Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/bin/bash
- set -aex
- # Prerequisite:
- # docker pull mysql
- # docker run --name mysql -p 3306:3306 -e MYSQL_ROOT_PASSWORD=password -d mysql:5.7.22
- vault secrets enable database
- vault write database/config/my-mysql-database \
- plugin_name=mysql-database-plugin \
- connection_url="{{username}}:{{password}}@tcp(127.0.0.1:3306)/" \
- allowed_roles="my-role" \
- username="root" \
- password="password"
- vault write database/roles/my-role \
- db_name=my-mysql-database \
- creation_statements="CREATE USER '{{name}}'@'%' IDENTIFIED BY '{{password}}';GRANT SELECT ON *.* TO '{{name}}'@'%';" \
- default_ttl="1h" \
- max_ttl="24h"
- vault read database/creds/my-role
Add Comment
Please, Sign In to add comment