GithubHelp home page GithubHelp logo

trendyol / vault-couchbase-database-plugin Goto Github PK

View Code? Open in Web Editor NEW
3.0 9.0 1.0 4.83 MB

๐Ÿ“ฎ Custom Vault database plugin for generating dynamic credentials on Couchbase server

License: MIT License

Shell 0.78% Go 99.22%
couchbase vault vault-database vault-plugins dynamic-secrets dynamic-credentials

vault-couchbase-database-plugin's Introduction

vault-couchbase-database-plugin

Couchbase has no supported plugins for the Vault database secrets engine. This is a custom Vault plugin which is used for generating database credentials dynamically based on configured roles for the Couchbase.

Usage:

vault write sys/plugins/catalog/database/couchbase-database-plugin \
    sha256=<SHA256 sum of plugin binary> \
    command="couchbase-database-plugin"

Note: You can generate the sha256 sum of binary by executing 'sha256sum -b couchbase-database-plugin'

  • Enable the database secrets engine;
vault secrets enable -path=couchbase database
  • Configure Vault with the couchbase plugin and the connection information;

Note: bucket can be any bucket on your cluster. It is only needed because you cannot perform cluster level operations without opening a bucket on Couchbase servers version lesser than 6.5.

vault write couchbase/config/example-db \
    plugin_name=couchbase-database-plugin \
    allowed_roles="example-app" \
    connection_string="couchbase://<cb-node-ip-1>,<cb-node-ip-2>" \
    username="<couchbase-admin-username>" \
    password="<couchbase-admin-password>" \
    bucket="<bucket-name>"
vault write couchbase/roles/example-app \
    db_name=example-db \
    creation_statements="{\"roles\": [{\"role\": \"bucket_full_access\",\"bucket_name\": \"Products\"}]}" \
    default_ttl="1h" \
    max_ttl="24h"
  • Generate and read a new credential;
vault read couchbase/creds/example-app

For more information about vault custom database plugins; https://www.vaultproject.io/docs/secrets/databases/custom/ https://www.vaultproject.io/docs/internals/plugins/

vault-couchbase-database-plugin's People

Contributors

yilmazo avatar

Stargazers

avatar avatar avatar

Watchers

avatar avatar avatar avatar avatar avatar avatar avatar avatar

vault-couchbase-database-plugin's Issues

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.