API tools faq
paste
Guest User

Untitled

a guest
Nov 18th, 2017
85
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 0.72 KB | None | 0 0
raw download clone embed print report
  1. #!/bin/bash
  2.  
  3. echo 'path "secret/foo" { capabilities = ["create", "update", "read", "delete", "list"] mfa_methods = ["okta"] }' | vault policy-write test -
  4. vault auth-enable userpass
  5. vault write auth/userpass/users/jeffrey.mitchell password=foo policies=test
  6. newtoken=$(vault auth -token-only -method=userpass username=jeffrey.mitchell password=foo)
  7. entity=$(vault write -format=json auth/token/lookup token=$newtoken | jq -r '.data.entity_id')
  8. accessor=$(vault read -format=json identity/entity/id/$entity | jq -r '.data["personas"][0].mount_accessor')
  9. vault write sys/mfa/method/okta/okta mount_accessor=$accessor org_name="dev-262665" api_token="0081u8KrReNkzmGTLJAP2oDyIXwwveqx9vIOEyCZDC"
  10. export VAULT_TOKEN=$newtoken
  11. vault read secret/foo
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!