Versions Compared

Version Old Version 1 New Version Current
Changes made by

Gaurav

Gaurav

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  • Configure a role that maps a name in Vault to an SQL statement to execute to create the database credential, make sure that your db_name and database/config/<name> will be same

Code Block
vault write database/roles/insightsvaultrole  db_name=insightsvault creation_statements="CREATE ROLE \"{{name}}\" WITH LOGIN PASSWORD '{{password}}' VALID UNTIL '{{expiration}}';  GRANT SELECT ON ALL TABLES IN SCHEMA public TO \"{{name}}\";" default_ttl="1h"  max_ttl="24h"

...

  • Call following POST API store data 
http://<host>:<port>/v1/sys/raw/<secret Engine from server config>/<clientId>/ serverConfig
Ex:  http://10.10.90.42:8200/v1/sys/raw/database/local/serverConfig
...
http://<host>:<port>/v1/sys/raw/<secret Engine from server config>/<clientId>/ serverConfig
Ex:  http://10.10.90.42:8200/v1/sys/raw/database/local/serverConfig
...
  • Create new user name and password to login to vault API rather than using root token.
  • Unsealed vault and check storage Engine.