Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Using Hashicorp Vault with Pipelines

Rene Ludwig
Rene Ludwig November 20, 2019

We would like to use Hashicorp Vault to manage our secrets and access these secrets form within Pipelines. This can be done via the Vault REST API using a Vault token as authentication. The token can be stored as a repository variable, so it's available during the build.

However, as it is best practice, tokens have a limited life time and need to be rotated. How can I rotate Vault tokens? Is there a cronjob like service / integration that could be used?

Answer
Watch
Like # people like this
2788 views

2 answers

0 votes
Samuel Bloch
Samuel Bloch January 14, 2021

You can definitely hook in vault using an oidc machine to machine connection, such as auth0 in your pipeline 

Reply
0 votes
Theodora Boudale
Theodora Boudale
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
August 10, 2020

Hi Rene,

Is it possible to generate the Vault token programmatically?

If so, you can add the code to generate in your yml file; this way, you will generate a new token for every build during the build, and you won't need to store it as a repository variable.

Is this something that would work for you?

Kind regards,
Theodora

Reply

Suggest an answer

Log in or Sign up to answer
Bitbucket
Bitbucket
TAGS
AUG Leaders

Atlassian Community Events

    See all events