scottk/vault
1
0
Fork 0
mirror of https://github.com/optim-enterprises-bv/vault.git synced 2025-12-08 21:15:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

Integrate password policies into RabbitMQ secret engine (#9143)

Browse Source 
* Add password policies to RabbitMQ & update docs
* Also updates some parts of the password policies to aid/fix testing
This commit is contained in:
Michael Golowka
2020-06-11 16:08:20 -06:00
committed by GitHub
parent 8cabb11b48
commit b2441efd37
13 changed files with 262 additions and 79 deletions
Download Patch File Download Diff File Expand all files Collapse all files

93
website/pages/api-docs/secret/rabbitmq/index.mdx
View File

@@ -26,17 +26,16 @@ RabbitMQ.
### Parameters
- `connection_uri` `(string: <required>)`  Specifies the RabbitMQ connection
URI.
- `connection_uri` `(string: <required>)`  Specifies the RabbitMQ connection URI.
- `username` `(string: <required>)` Specifies the RabbitMQ management
administrator username.
- `username` `(string: <required>)` Specifies the RabbitMQ management administrator username.
- `password` `(string: <required>)`  Specifies the RabbitMQ management
administrator password.
- `password` `(string: <required>)`  Specifies the RabbitMQ management administrator password.
- `verify_connection` `(bool: true)`  Specifies whether to verify connection
URI, username, and password.
- `verify_connection` `(bool: true)`  Specifies whether to verify connection URI, username, and password.
- `password_policy` `(string: "")` - Specifies a [password policy](/docs/concepts/password-policies) to
use when creating dynamic credentials. Defaults to generating an alphanumeric password if not set.
### Sample Payload
@@ -44,12 +43,16 @@ RabbitMQ.
{
"connection_uri": "https://...",
"username": "user",
"password": "password"
"password": "password",
"password_policy": "rabbitmq_policy"
}
```
### Sample Request
<Tabs>
<Tab heading="cURL">
```shell-session
$ curl \
--header "X-Vault-Token: ..." \
@@ -57,6 +60,18 @@ $ curl \
--data @payload.json \
http://127.0.0.1:8200/v1/rabbitmq/config/connection
```
</Tab>
<Tab heading="CLI">
```shell-session
$ vault write rabbitmq/config/connection \
connection_uri="http://localhost:8080" \
username="user" \
password="password" \
password_policy="rabbitmq_policy"
```
</Tab>
</Tabs>
## Configure Lease
@@ -83,6 +98,9 @@ This endpoint configures the lease settings for generated credentials.
### Sample Request
<Tabs>
<Tab heading="cURL">
```shell-session
$ curl \
--header "X-Vault-Token: ..." \
@@ -90,6 +108,16 @@ $ curl \
--data @payload.json \
http://127.0.0.1:8200/v1/rabbitmq/config/lease
```
</Tab>
<Tab heading="CLI">
```shell-session
$ vault write rabbitmq/config/lease \
ttl=1800 \
max_ttl=3600
```
</Tab>
</Tabs>
## Create Role
@@ -124,6 +152,9 @@ This endpoint creates or updates the role definition.
### Sample Request
<Tabs>
<Tab heading="cURL">
```shell-session
$ curl \
--header "X-Vault-Token: ..." \
@@ -131,6 +162,17 @@ $ curl \
--data @payload.json \
http://127.0.0.1:8200/v1/rabbitmq/roles/my-role
```
</Tab>
<Tab heading="CLI">
```shell-session
$ vault write rabbitmq/roles/my-role \
tags="tag1,tag2" \
vhosts="..." \
vhost_topics="..."
```
</Tab>
</Tabs>
## Read Role
@@ -147,11 +189,22 @@ This endpoint queries the role definition.
### Sample Request
<Tabs>
<Tab heading="cURL">
```shell-session
$ curl \
--header "X-Vault-Token: ..." \
http://127.0.0.1:8200/v1/rabbitmq/roles/my-role
```
</Tab>
<Tab heading="CLI">
```shell-session
$ vault read rabbitmq/roles/my-role
```
</Tab>
</Tabs>
### Sample Response
@@ -180,12 +233,23 @@ This endpoint deletes the role definition.
### Sample Request
<Tabs>
<Tab heading="cURL">
```shell-session
$ curl \
--header "X-Vault-Token: ..." \
--request DELETE \
http://127.0.0.1:8200/v1/rabbitmq/roles/my-role
```
</Tab>
<Tab heading="CLI">
```shell-session
vault delete rabbitmq/roles/my-role
```
</Tab>
</Tabs>
## Generate Credentials
@@ -203,11 +267,22 @@ role.
### Sample Request
<Tabs>
<Tab heading="cURL">
```shell-session
$ curl \
--header "X-Vault-Token: ..." \
http://127.0.0.1:8200/v1/rabbitmq/creds/my-role
```
</Tab>
<Tab heading="CLI">
```shell-session
$ vault read rabbitmq/creds/my-role
```
</Tab>
</Tabs>
### Sample Response