vault-plugin-kmip

KMIP backend manages certificates and writes them to the backend.

docs: 代码设计 (yuque.com)

passwd：fbg9

Prerequisites

1. Target API with CRUD capabilities for secrets.
2. Golang 1.23+
3. Docker & Docker Compose 20.10+
4. Terraform 1.0+
5. Google Cloud Platform

Install

1. Run go mod init.

2. Build the secrets engine into a plugin using Go.

   $ go build -o vault/plugins/vault-plugin-kmip cmd/vault-plugin-kmip/main.go

3. You can find the binary in vault/plugins/.

   $ ls vault/plugins/

4. Run a Vault server in dev mode to register and try out the plugin.

   $ vault server -dev -dev-root-token-id=root -dev-plugin-dir=./vault/plugins