status-im
/
consul
mirror of https://github.com/status-im/consul.git
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

docs: update acl token generation with uuidgen (#12821) 

* update acl token generation with uuidgen
This commit is contained in:
Kyle Schochenmaier 2022-04-21 12:17:24 -05:00 committed by GitHub
parent 5016ccb51e
commit 636ecf7eed
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 13 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
website/content/docs/k8s/installation/vault/data-integration/bootstrap-token.mdx
View File

@ -8,7 +8,7 @@ description: >-
# Storing the ACL Bootstrap Token in Vault # Storing the ACL Bootstrap Token in Vault
## Prerequisites ## Prerequisites
Prior to setting up the data integration between Vault and Consul on Kubernetes, you will need to have: Prior to setting up the data integration between Vault and Consul on Kubernetes, you will need to have:
1. Read and completed the steps in the [Systems Integration](/docs/k8s/installation/vault/systems-integration) section of [Vault as a Secrets Backend](/docs/k8s/installation/vault). 1. Read and completed the steps in the [Systems Integration](/docs/k8s/installation/vault/systems-integration) section of [Vault as a Secrets Backend](/docs/k8s/installation/vault).
2. Read the [Data Integration Overview](/docs/k8s/installation/vault/data-integration) section of [Vault as a Secrets Backend](/docs/k8s/installation/vault). 2. Read the [Data Integration Overview](/docs/k8s/installation/vault/data-integration) section of [Vault as a Secrets Backend](/docs/k8s/installation/vault).
@ -19,18 +19,18 @@ To use an ACL bootstrap token stored in Vault, we will follow the steps outlined
1. Store the secret in Vault. 1. Store the secret in Vault.
1. Create a Vault policy that authorizes the desired level of access to the secret. 1. Create a Vault policy that authorizes the desired level of access to the secret.
### Setup per Consul datacenter ### Setup per Consul datacenter
1. Create Vault Kubernetes auth roles that link the policy to each Consul on Kubernetes service account that requires access. 1. Create Vault Kubernetes auth roles that link the policy to each Consul on Kubernetes service account that requires access.
1. Configure the Vault Kubernetes auth role in the Consul on Kubernetes helm chart. 1. Configure the Vault Kubernetes auth role in the Consul on Kubernetes helm chart.
## One time setup in Vault ## One time setup in Vault
### Store the Secret in Vault ### Generate and Store the Secret in Vault
First, store the ACL bootstrap token in Vault: First, generate and store the ACL bootstrap token in Vault:
```shell-session ```shell-session
$ vault kv put secret/consul/boostrap-token token="<ACL bootstrap Token>" $ vault kv put secret/consul/bootstrap-token token="$(uuidgen | tr '[:upper:]' '[:lower:]')"
``` ```
### Create a Vault policy that authorizes the desired level of access to the secret ### Create a Vault policy that authorizes the desired level of access to the secret

8
website/content/docs/k8s/installation/vault/data-integration/partition-token.mdx
View File

@ -8,7 +8,7 @@ description: >-
# Storing the ACL Partition Token in Vault # Storing the ACL Partition Token in Vault
## Prerequisites ## Prerequisites
Prior to setting up the data integration between Vault and Consul on Kubernetes, you will need to have: Prior to setting up the data integration between Vault and Consul on Kubernetes, you will need to have:
1. Read and completed the steps in the [Systems Integration](/docs/k8s/installation/vault/systems-integration) section of [Vault as a Secrets Backend](/docs/k8s/installation/vault). 1. Read and completed the steps in the [Systems Integration](/docs/k8s/installation/vault/systems-integration) section of [Vault as a Secrets Backend](/docs/k8s/installation/vault).
2. Read the [Data Integration Overview](/docs/k8s/installation/vault/data-integration) section of [Vault as a Secrets Backend](/docs/k8s/installation/vault). 2. Read the [Data Integration Overview](/docs/k8s/installation/vault/data-integration) section of [Vault as a Secrets Backend](/docs/k8s/installation/vault).
@ -24,12 +24,12 @@ To use an ACL partition token stored in Vault, we will follow the steps outlined
1. Configure the Vault Kubernetes auth role in the Consul on Kubernetes helm chart. 1. Configure the Vault Kubernetes auth role in the Consul on Kubernetes helm chart.
## One time setup in Vault ## One time setup in Vault
### Store the Secret in Vault ### Generate and Store the Secret in Vault
First, store the ACL partition token in Vault: First, generate and store the ACL partition token in Vault:
```shell-session ```shell-session
$ vault kv put secret/consul/partition-token token="<ACL partition Token>" $ vault kv put secret/consul/partition-token token="$(uuidgen | tr '[:upper:]' '[:lower:]')"
``` ```
### Create a Vault policy that authorizes the desired level of access to the secret ### Create a Vault policy that authorizes the desired level of access to the secret

8
website/content/docs/k8s/installation/vault/data-integration/replication-token.mdx
View File

@ -8,7 +8,7 @@ description: >-
# Storing the ACL Replication Token in Vault # Storing the ACL Replication Token in Vault
## Prerequisites ## Prerequisites
Prior to setting up the data integration between Vault and Consul on Kubernetes, you will need to have: Prior to setting up the data integration between Vault and Consul on Kubernetes, you will need to have:
1. Read and completed the steps in the [Systems Integration](/docs/k8s/installation/vault/systems-integration) section of [Vault as a Secrets Backend](/docs/k8s/installation/vault). 1. Read and completed the steps in the [Systems Integration](/docs/k8s/installation/vault/systems-integration) section of [Vault as a Secrets Backend](/docs/k8s/installation/vault).
2. Read the [Data Integration Overview](/docs/k8s/installation/vault/data-integration) section of [Vault as a Secrets Backend](/docs/k8s/installation/vault). 2. Read the [Data Integration Overview](/docs/k8s/installation/vault/data-integration) section of [Vault as a Secrets Backend](/docs/k8s/installation/vault).
@ -24,12 +24,12 @@ To use an ACL replication token stored in Vault, we will follow the steps outlin
1. Configure the Vault Kubernetes auth role in the Consul on Kubernetes helm chart. 1. Configure the Vault Kubernetes auth role in the Consul on Kubernetes helm chart.
## One time setup in Vault ## One time setup in Vault
### Store the Secret in Vault ### Generate and Store the Secret in Vault
First, store the ACL replication token in Vault: First, generate and store the ACL replication token in Vault:
```shell-session ```shell-session
$ vault kv put secret/consul/replication-token token="<ACL replication Token>" $ vault kv put secret/consul/replication-token token="$(uuidgen | tr '[:upper:]' '[:lower:]')"
``` ```
### Create a Vault policy that authorizes the desired level of access to the secret ### Create a Vault policy that authorizes the desired level of access to the secret