consul/website/content/docs/k8s/deployment-configurations/vault/data-integration/replication-token.mdx

101 lines
3.7 KiB
Plaintext
Raw Normal View History

Update k8s docs for Vault as a Secrets Backend (#12691) * Updating k8s Vault as a Secrets Backend docs * Moving files in data-integration folder * Updating routes to moved files * Removing known limitations since we have delivered them. * Revise overview page to point towards the System Integration and Data Integration pages. * Updating Systems Overview page * Making corrections to Overview and Systems Integration page * Updating Data Integration page * Gossip page * Enterprise Licensepage * Bootstrap Token * Replication Token * Revisions to bootrap, replication, and enterprise license * snapshot agent page. revisiions to other data integration pages * Consul Service Mesh TLS Provider page * ServerTLS page * Spelling, grammar errors * Update website/content/docs/k8s/installation/vault/index.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/index.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/server-tls.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/connect-ca.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/gossip.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/snapshot-agent-config.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/bootstrap-token.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/connect-ca.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/enterprise-license.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/replication-token.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/replication-token.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Updating data center to datacenter * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * interim changes * more formatting changes * adding additional formatting changes * more formatting on systems integration page * remove TODO * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/index.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/index.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Adding partition token * removing dangling word * Adding missing navlink for partitions page * Adding VAULT_TOKEN documentation and a note to VAULT_ADDR about https and the possible need for the VAULT_CACERT. * Fixing broken links and ordering lists * Fixing broken links. Changing pre-requisites to prerequisites. Co-authored-by: David Yu <dyu@hashicorp.com> Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com>
2022-04-07 18:16:24 +00:00
---
layout: docs
page_title: Storing the ACL Replication Token in Vault
description: >-
Configuring the Consul Helm chart to use an ACL replication token stored in Vault.
---
# Storing the ACL Replication Token in Vault
This topic describes how to configure the Consul Helm chart to use an ACL replication token stored in Vault.
Update k8s docs for Vault as a Secrets Backend (#12691) * Updating k8s Vault as a Secrets Backend docs * Moving files in data-integration folder * Updating routes to moved files * Removing known limitations since we have delivered them. * Revise overview page to point towards the System Integration and Data Integration pages. * Updating Systems Overview page * Making corrections to Overview and Systems Integration page * Updating Data Integration page * Gossip page * Enterprise Licensepage * Bootstrap Token * Replication Token * Revisions to bootrap, replication, and enterprise license * snapshot agent page. revisiions to other data integration pages * Consul Service Mesh TLS Provider page * ServerTLS page * Spelling, grammar errors * Update website/content/docs/k8s/installation/vault/index.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/index.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/server-tls.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/connect-ca.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/gossip.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/snapshot-agent-config.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/bootstrap-token.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/connect-ca.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/enterprise-license.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/replication-token.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/replication-token.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Updating data center to datacenter * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * interim changes * more formatting changes * adding additional formatting changes * more formatting on systems integration page * remove TODO * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/index.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/index.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Adding partition token * removing dangling word * Adding missing navlink for partitions page * Adding VAULT_TOKEN documentation and a note to VAULT_ADDR about https and the possible need for the VAULT_CACERT. * Fixing broken links and ordering lists * Fixing broken links. Changing pre-requisites to prerequisites. Co-authored-by: David Yu <dyu@hashicorp.com> Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com>
2022-04-07 18:16:24 +00:00
## Overview
To use an ACL replication token stored in Vault, follow the steps outlined in the [Data Integration](/docs/k8s/installation/vault/data-integration) section.
