Wrapped Secrets
Wrapping and Unwrapping with Vault: A Step-by-Step Guide
We operate a Hashicorp Vault instance for secure secrets management within the Uni Cloud Münster environment.
The Vault provides a centralized location for storing, retrieving, and rotating sensitive credentials, such as passwords, API keys, and certificates. It supports various secret engines, including KV (Key-Value), transit, and PKI.
It is accessible at the URL https://vault.uni-muenster.de.
To access the Vault go to https://vault.uni-muenster.de. Then log in by clicking “Sign in with OIDC Provider” on the Vault login page. You need to authenticate using your university account credentials.
Prerequisite: Install the Vault CLI on your machine by downloading the binary from the official Vault website or by using a package manager.
First configure the VAULT_ADDR
environment variable by running:
export VAULT_ADDR=https://vault.uni-muenster.de
Then, authenticate with Vault using the OIDC method by executing:
vault login -method=oidc
Follow the subsequent OIDC authentication workflow in your web browser to complete the login process.
Wrapping and Unwrapping with Vault: A Step-by-Step Guide