hitxiang · August 31, 2018 10:37
diff --git a/gistfile1.txt b/gistfile1.txt
 package main

 import (
        "encoding/json"
        "fmt"
        "net/http"
        "time"

        "github.com/hashicorp/vault/api"
        "github.com/hashicorp/vault/builtin/credential/aws"
 )

 var httpClient = &http.Client{
        Timeout: 10 * time.Second,
 }

 func main() {
    token, err := awsLogin()
    if err != nil {
        panic(err)
    }

    client, err := api.NewClient(&api.Config{Address: vaultAddr, HttpClient: httpClient})
    if err != nil {
        panic(err)
    }

    fmt.Println("+++++++++++++++", token)
    client.SetToken(token)
    data, err := client.Logical().Read("mh2/my-app")
    if err != nil {
        panic(err)
    }

    fmt.Println("+++++++++++++++", data)
    b, _ := json.Marshal(data.Data)
    fmt.Println(string(b))
 }

 const (
    accessKey    = ""
    secretKey    = ""
    sessionToken = ""
    headerValue  = ""
    vaultAddr = "http://vault-vault.vault:8200"
 )

 func awsLogin() (string, error) {
    // get aws credential
    data, err := awsauth.GenerateLoginData(accessKey, secretKey, sessionToken, headerValue)
    if err != nil {
        return "", err
    }

    // create a vault client
    client, err := api.NewClient(&api.Config{Address: vaultAddr, HttpClient: httpClient})
    if err != nil {
        return "", err
    }

    // PUT call to get a token
    secret, err := client.Logical().Write("auth/aws/login", data)
    if err != nil {
        return "", err
    }

    token := secret.Auth.ClientToken
    return token, nil
 }
	package main

	import (
	"encoding/json"
	"fmt"
	"net/http"
	"time"

	"github.com/hashicorp/vault/api"
	"github.com/hashicorp/vault/builtin/credential/aws"
	)

	var httpClient = &http.Client{
	Timeout: 10 * time.Second,
	}

	func main() {
	token, err := awsLogin()
	if err != nil {
	panic(err)
	}

	client, err := api.NewClient(&api.Config{Address: vaultAddr, HttpClient: httpClient})
	if err != nil {
	panic(err)
	}

	fmt.Println("+++++++++++++++", token)
	client.SetToken(token)
	data, err := client.Logical().Read("mh2/my-app")
	if err != nil {
	panic(err)
	}

	fmt.Println("+++++++++++++++", data)
	b, _ := json.Marshal(data.Data)
	fmt.Println(string(b))
	}

	const (
	accessKey = ""
	secretKey = ""
	sessionToken = ""
	headerValue = ""
	vaultAddr = "http://vault-vault.vault:8200"
	)

	func awsLogin() (string, error) {
	// get aws credential
	data, err := awsauth.GenerateLoginData(accessKey, secretKey, sessionToken, headerValue)
	if err != nil {
	return "", err
	}

	// create a vault client
	client, err := api.NewClient(&api.Config{Address: vaultAddr, HttpClient: httpClient})
	if err != nil {
	return "", err
	}

	// PUT call to get a token
	secret, err := client.Logical().Write("auth/aws/login", data)
	if err != nil {
	return "", err
	}

	token := secret.Auth.ClientToken
	return token, nil
	}