Update k8s docs for Vault as a Secrets Backend (#12691) * Updating k8s Vault as a Secrets Backend docs * Moving files in data-integration folder * Updating routes to moved files * Removing known limitations since we have delivered them. * Revise overview page to point towards the System Integration and Data Integration pages. * Updating Systems Overview page * Making corrections to Overview and Systems Integration page * Updating Data Integration page * Gossip page * Enterprise Licensepage * Bootstrap Token * Replication Token * Revisions to bootrap, replication, and enterprise license * snapshot agent page. revisiions to other data integration pages * Consul Service Mesh TLS Provider page * ServerTLS page * Spelling, grammar errors * Update website/content/docs/k8s/installation/vault/index.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/index.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/server-tls.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/connect-ca.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/gossip.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/snapshot-agent-config.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/bootstrap-token.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/connect-ca.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/enterprise-license.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/replication-token.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/replication-token.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Updating data center to datacenter * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * interim changes * more formatting changes * adding additional formatting changes * more formatting on systems integration page * remove TODO * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/index.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/index.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Adding partition token * removing dangling word * Adding missing navlink for partitions page * Adding VAULT_TOKEN documentation and a note to VAULT_ADDR about https and the possible need for the VAULT_CACERT. * Fixing broken links and ordering lists * Fixing broken links. Changing pre-requisites to prerequisites. Co-authored-by: David Yu <dyu@hashicorp.com> Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com>
2022-04-07 18:16:24 +00:00
Complete the following steps once:
Update k8s docs for Vault as a Secrets Backend (#12691) * Updating k8s Vault as a Secrets Backend docs * Moving files in data-integration folder * Updating routes to moved files * Removing known limitations since we have delivered them. * Revise overview page to point towards the System Integration and Data Integration pages. * Updating Systems Overview page * Making corrections to Overview and Systems Integration page * Updating Data Integration page * Gossip page * Enterprise Licensepage * Bootstrap Token * Replication Token * Revisions to bootrap, replication, and enterprise license * snapshot agent page. revisiions to other data integration pages * Consul Service Mesh TLS Provider page * ServerTLS page * Spelling, grammar errors * Update website/content/docs/k8s/installation/vault/index.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/index.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/server-tls.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/connect-ca.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/gossip.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/snapshot-agent-config.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/bootstrap-token.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/connect-ca.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/enterprise-license.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/replication-token.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/replication-token.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Updating data center to datacenter * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * interim changes * more formatting changes * adding additional formatting changes * more formatting on systems integration page * remove TODO * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/index.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/index.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Adding partition token * removing dangling word * Adding missing navlink for partitions page * Adding VAULT_TOKEN documentation and a note to VAULT_ADDR about https and the possible need for the VAULT_CACERT. * Fixing broken links and ordering lists * Fixing broken links. Changing pre-requisites to prerequisites. Co-authored-by: David Yu <dyu@hashicorp.com> Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com>
2022-04-07 18:16:24 +00:00
1. Store the secret in Vault.
1. Create a Vault policy that authorizes the desired level of access to the secret.
Repeat the following steps for each datacenter in the cluster:
Update k8s docs for Vault as a Secrets Backend (#12691) * Updating k8s Vault as a Secrets Backend docs * Moving files in data-integration folder * Updating routes to moved files * Removing known limitations since we have delivered them. * Revise overview page to point towards the System Integration and Data Integration pages. * Updating Systems Overview page * Making corrections to Overview and Systems Integration page * Updating Data Integration page * Gossip page * Enterprise Licensepage * Bootstrap Token * Replication Token * Revisions to bootrap, replication, and enterprise license * snapshot agent page. revisiions to other data integration pages * Consul Service Mesh TLS Provider page * ServerTLS page * Spelling, grammar errors * Update website/content/docs/k8s/installation/vault/index.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/index.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/server-tls.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/connect-ca.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/gossip.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/snapshot-agent-config.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/bootstrap-token.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/connect-ca.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/enterprise-license.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/replication-token.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/replication-token.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Updating data center to datacenter * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * interim changes * more formatting changes * adding additional formatting changes * more formatting on systems integration page * remove TODO * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/index.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/index.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Adding partition token * removing dangling word * Adding missing navlink for partitions page * Adding VAULT_TOKEN documentation and a note to VAULT_ADDR about https and the possible need for the VAULT_CACERT. * Fixing broken links and ordering lists * Fixing broken links. Changing pre-requisites to prerequisites. Co-authored-by: David Yu <dyu@hashicorp.com> Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com>
2022-04-07 18:16:24 +00:00
1. Create Vault Kubernetes auth roles that link the policy to each Consul on Kubernetes service account that requires access.
1. Update the Consul on Kubernetes helm chart.
## Prerequisites
Prior to setting up the data integration between Vault and Consul on Kubernetes, you will need to have:
1. Read and completed the steps in the [Systems Integration](/docs/k8s/installation/vault/systems-integration) section of [Vault as a Secrets Backend](/docs/k8s/installation/vault).
