mirror of
https://github.com/openshift/openshift-docs.git
synced 2026-02-05 12:46:18 +01:00
61 lines
1.3 KiB
Plaintext
61 lines
1.3 KiB
Plaintext
// Module included in the following assemblies:
|
|
//
|
|
// * security/zero_trust_workload_identity_manageer/zero-trust-manager-oidc-federation.adoc
|
|
|
|
:_mod-docs-content-type: PROCEDURE
|
|
[id="zero-trust-manager-vault-enable-kv_{context}"]
|
|
= Enabling the key-value secrets engine and store a test secret
|
|
|
|
You enable the key-value secrets engine to establish a secure, centralized location for managing credentials.
|
|
|
|
.Prerequisites
|
|
|
|
* Make sure that Vault is initialized and unsealed.
|
|
|
|
.Procedure
|
|
|
|
. Open another shell session in the `Vault` pod by running the following command:
|
|
+
|
|
[source,terminal]
|
|
----
|
|
$ oc rsh -n vault statefulset/vault
|
|
----
|
|
|
|
. Export your root token again within this new session and log in by running the following command:
|
|
+
|
|
[source,terminal]
|
|
----
|
|
$ export ROOT_TOKEN=<Your-Root-Token>
|
|
----
|
|
+
|
|
[source,terminal]
|
|
----
|
|
$ vault login "${ROOT_TOKEN}"
|
|
----
|
|
|
|
. Enable the KV secrets engine at the `secret/` path and create a test secret by running the following commands:
|
|
+
|
|
[source,terminal]
|
|
----
|
|
$ export NAME=ztwim
|
|
----
|
|
+
|
|
[source,terminal]
|
|
----
|
|
$ vault secrets enable -path=secret kv
|
|
----
|
|
+
|
|
[source,terminal]
|
|
----
|
|
$ vault kv put secret/$NAME version=v0.1.0
|
|
----
|
|
|
|
.Verification
|
|
|
|
* To verify that the secret is stored correctly, run the following command:
|
|
+
|
|
[source,terminal]
|
|
----
|
|
$ vault kv get secret/$NAME
|
|
----
|