hi,could you please anyone help to use GitHub using vault.i have a requirement that,write and read some secrets using GitHub have already create personal access token in GitHub and i not able to access GitHub repository from .net.thanks in advance
I want to establish a connection to Vault system and through the LDAP Auth Method but unable to get authencticated as VaultToken is not getting generated. Can you please help
Hi, im trying to login using AWS IAM, but stuck with an exception:
{"errors":["didn't supply required authentication values"]}code (copied from GitHub's README page):
var amazonSecurityTokenServiceConfig = new AmazonSecurityTokenServiceConfig();
var creds = FallbackCredentialsFactory.GetCredentials();
var iamRequest = GetCallerIdentityRequestMarshaller.Instance.Marshall(new GetCallerIdentityRequest());
iamRequest.Endpoint = new Uri(amazonSecurityTokenServiceConfig.DetermineServiceURL());
iamRequest.ResourcePath = "/";
iamRequest.Headers.Add("User-Agent", "https://github.com/rajanadar/vaultsharp/0.11.1000");
iamRequest.Headers.Add("X-Amz-Security-Token", creds.GetCredentials().Token);
iamRequest.Headers.Add("Content-Type", "application/x-www-form-urlencoded; charset=utf-8");
new AWS4Signer().Sign(iamRequest, amazonSecurityTokenServiceConfig, new RequestMetrics(), creds.GetCredentials().AccessKey,
creds.GetCredentials().SecretKey);
var iamStsRequestHeaders = iamRequest.Headers;
var base64EncodedIamRequestHeaders = Convert.ToBase64String(Encoding.UTF8.GetBytes(JsonConvert.SerializeObject(iamStsRequestHeaders)));
var a1 = new IAMAWSAuthMethodInfo(AuthMethodType.AWS.Type, base64EncodedIamRequestHeaders, Guid.NewGuid().ToString(), "mt-fxrates-honduras");
var cs = new VaultClientSettings(settings.Vault.Host, a1);
var c = new VaultClient(cs);
var secret = c.V1.Secrets.KeyValue.V1.ReadSecretAsync(settings.Vault.Path).Result;vault's role record
vault write auth/aws/role/mt-fxrates-honduras auth_type=iam policies=mt-fxrates-honduras max_ttl=1h bound_iam_principal_arn=arn:aws:iam::312226949769:role/lambda_basic_vpc_executionAny help is appreciated. Thanks
Hi there! I'm trying to use the VaultSharp Azure Auth method to utilize an MSI that I've created for an App Service that I wan to have communicate with my Vault Server (which is running on a VM). When I go to request a secret from Vault, I get an error that is requiring me to put in the vmName when I create my vault client settings. But since this is an App Service, the resource mapping is off -- the VM name maps to /resources/virtualMachines, but my app service is located at a different resource path. Is support for App Service's using MSI going to be supported in VaultSharp?....and, also, is there a way to authenticate today for an App Service's MSI? Thank you!
Hi there
can you provide a code snippet and the exact exception?
---- folks, there was a personal emergency that kept me out cold. i'm back now. let me know any open issues ---
Folks, we have some really active community members that have answered questions in the past in GH issues. For the benefit of wider community, the recommendation moving forward is to ask your questions on Stack Overflow, with the vault-sharp tag... Please go ahead and ask questions there. https://stackoverflow.com/questions/tagged/vault-sharp
hello folks, happy to announce the release of VaultSharp 1.4.0 today. It has all the Auth backends and Secret Engines supported by Vault 1.4.0. Cheers!
@rajanadar I am using VaultSharp NuGet package with .NET frameworks 4.8 and .Net Core 3.1 it's working perfect with .Net Core 3.1 but with .Net Framework 4.8 it's not able to resolve. I am getting this error "Could not load file or assembly VaultSharp, version =1.4.0.5, culture =neutral, PublicKeyToken = cb3d4aad92b0eded"
Only the Unseal Key(s) and Initial Root Token are returned.
var masterCredentials = await _unauthenticatedVaultClient.V1.System.InitAsync(initOptions);
Please see https://github.com/rajanadar/VaultSharp/blob/master/test/VaultSharp.Samples/Program.cs#L390 for a sample usage.
@chinswain let me know if any issues.
Are all administrative operations expected to be done ahead of time by the security team or a privileged person.
As an end application, you use VaultSharp to read secrets.
However, VaultSharp is built to be used in both end application and admin flows, so it supports a lot of admin operations as well.
What new secret engine do you want to mount? The kv ones are normally enabled by default. Let me know as a github issue if you need an api support that doesn't exist today
However, when I return a CustomAuthMethodInfo from the delegate required in the constructor, I cannot set the ReturnLoginAuthInfo property as it's marked as internal set and not created for me the default constructor
is this a bug or am I using the class wrong?
hey Mike, it is a bug. i created a gh issue to track and close within the week. rajanadar/VaultSharp#182
Please use the TokenAuthInfo method to unblock for now.
hi @gingermike , i have published a new NuGet of VaultSharp whereby you can set your own AuthInfo. Please let me know if any issues. https://www.nuget.org/packages/VaultSharp/1.6.2.1
Hi, when using curl to connect to Vault we use --proxy "host:port" and -crt "path" for the server certificate (.crt), using vaultSharp I was able to set Proxy settings in PostProcessHttpClientHandlerAction but not sure how to define the server certificate manually? knowing we are using LDAP auth. I want to translate the -crt path command to vb using vaultsharp.
9 replies
I want to get rid of "appsettings.json" and store application configs in the HashiCorp Vault, it would be nice if this library could "inject" new application configs on the fly without reloading an application.
I imaging it to work like Redis pub/sub, when some data changes, all subscribed parties are notified.
Can this library do this?