mirrors/vault
1
0
Fork 0
mirror of https://github.com/hashicorp/vault.git synced 2025-11-22 19:21:09 +01:00
Code Issues Projects Releases Wiki Activity

Use shell highlighting in the command snippets (#4736)

Browse Source
This commit is contained in:
Pavlos Ratis 2018-06-11 14:46:35 +02:00 committed by Jeff Mitchell
parent fd6d75609c
commit d39a25cb5c
1 changed files with 10 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
website/source/docs/auth/gcp.html.md
View File

@ -379,13 +379,13 @@ If a GCE token is provided for login under an `iam` role, the service account as
#### Enable GCP authentication in Vault #### Enable GCP authentication in Vault
``` ```sh
$ vault auth enable gcp $ vault auth enable gcp
``` ```
#### Configure the GCP Auth Method #### Configure the GCP Auth Method
``` ```sh
$ vault write auth/gcp/config credentials=@path/to/creds.json $ vault write auth/gcp/config credentials=@path/to/creds.json
``` ```
@ -400,7 +400,7 @@ to learn more about parameters.
#### Create a role #### Create a role
``` ```sh
$ vault write auth/gcp/role/dev-role \ $ vault write auth/gcp/role/dev-role \
type="iam" \ type="iam" \
project_id="project-123456" \ project_id="project-123456" \
@ -416,7 +416,7 @@ configuration for the generated auth tokens.
We also expose a helper path for updating the service accounts attached to an existing `iam` role: We also expose a helper path for updating the service accounts attached to an existing `iam` role:
``` ```sh
$ vault write auth/gcp/role/iam-role/service-accounts \ $ vault write auth/gcp/role/iam-role/service-accounts \
add='serviceAccountToAdd,...' \ add='serviceAccountToAdd,...' \
remove='serviceAccountToRemove,...' \ remove='serviceAccountToRemove,...' \
@ -424,7 +424,7 @@ $ vault write auth/gcp/role/iam-role/service-accounts \
and for updating the labels attached to an existing `gce` role: and for updating the labels attached to an existing `gce` role:
``` ```sh
$ vault write auth/gcp/role/gce-role/labels \ $ vault write auth/gcp/role/gce-role/labels \
add='label1:value1,foo:bar,...' \ add='label1:value1,foo:bar,...' \
remove='key1,key2,...' \ remove='key1,key2,...' \
@ -439,7 +439,7 @@ parameters for role creation and updates.
Once the backend is setup and roles are registered with the backend, Once the backend is setup and roles are registered with the backend,
the user can login against a specific role. the user can login against a specific role.
``` ```sh
$ vault write auth/gcp/login role='dev-role' jwt='eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...' $ vault write auth/gcp/login role='dev-role' jwt='eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...'
``` ```
@ -452,20 +452,20 @@ authenticating entity.
#### Enable GCP authentication in Vault #### Enable GCP authentication in Vault
``` ```sh
$ curl $VAULT_ADDR/v1/sys/auth/gcp -d '{ "type": "gcp" }' $ curl $VAULT_ADDR/v1/sys/auth/gcp -d '{ "type": "gcp" }'
``` ```
#### Configure the GCP Auth Method #### Configure the GCP Auth Method
``` ```sh
$ curl $VAULT_ADDR/v1/auth/gcp/config \ $ curl $VAULT_ADDR/v1/auth/gcp/config \
-d '{ "credentials": "{...}" }' -d '{ "credentials": "{...}" }'
``` ```
#### Create a role #### Create a role
``` ```sh
$ curl $VAULT_ADDR/v1/auth/gcp/role/dev-role \ $ curl $VAULT_ADDR/v1/auth/gcp/role/dev-role \
-d '{ "type": "iam", "project_id": "project-123456", ...}' -d '{ "type": "iam", "project_id": "project-123456", ...}'
``` ```
@ -479,7 +479,7 @@ If you have mounted the `gcp` backend with a different mountpoint, use that valu
The `role` and `jwt` should be sent in the POST body encoded as JSON. The `role` and `jwt` should be sent in the POST body encoded as JSON.
``` ```sh
$ curl $VAULT_ADDR/v1/auth/gcp/login \ $ curl $VAULT_ADDR/v1/auth/gcp/login \
-d '{ "role": "dev-role", "jwt": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..." }' -d '{ "role": "dev-role", "jwt": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..." }'
``` ```