f63f0912c6
Fixed typo in LetsEncrypt example Removed duplicate Datanet entry from main index.rst Reworked Use Kubernetes CPU Manager Static Policy prerequisite block. Restored fault/index version of FM toctree in top-level index. Added merged doc entries to top level index.rst. Incorporated review comments. Also some generic formatting clean-up such as converting abbreviations to rST-style :abbr: markup. Moved url with embedded substitution out of code-block. Addressed patch 2 review comments. Some addtional rST tidying. See comment replies for open questions/issues. This patch fixes an issue with 'stx' in filenames that may differ downstream using-an-image-from-the-local-docker-registry-in-a-container-spec new substitution and changing code-blocks to parsed-literals as required. Initial submission for review. Note that a couple of references to WR persist in examples. These will be marked up with comments in the review. Signed-off-by: Stone <ronald.stone@windriver.com> Change-Id: I1efef569842caff5def9dc00395b594d91d7a5d0 Signed-off-by: Stone <ronald.stone@windriver.com>
42 lines
1.3 KiB
ReStructuredText
42 lines
1.3 KiB
ReStructuredText
|
|
.. rpr1596551983445
|
|
.. _vault-aware:
|
|
|
|
===========
|
|
Vault Aware
|
|
===========
|
|
|
|
The Vault Aware method involves writing an application to connect directly to
|
|
a Vault server using Vault REST APIs. The Vault REST APIs requires an
|
|
existing Auth method and policy to be created; the specific method depends on
|
|
the client libraries used.
|
|
|
|
The Vault REST API is used to allow an application to read and/or write secrets
|
|
to Vault, provided the applicable policy gives read and/or write permission at
|
|
the specified Vault path. The Vault REST API can be accessed from application
|
|
containers using the Vault endpoint **sva-vault**. Run the following command
|
|
to view Vault endpoints:
|
|
|
|
.. code-block:: none
|
|
|
|
$ kubectl get svc -n vault
|
|
|
|
.. seealso::
|
|
|
|
.. _vault-aware-ul-rlf-zw1-pmb:
|
|
|
|
- Vault REST API:
|
|
|
|
- `https://learn.hashicorp.com/vault/getting-started/apis
|
|
<https://learn.hashicorp.com/vault/getting-started/apis>`__
|
|
|
|
- `https://www.vaultproject.io/api-docs
|
|
<https://www.vaultproject.io/api-docs>`__
|
|
|
|
|
|
- Client libraries: `https://www.vaultproject.io/api/libraries.html
|
|
<https://www.vaultproject.io/api/libraries.html>`__
|
|
|
|
- Connect Vault with Python using the HVAC library:
|
|
`https://github.com/hvac/hvac <https://github.com/hvac/hvac>`__
|