get secrets from vault

42 views
Skip to first unread message

prajwal

unread,
Mar 1, 2023, 11:45:27 AM3/1/23
to Puppet Users
Hi ,
 
I am trying to get secrets from vault. 

vault.pp:

$d = Deferred('vault_lookup::lookup', ["secret/data/test", 'https://examplevault.com:8200'])

node default {
  notify { example :
    message => $d
  }
}

The above file will give output :
        Notice: {"data"=>{"city"=>"Bangalore", "name"=>"hari"}, "metadata"=>{"created_time"=>"2023-02-21T06:37:36.463680713Z", "deletion_time"=>"", "destroyed"=>false, "version"=>3}}

but How to get particular data (city and name values)

Thanks,

Monther Yasin

unread,
Mar 2, 2023, 2:02:32 PM3/2/23
to Puppet Users
$d['city']  should give you the city name and this will return the name $d['name'].
message => $d['city']

Aaron Russo

unread,
Mar 2, 2023, 2:26:53 PM3/2/23
to Puppet Users
Don't you need a Deferred call to read into the hash, since it's a Deferred?

We use a Deferred inline_epp to do this:

```
$test = Deferred('vault_lookup::lookup', ["secret/data/test", 'https://examplevault.com:8200'])
node default {
  notify { 'example':
    message => Deferred('inline_epp', ['<%= $test.unwrap[data][city] %>', { 'test' => $test }]),
  }
}
```

I seem to recall seeing some changes to recent stdlib that might make this a bit easier as well.
Reply all
Reply to author
Forward
Message has been deleted
0 new messages