Getting Nomad ACL token from Vault UI

404 views
Skip to first unread message

Loïc Le Henaff

unread,
Feb 18, 2019, 6:47:29 AM2/18/19
to Vault
Hello,

We are currently integrating Nomad with Vault. We have Vault integrated with our LDAP and we could configure things to be able to get an individual Nomad ACL token from Vault CLI.

We were wondering if we could do the same from Vault UI. When we login in Vault UI, we can see that the Nomad backend is greyed out (even with a root token). Is it something that we can enable? Is it possible to generate a Nomad ACL token directly from the Vault UI or is the only way to go through Vault CLI?

Thanks!
Regards
Loic

Matthew Irish

unread,
Feb 18, 2019, 9:55:46 AM2/18/19
to vault...@googlegroups.com
Hello!

Currently the list of supported secret backends (where supported means they have a full ui that covers most if not all api operations) is limited to kv v1 and v2, cubbyhole, transit, ssh, pki, and aws. We will be adding support for more of these in the future. For now though there is the web cli - its an interface that will let you use most endpoints via the low level vault commands via an interactive prompt in the ui.

 After enabling and configuring the nomad engine, the command to generate a nomad token would be ‘vault write nomad/role-name’ where ‘vault is optional, ‘nomad’ is your mount path, and ‘role-name’ is the role name. To access the web cli, click the shell icon in the upper right of the ui nav.

Hope this helps!
Matthew

--
This mailing list is governed under the HashiCorp Community Guidelines - https://www.hashicorp.com/community-guidelines.html. Behavior in violation of those guidelines may result in your removal from this mailing list.
 
GitHub Issues: https://github.com/hashicorp/vault/issues
IRC: #vault-tool on Freenode
---
You received this message because you are subscribed to the Google Groups "Vault" group.
To unsubscribe from this group and stop receiving emails from it, send an email to vault-tool+...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/vault-tool/94c00e27-f0e8-47a5-b8c3-c1725ab9c953%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Loïc

unread,
Feb 18, 2019, 10:36:47 AM2/18/19
to vault...@googlegroups.com
Thanks Matthew, that's exactly what I needed to know!

Cheers!

To view this discussion on the web visit https://groups.google.com/d/msgid/vault-tool/CAM6U7_PoA86LQEOF0C1-Sy1PDmGS3NzmprCQLH_%2BW6GJk3GdUg%40mail.gmail.com.
Reply all
Reply to author
Forward
0 new messages