Skip to content
/ vault_token_lister Public
forked from timmehhh7/vault_token_lister

Small tool to traverse vault token accessors looking for root tokens to revoke.

License

Apache-2.0 license
0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

vngzs/vault_token_lister

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits

vendor

vendor

 
 

LICENSE

LICENSE

 
 

Makefile

Makefile

 
 

README.md

README.md

 
 

vault_token_lister.go

vault_token_lister.go

 
 

Repository files navigation

Hashicorp Vault Token Lister

This tiny tool is built to walk the token accessors in a Hashicorp Vault and use them to access the details and policies for each case, normally to allow (manual) revocation using the accessor.

It was written as a way to detect all root-level tokens so they could be revoked per best practices suggested in vault manual (see "root tokens").

Build:

Just run "make" and it will install into $GOPATH/bin

Usage:

    vault_token_lister -targetVaultAddr=https://example.com:8200 -rootToken=someroot-7644-a9aa 
    vault_token_lister -targetVaultAddr=https://example.com:8200 -rootToken=someroot-7644-a9aa -policy=root
    vault_token_lister -targetVaultAddr=https://example.com:8200 -rootToken=someroot-7644-a9aa -policy=somepolicy
```

About

Small tool to traverse vault token accessors looking for root tokens to revoke.

Resources

Readme

License

Apache-2.0 license
Activity

Stars

0 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • Go 96.1%
  • Makefile 3.9%