Viacheslav Vasilyev avoidik

visual studio is required (here)
python for windows is required
from command-line (check path to stdint.h first)

pip install -U setuptools wheel virtualenv
virtualenv venv
venv\Scripts\activate.bat
set CL=-FI"%VCINSTALLDIR%\Tools\MSVC\14.14.26428\include\stdint.h"
pip install will

vault_aws_auth

These are python 2 and 3 snippets showing how to generate headers to authenticate with HashiCorp's Vault using the AWS authentication method. There's also a Ruby implementation which uses version 3 of the AWS SDK for Ruby.

The python scripts look for credentials in the default boto3 locations; if you need to supply custom credentials (such as from an AssumeRole call), you would use the botocore.session.set_credentials method before calling create_client.

	vault mount pki
	vault mount -path=pki1 pki
	vault mount -path=pki2 pki
	vault mount -path=pki3 pki
	vault mount-tune -max-lease-ttl=87600h pki
	vault mount-tune -max-lease-ttl=87600h pki1
	vault mount-tune -max-lease-ttl=87600h pki2
	vault mount-tune -max-lease-ttl=87600h pki3
	vault write pki/root/generate/internal common_name="Vault Testing Root Authority" ttl=87600h

	#!/usr/bin/env bash
	function echob() {
	echo -e "\033[1m$1\033[0m"
	}

	function delete_user() {
	local username="$1"
	echo "deleting ${username}"
	aws iam delete-access-key --user-name ${username} --access-key-id $(jq -r .AccessKey.AccessKeyId ${username}-credentials.json)
	aws iam delete-user --user-name ${username}

	---
	apiVersion: v1
	kind: ConfigMap
	metadata:
	name: concourse-keys
	data:
	authorized_worker_keys: \|+
	ssh-rsa {{public_key_text}} worker-key
	session_signing_key: \|+
	-----BEGIN RSA PRIVATE KEY-----

	package main

	import (
	"fmt"
	"math/rand"
	"sync"
	"time"
	)

	// try to play with constants

	#!/usr/bin/env sh
	docker-machine rm -f rancher host1
	docker-machine create rancher --driver virtualbox --virtualbox-cpu-count "-1" --virtualbox-disk-size "8000" --virtualbox-memory "512" --virtualbox-boot2docker-url=https://github.com/boot2docker/boot2docker/releases/download/v1.11.2/boot2docker.iso
	docker-machine scp scripts/rancher-net.sh rancher:.
	docker-machine ssh rancher sh rancher-net.sh
	docker-machine regenerate-certs rancher -f
	eval $(docker-machine env rancher)
	docker-compose up -d
	eval $(docker-machine env -u)
	docker-machine create host1 --driver virtualbox --virtualbox-cpu-count "-1" --virtualbox-disk-size "54000" --virtualbox-memory "2048" --virtualbox-boot2docker-url=https://github.com/boot2docker/boot2docker/releases/download/v1.11.2/boot2docker.iso

	http://go.microsoft.com/fwlink/?LinkId=691126&fixForIE=.exe
	http://web.archive.org/web/20170519122327/http://landinghub.visualstudio.com:80/visual-cpp-build-tools

	# start vault in dev mode
	VAULT_UI=true vault server -dev -dev-root-token-id="password"

	# write some secrets for our example usage
	curl --request POST \
	--silent \
	--header "X-Vault-Token: password" \
	--header "Content-Type: application/json" \
	--data '{ "options": { "cas": 0 }, "data": { "username": "administrator", "password": "hunter2" } }' \
	http://127.0.0.1:8200/v1/secret/data/dev \| jq '.'

	#!/usr/bin/env python3
	import base64
	import json

	import requests
	from aws_requests_auth.boto_utils import BotoAWSRequestsAuth

	"""
	This code will connect from an ECS container to a remote Hashicorp Vault server
	and authenticate using the 'iam' auth_type for the AWS auth backend.