Vault from entry to proficiency series four: use python code to connect to the Vault server, store passwords, and read passwords

News 2023-06-21 19:37:01 views: null

Vault from entry to proficiency series four: use python code to connect to the Vault server, store passwords, and read passwords

1. Create a Vault client
2. Store password
3. Write the complete code of the password
Fourth, the command line to view the password
5. Use the code to view the password

1. Create a Vault client

Initialize a new Vault client that will use token-based authentication for all its requests:

import hvac
import sys



client = hvac.Client(
    url='http://127.0.0.1:8200',
    token='hvs.BvXow4DjJ8VntB57DjQnd2hY',
)

2. Store password

Secrets are sensitive data such as API keys and passwords that we should not store in our code or configuration files. Instead, we want to store such values in Vault.

We'll use the Vault client we just initialized to write the password to Vault as follows:


create_response = client.secrets.kv.v2.create_or_update_secret(
    path='my-secret-password',
    secret=dict(password='Hashi123'),
)

print('Secret written successfully.')

3. Write the complete code of the password

import hvac
import sys

client = hvac.Client(
    url='http://127.0.0.1:8200',
    token='hvs.BvXow4DjJ8VntB57DjQnd2hY',
)

create_response = client.secrets.kv.v2.create_or_update_secret(
    path='my-secret-password',
    secret=dict(password='Hashi123'),
)

print('Secret written successfully.')

Fourth, the command line to view the password

After executing the code, view the password on the command line

Start a new terminal, use the root token

export VAULT_ADDR='http://127.0.0.1:8200'
export VAULT_TOKEN="hvs.BvXow4DjJ8VntB57DjQnd2hY"

View my-secret-password password

vault kv get -mount=secret my-secret-password
========= Secret Path =========
secret/data/my-secret-password

======= Metadata =======
Key                Value
---                -----
created_time       2023-06-19T06:38:47.440087Z
custom_metadata    <nil>
deletion_time      n/a
destroyed          false
version            1

====== Data ======
Key         Value
---         -----
password    Hashi123

5. Use the code to view the password

read_response = client.secrets.kv.read_secret_version(path='my-secret-password')

password = read_response['data']['data']['password']
print(password)

if password != 'Hashi123':
    sys.exit('unexpected password')

print('Access granted!')

Execute the code, the output is as follows:

Hashi123
Access granted!

Guess you like

Origin blog.csdn.net/zhengzaifeidelushang/article/details/131287833

Vault from entry to proficiency series four: use python code to connect to the Vault server, store passwords, and read passwords

Vault from entry to proficiency series 2: Start the Vault server

Vault from entry to proficiency series three: write password, read password, delete password

One of the Vault series from entry to proficiency: In-depth understanding of the security tool Vault, Vault root token and unseal key, and detailed steps to deploy Vault

(16&17) How does the time series database store usernames and passwords & migrate data from InfluxDB OSS

How to securely store passwords

How browsers store passwords

Oracle database from entry to proficiency series nineteen: server process

[python] One hour to master the sys module from entry to proficiency series

Use python batch updates xshell passwords!

Use shiro to encrypt and store passwords in the database (java+springboot+shiro)

Xshell7 and Xftp7 download, install and connect to the server tutorial (very detailed) from zero-based entry to proficiency, it is enough to read this article (with installation package)

Azure Key Vault (2) create and view Azure Key Vault Windows Azure Platform series article directories use Azure Portal

Python crawler from entry to proficiency

From entry to proficiency in RESTful, it is enough to read this article

[Quick Start Series] Use MD5 encryption to encrypt passwords

Ansible from entry to proficiency, from installation to use

Flink from entry to proficiency series (9)

Kylin from entry to proficiency and case practice series

Flink from entry to proficiency series (7)

Flink from entry to proficiency series (5)

Java basics from entry to proficiency series (1)

Flink from entry to proficiency series (3)

Read Google browser to save passwords

Python randomly generated passwords

Randomly generate passwords (Python)

PostMan installation and use tutorial (very detailed) from zero-based entry to proficiency, it is enough to read this article

The use of the requests library (very detailed) from zero-based entry to proficiency, it is enough to read this article

Detailed explanation of ADB installation and use (very detailed) From zero-based entry to proficiency, it is enough to read this article

The latest Python introductory tutorial in 2023 (super detailed), from zero basic entry to proficiency, just read this article

Recommended

Ranking

error: (-215:Assertion failed) !_img.empty() in function ‘cv::imwrite‘

Database migration between Navicat servers

Minimum number of rotation of the array: Array

balenaEtcher for mac (make a boot disk software) v1.5.67

Custom processing serialization and deserialization in jackson

Mu-en-mask system development software

Mastering Regular Expressions

Find mileage Java--

Web pages can not directly concern the public micro-channel number how to do? A key to arouse public concern number of micro-channel solutions

[CodeForces - 739B] Alyona and a tree Tree + [difference] + bipartite

Daily

More

2024-05-12(28)

2024-05-11(32)

2024-05-10(34)

2024-05-09(32)

2024-05-08(18)

2024-05-07(34)

2024-05-06(6)

2024-05-05(0)

2024-05-04(18)

2024-05-03(8)