This plugin provides a possibility to fetch secrets from a Vault server and use them as Rudder variables directly on the agent. The Rudder server itself does not need to have access to the Vault.
Edit the configuration file in
/var/rudder/plugin-resources/vault.jsonon each agent. This config file must contain the address of your Vault server, credentials to access it and the auth mode you want to use. A sample config is in
Use the Variable from vault generic method in Rudder to fetch secrets.
Make sure the agents the generic method is being used on have a proper
vault.json configuration. A sample config is provided at
/opt/rudder/share/plugins/vault/sample_vault.json. This file needs your
Vault server address, the configuration for at least one auth mode, and
the name of the auth mode to be used. Auth modes can be