'How can I access secrets from Hashicorp Vault deployed on OpenShift/Kubernetes directly in my Python code?
We can deploy a Hashicorp Vault on an OpenShift Cluster using Help (see this and this). Following the same links, this allows us to enable authentication by Kubernetes and to request secrets directly from Vault in these environments:
vault kv put foo/bar username="static-user" password="static-password"
vault kv get foo/bar
While this is ideal for an Openshift/Kubernetes environment, I would rather prefer to work with a Secret Manager client that I can access within my Python code as a library, for example something like this:
class SomeSecretManager():
"""Implementation of the contract of SecretManager"""
def __init__(self):
self.client = None
def initialize_connection(self):
self.client = SecretsManagerV1(authenticator="how do I make this link with an OpenShift cluster")
def get_secret(self, secret_id: str) -> Union[str, dict]:
response = self.client.get_secret(id=secret_id)
return response.get_result()["resources"][0]["secret_data"]["payload"]
I am wondering now how I can make this transition to access the deployed Vault pod on an OpenShift cluster directly in my Python code (both locally as well as when deployed on OpenShift), using a client similar to what has been illustrated above.
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
| Solution | Source |
|---|