mirror of
https://github.com/hashicorp/vault.git
synced 2025-08-18 12:37:02 +02:00
a43e292424
* conversion stage 1 * correct image paths * add sidebar title to frontmatter * docs/concepts and docs/internals * configuration docs and multi-level nav corrections * commands docs, index file corrections, small item nav correction * secrets converted * auth * add enterprise and agent docs * add extra dividers * secret section, wip * correct sidebar nav title in front matter for apu section, start working on api items * auth and backend, a couple directory structure fixes * remove old docs * intro side nav converted * reset sidebar styles, add hashi-global-styles * basic styling for nav sidebar * folder collapse functionality * patch up border length on last list item * wip restructure for content component * taking middleman hacking to the extreme, but its working * small css fix * add new mega nav * fix a small mistake from the rebase * fix a content resolution issue with middleman * title a couple missing docs pages * update deps, remove temporary markup * community page * footer to layout, community page css adjustments * wip downloads page * deps updated, downloads page ready * fix community page * homepage progress * add components, adjust spacing * docs and api landing pages * a bunch of fixes, add docs and api landing pages * update deps, add deploy scripts * add readme note * update deploy command * overview page, index title * Update doc fields Note this still requires the link fields to be populated -- this is solely related to copy on the description fields * Update api_basic_categories.yml Updated API category descriptions. Like the document descriptions you'll still need to update the link headers to the proper target pages. * Add bottom hero, adjust CSS, responsive friendly * Add mega nav title * homepage adjustments, asset boosts * small fixes * docs page styling fixes * meganav title * some category link corrections * Update API categories page updated to reflect the second level headings for api categories * Update docs_detailed_categories.yml Updated to represent the existing docs structure * Update docs_detailed_categories.yml * docs page data fix, extra operator page remove * api data fix * fix makefile * update deps, add product subnav to docs and api landing pages * Rearrange non-hands-on guides to _docs_ Since there is no place for these on learn.hashicorp, we'll put them under _docs_. * WIP Redirects for guides to docs * content and component updates * font weight hotfix, redirects * fix guides and intro sidenavs * fix some redirects * small style tweaks * Redirects to learn and internally to docs * Remove redirect to `/vault` * Remove `.html` from destination on redirects * fix incorrect index redirect * final touchups * address feedback from michell for makefile and product downloads
75 lines
2.2 KiB
Markdown
75 lines
2.2 KiB
Markdown
---
|
|
layout: "docs"
|
|
page_title: "UI - Configuration"
|
|
sidebar_title: "<tt>ui</tt>"
|
|
sidebar_current: "docs-configuration-ui"
|
|
description: |-
|
|
Vault features a user interface (web interface) for interacting with Vault.
|
|
Easily create, read, update, and delete secrets, authenticate, unseal, and
|
|
more with the Vault UI.
|
|
---
|
|
|
|
# Vault UI
|
|
|
|
Vault features a user interface (web interface) for interacting with Vault.
|
|
Easily create, read, update, and delete secrets, authenticate, unseal, and
|
|
more with the Vault UI.
|
|
|
|
-> The UI requires **Vault 0.10 or higher** or Vault Enterprise.
|
|
|
|
## Activating the Vault UI
|
|
|
|
The Vault UI is not activated by default. To activate the UI, set the `ui`
|
|
configuration option in the Vault server configuration. Vault clients do not
|
|
need to set this option, since they will not be serving the UI.
|
|
|
|
```hcl
|
|
ui = true
|
|
|
|
listener "tcp" {
|
|
# ...
|
|
}
|
|
```
|
|
|
|
For more information, please see the
|
|
[Vault configuration options](/docs/configuration/index.html).
|
|
|
|
## Accessing the Vault UI
|
|
|
|
The UI runs on the same port as the Vault listener. As such, you must configure
|
|
at least one `listener` stanza in order to access the UI.
|
|
|
|
```hcl
|
|
listener "tcp" {
|
|
address = "10.0.1.35:8200"
|
|
|
|
# If bound to localhost, the Vault UI is only
|
|
# accessible from the local machine!
|
|
# address = "127.0.0.1:8200"
|
|
}
|
|
```
|
|
|
|
In this case, the UI is accessible the following URL from any machine on the
|
|
subnet (provided no network firewalls are in place):
|
|
|
|
```text
|
|
https://10.0.1.35:8200/ui
|
|
```
|
|
|
|
It is also accessible at any DNS entry that resolves to that IP address, such as
|
|
the Consul service address (if using Consul):
|
|
|
|
```text
|
|
https://vault.service.consul:8200/ui
|
|
```
|
|
|
|
### Note on TLS
|
|
|
|
When using TLS (recommended), the certificate must be valid for all DNS entries
|
|
you will be accessing the Vault UI on, and any IP addresses on the SAN. If you
|
|
are running Vault with a self-signed certificate, any browsers that access the
|
|
Vault UI will need to have the root CA installed. Failure to do so may result in
|
|
the browser displaying a warning that the site is "untrusted". It is highly
|
|
recommended that client browsers accessing the Vault UI install the proper CA
|
|
root for validation to reduce the chance of a MITM attack.
|