11/06/2023 1:12 pm
Topic starter Notifications
Clear all
Vault 101
6 Posts
2 Users
0 Likes
78 Views
0
I have a scenario: I have a form that User enters his name then systems retrieves his group (by AD,LDAP or OKTA). Then I want to grant access to this user on some path and create the policy for him. (If it doesn't exist policy and paths are needed to be created ). how can I automate this process? which method is better API or CLI? Can u give examples for both? Should I use bash or any other language like GO, Java, Python? which one is better? Can u pls make a video for this?
1 Answer
0
12/06/2023 10:45 pm
I would use Python for this with the HVAC library for Vault. However, before you go down that path. I recommend you take a look at templated policies. It might be a simple solution to your use case. Check out these 2 links:
Vaultman Topic starter 13/06/2023 2:27 am @sam-gabrailtekanaid-com Can you make a video for this (can be with python)? This is a hot topic on the market as I can see. Automating the granting, updating and deleting access. thx for the prompt reply
Vaultman Topic starter 13/06/2023 11:46 am @sam-gabrailtekanaid-com it seems this is mostly for central template generation. I'm asking for initial path and associated policy creation (delete/update) automation?
Sam Gabrail 14/06/2023 7:58 pm @ibrcakmak, are you looking for a kind of self-service portal where the user puts their AD username, and then the system creates a KV path for them with appropriate policies attached to their auth method so they can create and read secrets at this path?
