search

nebtex / vault-migrator

migrate vault data between different physical backends
Apache License 2.0
53 stars 11 forks source link
migration vault

readme

vault migrator

GitHub release Go Report Card

migrate or backup vault data between two physical backends. in one operation or in a cron job.

tested with: vault v0.7, consul, dynamodb

Links

Warnings

Usage

create a config.json file with this structure

{
  "to": {
    "name": "[[Backend Name]]",
    "config": "[[Backend Config]]"
  },
    "from": {
        "name": "[[Backend Name]]",
        "config": "{[[Backend Config]]"
    }
}

where from, is the source backend, and to is the destination

Examples:

remember only use strings in the backend config values!!!

  1. from dynamodb to consul
{
  "to": {
    "name": "consul",
      "config": {
        "address": "127.0.0.7:8500",
        "path": "vault",
        "token": "xxxx-xxxx-xxxx-xxxx-xxxxxxxxx"
     }
  },
    "from": {
        "name": "dynamodb",
        "config": {
          "ha_enabled": "true",
          "table": "vault",
          "write_capacity": "1",
          "access_key": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
          "secret_key": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
        }
    },
  "schedule": "@daily"
}

this will backup each 24 hours your data in dynamodb to a consul instance.

full list of storage backends and configuration options: Vault Storage Backends

schedule is optional if is not defined the command will run only once, for more documentation about is format please check robfig/cron

Binaries

Releases

OS X

curl -LO https://github.com/nebtex/vault-migrator/releases/download/$(curl -s https://raw.githubusercontent.com/nebtex/vault-migrator/master/stable.txt)/vault-migrator_darwin_amd64.zip

Linux

curl -LO https://github.com/nebtex/vault-migrator/releases/download/$(curl -s https://raw.githubusercontent.com/nebtex/vault-migrator/master/stable.txt)/vault-migrator_linux_amd64.zip

Windows

curl -LO https://github.com/nebtex/vault-migrator/releases/download/$(curl -s https://raw.githubusercontent.com/nebtex/vault-migrator/master/stable.txt)/vault-migrator_windows_amd64.zip

unzip and make the vault-migrator binary executable and move it to your PATH

full list of downloads for other platforms here

Usage

vault-migrator --config ${your_config_path}

Docker

Docker Pulls

linux amd64

docker pull nebtex/vault-migrator:$(curl -s https://raw.githubusercontent.com/nebtex/vault-migrator/master/stable.txt)

Usage

docker run -v ${your_config}:/etc/vault-migrator.json nebtex/vault-migrator

Contribution

To contribute to this project, see CONTRIBUTING.

Licensing

vault-migrator is licensed under the APACHE License v2. See LICENSE for the full license text.