Quick Start
This quick start guide provides a comprehensive task listing to download, setup and use Securosys' Secret Engine plugin for HashiCorp Vault.
-
Download and install Hashicorp Vault
-
Download the Secrets Engine plugin from Securosys' jfrog repository:
Login:robot.reader.hashicorpvault
Password:REPLACE_ME_WITH_PASSWORD
-
Add the
plugin_directory
parameter toconfig.hcl
, if it does not already exit. For example:plugin_directory=/home/test/vault/plugins
-
Copy the appropriate plugin binary to the plugin directory.
-
Run the command
$ vault plugin register -sha256={binary_checksum} secret securosys-hsm
where{binary_checksum}
is checksum of the plugin binary
The binary checksum is pre-generated and stored within each build version of this plugin.
-
After successful registration, run command to enable the plugin
$ vault secrets enable securosys-hsm
-
The final step is to setup the configuration to connect with Transaction Security Broker (TSB). For example, using a Bearer Token:
$ vault write securosys-hsm/config
auth="TOKEN"
bearertoken="jwt token string"
restapi="https://primusdev.cloudshsm.com"
More examples of the plugin configuration can be found here: Configure the plugin
For more detailed instructions, please refer to: