This Helm chart simplifies the deployment of goldfish on Kubernetes. Goldfish – A HashiCorp Vault UI and workflow tool.
Goldfish answers many auditing and administration questions that Vault API can’t:
- Right now, are there any root tokens in Vault?
- Which policies, users, and tokens can access this particular secret path?
- The unseal admins are working from home, but we need a policy changed.
- How do we generate a root token only for this change, and make sure it’s revoked after?
- I store my policies on a Github repo. Can I deploy all my policies in one go? See more
- If I remove this secret/policy, will anybody’s workflow break?
- Write goldfish approle (only needs to be done once)
- Deploy goldfish binary
- Bootstrap goldfish with an approle secret id
- Hot-loadable server settings from a provided vault endpoint
- Displaying a vault endpoint as a ‘bulletin board’ in the homepage
- Logging in with token, userpass, Github, or LDAP
- Secret Reading/editing/creating/listing
- Auth Searching/creating/listing/deleting
- Mounts Listing
- Policies Searching/Listing
- Encrypting and decrypting arbitrary strings using transit backend