Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/bin/bash
- echo 'path "secret/foo" { capabilities = ["create", "update", "read", "delete", "list"] mfa_methods = ["okta"] }' | vault policy-write test -
- vault auth-enable userpass
- vault write auth/userpass/users/jeffrey.mitchell password=foo policies=test
- newtoken=$(vault auth -token-only -method=userpass username=jeffrey.mitchell password=foo)
- entity=$(vault write -format=json auth/token/lookup token=$newtoken | jq -r '.data.entity_id')
- accessor=$(vault read -format=json identity/entity/id/$entity | jq -r '.data["personas"][0].mount_accessor')
- vault write sys/mfa/method/okta/okta mount_accessor=$accessor org_name="dev-262665" api_token="0081u8KrReNkzmGTLJAP2oDyIXwwveqx9vIOEyCZDC"
- export VAULT_TOKEN=$newtoken
- vault read secret/foo
Add Comment
Please, Sign In to add comment