Quick Start
This quick start guide provides a comprehensive task listing to download, setup and use the Securosys Secrets Engine plugin. For more detailed instructions consult the Installation and Tutorial section.
- Download and install Hashicorp Vault, if is it not prepared yet.
- Download plugin from Securosys jfrog repository
Login:robot.reader.hashicorpvault
Password:REPLACE_ME_WITH_PASSWORD
- Add to
config.hcl
plugin directory path parameterplugin_directory
, if this parameter already not exits. For example:plugin_directory=/home/test/vault/plugins
- Copy proper plugin binary to plugin directory.
- Run this command
$ vault plugin register -sha256={binary_checksum} secret securosys-hsm
Where:{binary_checksum}
is checksum of the plugin binary
Note
Binary checksum is already generated and stored inside every build version of this plugin
- After successfully registration, run command to enable plugin
$ vault secrets enable securosys-hsm
- The last step is setup configuration to connect with TSB. Example using Bearer Token:
$ vault write securosys-hsm/config
auth="TOKEN"
bearertoken="jwt token string"
restapi="https://primusdev.cloudshsm.com"
Note
More examples of plugin configuration can be found here: Configure the plugin