Vault SuperUser 생성
약 3 분
Vault SuperUser 생성
주의
해당 방법은 username/password 방식의 Admin권한의 사용자를 생성하나,
보안상 실 구성에는 권장하지 않습니다.
- userpass 활성화
vault auth enable userpass
- 권한 추가 (e.g. super-user)
Linux/MacOS
vault policy write super-user - << EOF
path "*" {
capabilities = ["create", "read", "update", "delete", "list", "sudo"]
}
EOF
Windows Powershell
$policy = @"
path "*" {
capabilities = ["create", "read", "update", "delete", "list", "sudo"]
}
"@
vault policy write super-user - << $policy
- 계정 생성
vault write auth/userpass/users/admin password=password policies=super-user
- 로그인 또는 토큰 생성
Login
vault login -method userpass username=admin password=password
Success! You are now authenticated. The token information displayed below
is already stored in the token helper. You do NOT need to run "vault login"
again. Future Vault requests will automatically use this token.
Key Value
--- -----
token s.vIRSNJYiVMtRFuOwq4pKbYGK
token_accessor EQz974TUJCy0iV7ALZ8xzGe4
token_duration 768h
token_renewable true
token_policies ["default" "super-user"]
identity_policies []
policies ["default" "super-user"]
token_meta_username admin
token
vault token create -policy=super-user
Key Value
--- -----
token s.DgfYH1dUBxAbBDuPM5U2kkym
token_accessor 6GJDO2KH4yPK0jStQw8gJ63r
token_duration 768h
token_renewable true
token_policies ["default" "super-user"]
identity_policies []
policies ["default" "super-user"]