'@'%' IDENTIFIED BY '{{password}}';GRANT SELECT ON . TO '{{name}}'@'%';"
default_ttl="1h"
max_ttl="24h"
$ vault read database/creds/vault-mysql-role
$ vault plugin info database proxysql-database-plugin
$ vault write database/config/proxysql-database
plugin_name=proxysql-database-plugin
connection_url="{{username}}:{{password}}@tcp(127.0.0.1:6032)/"
allowed_roles="vault-proxysql-role"
username="root"
password="root"
$ vault write database/roles/vault-proxysql-role
db_name=proxysql-database
creation_statements="INSERT INTO mysql_users (username,password) VALUES ('{{name}}','{{password}}'); LOAD MYSQL USERS TO RUNTIME; SAVE MYSQL USERS TO DISK;"
default_ttl="1h"
max_ttl="24h"
$ vault write database/roles/vault-proxysql-role
db_name=proxysql-database
creation_statements="UPDATE GLOBAL_VARIABLES SET variable_vaule = 'admin:admin;root:root;{{name}}:{{password}}' WHERE variable_name = 'admin-admin_credentials'; LOAD ADMIN VARIABLES TO RUNTIME;"
default_ttl="1h"
max_ttl="24h"
$ vault read database/roles/vault-proxysql-role
$ vault read database/creds/vault-proxysql-role