Re: is there pgadmin interface with Hashicorp Vault or command line interface to use master password and update password repository

Поиск
Список
Период
Сортировка
От Flavio Henrique Araque Gurgel
Тема Re: is there pgadmin interface with Hashicorp Vault or command line interface to use master password and update password repository
Дата
Msg-id CAGHTAeOshJeSsiPYBCEKMyfbVqrsTE0JmG13+NmKbmunuhpD0g@mail.gmail.com
обсуждение исходный текст
Ответ на is there pgadmin interface with Hashicorp Vault or command line interface to use master password and update password repository  (OracleDba OracleDba <paul.gilbert.healy@gmail.com>)
Список pgsql-admin
Дерево обсуждения
Em qui., 15 de jun. de 2023 às 16:12, OracleDba OracleDba <paul.gilbert.healy@gmail.com> escreveu:
all our postgres passwords are secured within a Hashicorp Vault.
Postgres passwords currency cycle every 45 days 
Later this year DBA team will change that to Hourly.

it is easy enough to build a command line interface to retrieve a password from the vault
and it is easy enough to pipe that into a psql session

what I would like to do is either use a command line interface wherein
I use the PGADMIN master password and perform maintenance on a password of a server
OR have pgadmin use Hashicorp's api to pull password directly from vault.

what are my options?

I'm not a pgadmin fan and don't use it but I think it respects the env vars so PGPASSWORD would be an option as I do for psql here.
So you can try something like, in the same command like :
PGPASSWORD=`vault read your_secret_path_or_plugin` pgadmin
Or do some bash mastery on your .bashrc to read the secret from vault every time you open your terminal.

Best,
Flavio

В списке pgsql-admin по дате отправления:

Предыдущее
От: "David G. Johnston"
Дата:
Сообщение: Re: The same result for with SPACE and without SPACE
Следующее
От: M Sarwar
Дата:
Сообщение: Re: The same result for with SPACE and without SPACE