devopshobbies / boundary-vault-stack

Deploy Self-Hosted HCP Vault and Boundary using End-To-End Automation (Terraform, Ansible, Bash, and many more)
MIT License
14 stars 14 forks source link

Vault Database Secret Engine Integration With Boundary Credential Library. #50

Open Shayan-Ghani opened 2 months ago

Shayan-Ghani commented 2 months ago

According to a quick start tutorial on Hashicorp's gituhb page a demo postgres database target is deployed. Vault server is then configured using the database secrets engine and policies allowing Boundary to request credentials for two roles, a DBA and an "analyst". Boundary DBA and analyst targets are configured using a credential store that contains credential libraries for both targets. This enables credential brokering via Vault, which is demonstrated using the boundary connect postgres command.

Instead of running the commands imperatively use Ansible, Docker-Compose, and Terraform to do the Job for You.