Need some help please!!!
I have working code to pull a secret out of Hashi using the Management token, but... I need to switch this around to use the "approle" type authentication and do not understand the authentication differences.
My original code used something like this:
def vault(KEY):
VAULT_SERVER = "https://myserver.nowhere.com:8243"
TOKEN = "s.xxxxxxxxxxxxxxxxxxxxxxxx"
PATH = "/secret/vault/200245/mbop200245/nonprod/testautomation/dev"
CLIENT = hvac.Client(url=VAULT_SERVER, token=TOKEN)
VAULT = CLIENT.read(path=PATH)
SECRETS = VAULT['data']
ID_PASSWORD = SECRETS[KEY]
return ID_PASSWORD
Anyone have any code examples of using hvac with "approle"? I know how to do this in API (using Insomnia) but struggling with what hvac expects... and where...
Thanks!!!
Have you tried the docs? There is a whole section on Approle: https://hvac.readthedocs.io/en/stable/usage/auth_methods/approle.html
In particular, there is this snippet for authentication:
import hvac
client = hvac.Client()
client.auth.approle.login(
role_id='<some_role_id>',
secret_id='<some_secret_id>',
)