How to upload file to vault using http api?
1,710 views
Skip to first unread message
Greg Keys
May 5, 2016, 11:53:47 PM5/5/16
to Vault
I can add files to vault using the cli but Im not sure how to upload a file using the http api, the goal is to add pem files via a simple bash script using curl without having to install any other dependencies
vishal nayak
May 6, 2016, 2:06:06 AM5/6/16
to vault...@googlegroups.com
Hey Greg,
You can do this:
curl -XPOST http://127.0.0.1:8200/v1/path/to/api -d @input_data
Here, `input_data` should be in JSON format.
Whereas via CLI, you often do this:
vault write path/to/api data_field=@data_value
Here, `data_value` may not be JSON, it may just be a string or an integer.
It will be the format of the value expected for "data_field".
Is this what you were looking for?
Hope this helps!
Regards,
Vishal
On Thu, May 5, 2016 at 11:53 PM, Greg Keys <gk...@mumbacloud.com> wrote:
I can add files to vault using the cli but Im not sure how to upload a file using the http api, the goal is to add pem files via a simple bash script using curl without having to install any other dependencies
--
This mailing list is governed under the HashiCorp Community Guidelines - https://www.hashicorp.com/community-guidelines.html. Behavior in violation of those guidelines may result in your removal from this mailing list.
GitHub Issues: https://github.com/hashicorp/vault/issues
IRC: #vault-tool on Freenode
---
You received this message because you are subscribed to the Google Groups "Vault" group.
To unsubscribe from this group and stop receiving emails from it, send an email to vault-tool+...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/vault-tool/7ac3bde9-aafa-4af7-bd05-4724966a0553%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
vn
Greg Keys
May 6, 2016, 4:09:33 AM5/6/16
to Vault
Sort of, I'm trying to add letsencrypt TLS files from a script which doesn't have access to the vault cli, the files are not JSON but pem files, it does work to add them via the cli, but it would be handy to not have to install the cli just to record those files.
David Adams
May 6, 2016, 9:24:48 AM5/6/16
to vault...@googlegroups.com
Greg,
It should work to store the contents of the PEM files in a json document, and then post that. jq (https://stedolan.github.io/jq/) is a great tool for parsing and building JSON documents from the shell. In a bash script you could do something like this:
curl -XPOST localhost:8200/v1/secret/ssl/site.example.com \
-H "X-Vault-Token: 22223333-1111-ffff-8888-ccccddddeeee" \
-d @<( jq -n --arg cert "$( < path/to/site.example.com.crt )" \
--arg key "$( < path/to/site.example.com.key )" \
--arg chain "$( < path/to/site.example.com.chain )" \
"{cert:$cert,key:$key,chain:$chain}" )
Just tested it myself and that seems to work fine.
-dave
To view this discussion on the web visit https://groups.google.com/d/msgid/vault-tool/df533163-4210-42bd-9ae5-6afcf1f059df%40googlegroups.com.
Jeff Mitchell
May 7, 2016, 10:18:03 PM5/7/16
to vault...@googlegroups.com
The Vault CLI is purely a wrapper around the Vault API. You never _need_ to install it -- everything is available via HTTP! :-D
--Jeff
To view this discussion on the web visit https://groups.google.com/d/msgid/vault-tool/CAJ4Phq-htVPCyoDcRixbYs6ZpQUVgA3wJLA2MXsx9B8ZL5mw2g%40mail.gmail.com.
Greg Keys
May 9, 2016, 11:37:27 PM5/9/16
to Vault
Its not working for me, I get errors, I think im going to have to break down and just install the vault client to simplify my life
David Adams
May 10, 2016, 8:57:47 AM5/10/16
to vault...@googlegroups.com
Oh, sorry, I spotted a syntax error in what I gave to you. The very last argument to jq needs to be wrapped in single, not double quotes. Not sure if that's what was causing your problems.
To view this discussion on the web visit https://groups.google.com/d/msgid/vault-tool/221c6df8-8f77-4254-b069-aa7069822f6f%40googlegroups.com.
Jeff Mitchell
May 10, 2016, 10:44:35 AM5/10/16
to vault...@googlegroups.com
Hi Greg,
If you could share the commands you're using and the errors you're getting we can certainly help sort out what's going wrong!
Best,
Jeff
To view this discussion on the web visit https://groups.google.com/d/msgid/vault-tool/CAJ4Phq-o7LMsr1or06JJFnc_kwfwYWZRL37wx_K2BYvHRiqLQQ%40mail.gmail.com.
