Skip to content

scm2342/vault-keycloak-example

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

15 Commits
certs
certs
 
 
tf
tf
 
 
README.md
README.md
 
 
docker-compose.yml
docker-compose.yml
 
 

Repository files navigation

Vault Keycloak example

Do not use this in production. Only demonstration purposes

Steps to reproduce

  1. docker-compose up -d
  2. try login to http://localhost:8080 with admin and foobar
  3. export VAULT_SKIP_VERIFY=1
  4. vault operator init
  5. vault operator unseal
  6. vault login
  7. cd tf && terraform init
  8. cd tf && terraform apply
  9. rm ~/.vault-token
  10. vault login -method=oidc port=8250 with admin and foobar

You are now logged in to vault via keycloak

Mongo

  1. run docker run --rm -ti --network=host mongo mongo mongodb://localhost:27017/admin
  2. run db.foobar.insert({}) verify you don't have access
  3. now run vault read db/mongo/creds/admin
  4. verify you can use the provided credentials with db.foobar.insert({}) on mongo like above

SSH

  1. run vault read -field=public_key ssh/config/ca and save to a file
  2. put that file on ssh server
  3. set TrustedUserCAKeys to that file
  4. login with vault ssh -role servers -mode ca -public-key-path pubkeyfile user@host assuming the agent has your private key loaded

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

1 star

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages