Vault AwareΒΆ
The Vault Aware method involves writing an application to connect directly to a Vault server using Vault REST APIs. The Vault REST APIs requires an existing Auth method and policy to be created; the specific method depends on the client libraries used.
The Vault REST API is used to allow an application to read and/or write secrets to Vault, provided the applicable policy gives read and/or write permission at the specified Vault path. The Vault REST API can be accessed from application containers using the Vault endpoint sva-vault. Run the following command to view Vault endpoints:
$ kubectl get svc -n vault
See also
Vault REST API:
Client libraries: https://www.vaultproject.io/api/libraries.html
Connect Vault with Python using the HVAC library: https://github.com/hvac/hvac