Francisco Javier Romero Mendiola
Jul 21, 2016, 5:03:15 AM7/21/16
to Vault
What is the max size for upload a file?
Jeff Mitchell
Jul 21, 2016, 7:26:08 AM7/21/16
to vault...@googlegroups.com
Hi Francisco,
We use the default Go limit, which is 10MB.
Best,
Jeff
We use the default Go limit, which is 10MB.
Best,
Jeff
>>> --
>>> This mailing list is governed under the HashiCorp Community Guidelines -
>>> https://www.hashicorp.com/community-guidelines.html. Behavior in violation
>>> of those guidelines may result in your removal from this mailing list.
>>>
>>> GitHub Issues: https://github.com/hashicorp/vault/issues
>>> IRC: #vault-tool on Freenode
>>> ---
>>> You received this message because you are subscribed to the Google Groups
>>> "Vault" group.
>>> To unsubscribe from this group and stop receiving emails from it, send an
>>> email to vault-tool+...@googlegroups.com.
>>> To view this discussion on the web visit
>>> https://groups.google.com/d/msgid/vault-tool/CAJ4Phq-o7LMsr1or06JJFnc_kwfwYWZRL37wx_K2BYvHRiqLQQ%40mail.gmail.com.
>>> For more options, visit https://groups.google.com/d/optout.
>
>>> This mailing list is governed under the HashiCorp Community Guidelines -
>>> https://www.hashicorp.com/community-guidelines.html. Behavior in violation
>>> of those guidelines may result in your removal from this mailing list.
>>>
>>> GitHub Issues: https://github.com/hashicorp/vault/issues
>>> IRC: #vault-tool on Freenode
>>> ---
>>> You received this message because you are subscribed to the Google Groups
>>> "Vault" group.
>>> To unsubscribe from this group and stop receiving emails from it, send an
>>> email to vault-tool+...@googlegroups.com.
>>> To view this discussion on the web visit
>>> https://groups.google.com/d/msgid/vault-tool/CAJ4Phq-o7LMsr1or06JJFnc_kwfwYWZRL37wx_K2BYvHRiqLQQ%40mail.gmail.com.
>>> For more options, visit https://groups.google.com/d/optout.
>
> --
> This mailing list is governed under the HashiCorp Community Guidelines -
> https://www.hashicorp.com/community-guidelines.html. Behavior in violation
> of those guidelines may result in your removal from this mailing list.
>
> GitHub Issues: https://github.com/hashicorp/vault/issues
> IRC: #vault-tool on Freenode
> ---
> You received this message because you are subscribed to the Google Groups
> "Vault" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to vault-tool+...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/vault-tool/2d7bdce9-4fe4-44cc-86c6-50dd51203328%40googlegroups.com.
> This mailing list is governed under the HashiCorp Community Guidelines -
> https://www.hashicorp.com/community-guidelines.html. Behavior in violation
> of those guidelines may result in your removal from this mailing list.
>
> GitHub Issues: https://github.com/hashicorp/vault/issues
> IRC: #vault-tool on Freenode
> ---
> You received this message because you are subscribed to the Google Groups
> "Vault" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to vault-tool+...@googlegroups.com.
> To view this discussion on the web visit
Francisco Javier Romero Mendiola
Jul 21, 2016, 8:45:33 AM7/21/16
to Vault
In case of use Consul, max value size is 512kB, do not?
From Consul doc:
<<Value is a Base64-encoded blob of data. Note that values cannot be larger than 512kB>>
Regards.
Jeff Mitchell
Jul 21, 2016, 9:44:47 AM7/21/16
to vault...@googlegroups.com
Hi Francisco,
You asked about the Vault limit; any limits imposed by a chosen data
store are distinct from limits imposed by Vault.
Best,
Jeff
On Thu, Jul 21, 2016 at 8:45 AM, Francisco Javier Romero Mendiola
> https://groups.google.com/d/msgid/vault-tool/ed2a9746-252b-4676-a1cb-b1798c5a58c3%40googlegroups.com.
You asked about the Vault limit; any limits imposed by a chosen data
store are distinct from limits imposed by Vault.
Best,
Jeff
On Thu, Jul 21, 2016 at 8:45 AM, Francisco Javier Romero Mendiola
Reply all
Reply to author
Forward
0 new messages