Documentation
Start typing to search…

Consul Template Plugin

Suggest Edit

Consul Template is a key tool for generating configurations and managing infrastructure. Consul Template is a standalone application that renders data from Consul onto the file system. The integration with Akeyless allows users seamlessly to integrate secret data into the configurations.

👍

Note

Akeyless developed API compatibility with HashiCorp Vault OSS, enabling the use of Vault OSS community plugins for both Static & Dynamic Secrets, you can find more information here

Prerequisites

  1. Set the Akeyless URL in the VAULT_ADDR environment variable:

    export VAULT_ADDR=https://hvp.akeyless.io

  2. You'll need to configure the authentication token that Consul Template would use to fetch secrets from Akeyless Platform. Set your Akeyless token in a file ~/.vault-token

    You can either use Akeyless API Key in the following format as your Token:

    • A concatenation of your Access ID and your Access Key with two dots as a delimiter: < Access ID >..< Access Key >, For example:p-xxxxx..accessKey

    Alternatively, to extract your authorization tokens directly using the Akeyless CLI auth command:

    akeyless auth --access-id "Access ID" --access-type="Auth Method type" --json true | awk '/token/ { gsub(/[",]/,"",$2); print $2}'>> ~/.vault-token

Configuring Consul Template Plugin

  1. Create a secret in Akeyless that you can further use in the Consul Template:

    akeyless create-secret --name my-app/production --value '{"your_secret_value":"1234","your_secret_name":"abcd"}'

    Consul Template's powerful abstraction and templating language are perfect for creating dynamic configurations.

  2. Write to a template:

    {{ with secret "secret/data/my-app/production" }}
        adapter: xyzt 
    xyzt_your_secret_name: {{.Data.data.your_secret_name}}
    xyzt_your_secret_value: {{.Data.data.your_secret_value}}
{{ end }}

    This example combines the existing functionality of watching a key in Consul and the new function that queries Akeyless Platform for a secret. Consul Template transparently handles the authentication, retrieval, and renewal of secrets.

  3. Execute the template

    consul-template -template="my.tmpl:output.txt" -once -dry
> output.txt

    adapter: xyzt
    your_secret_name: abcd
    your_secret_value: 1234
📘

Info

Configuring Consul Template with Akeyless Gateway - For Zero-Knowledge Encryption please configure Akeyless Gateway and set VAULT_ADDR to your private Akeyless Gateway: export VAULT_ADDR=https://Your-Akeyless-Gateway:8200.

Updated 8 days ago

Footer Section