2. Read the [Data Integration Overview](/docs/k8s/installation/vault/data-integration) section of [Vault as a Secrets Backend](/docs/k8s/installation/vault).
Update k8s docs for Vault as a Secrets Backend (#12691) * Updating k8s Vault as a Secrets Backend docs * Moving files in data-integration folder * Updating routes to moved files * Removing known limitations since we have delivered them. * Revise overview page to point towards the System Integration and Data Integration pages. * Updating Systems Overview page * Making corrections to Overview and Systems Integration page * Updating Data Integration page * Gossip page * Enterprise Licensepage * Bootstrap Token * Replication Token * Revisions to bootrap, replication, and enterprise license * snapshot agent page. revisiions to other data integration pages * Consul Service Mesh TLS Provider page * ServerTLS page * Spelling, grammar errors * Update website/content/docs/k8s/installation/vault/index.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/index.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/server-tls.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/connect-ca.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/gossip.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/snapshot-agent-config.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/bootstrap-token.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/connect-ca.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/enterprise-license.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/replication-token.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/replication-token.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Updating data center to datacenter * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * interim changes * more formatting changes * adding additional formatting changes * more formatting on systems integration page * remove TODO * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/index.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/index.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Adding partition token * removing dangling word * Adding missing navlink for partitions page * Adding VAULT_TOKEN documentation and a note to VAULT_ADDR about https and the possible need for the VAULT_CACERT. * Fixing broken links and ordering lists * Fixing broken links. Changing pre-requisites to prerequisites. Co-authored-by: David Yu <dyu@hashicorp.com> Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com>
2022-04-07 18:16:24 +00:00
## Store the Secret in Vault
Update k8s docs for Vault as a Secrets Backend (#12691) * Updating k8s Vault as a Secrets Backend docs * Moving files in data-integration folder * Updating routes to moved files * Removing known limitations since we have delivered them. * Revise overview page to point towards the System Integration and Data Integration pages. * Updating Systems Overview page * Making corrections to Overview and Systems Integration page * Updating Data Integration page * Gossip page * Enterprise Licensepage * Bootstrap Token * Replication Token * Revisions to bootrap, replication, and enterprise license * snapshot agent page. revisiions to other data integration pages * Consul Service Mesh TLS Provider page * ServerTLS page * Spelling, grammar errors * Update website/content/docs/k8s/installation/vault/index.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/index.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/server-tls.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/connect-ca.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/gossip.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/snapshot-agent-config.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/bootstrap-token.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/connect-ca.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/enterprise-license.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/replication-token.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/replication-token.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Updating data center to datacenter * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * interim changes * more formatting changes * adding additional formatting changes * more formatting on systems integration page * remove TODO * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/index.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/index.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Adding partition token * removing dangling word * Adding missing navlink for partitions page * Adding VAULT_TOKEN documentation and a note to VAULT_ADDR about https and the possible need for the VAULT_CACERT. * Fixing broken links and ordering lists * Fixing broken links. Changing pre-requisites to prerequisites. Co-authored-by: David Yu <dyu@hashicorp.com> Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com>
2022-04-07 18:16:24 +00:00
First, generate and store the ACL replication token in Vault. You will only need to perform this action once:
Update k8s docs for Vault as a Secrets Backend (#12691) * Updating k8s Vault as a Secrets Backend docs * Moving files in data-integration folder * Updating routes to moved files * Removing known limitations since we have delivered them. * Revise overview page to point towards the System Integration and Data Integration pages. * Updating Systems Overview page * Making corrections to Overview and Systems Integration page * Updating Data Integration page * Gossip page * Enterprise Licensepage * Bootstrap Token * Replication Token * Revisions to bootrap, replication, and enterprise license * snapshot agent page. revisiions to other data integration pages * Consul Service Mesh TLS Provider page * ServerTLS page * Spelling, grammar errors * Update website/content/docs/k8s/installation/vault/index.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/index.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/server-tls.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/connect-ca.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/gossip.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/snapshot-agent-config.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/bootstrap-token.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/connect-ca.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/enterprise-license.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/replication-token.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/replication-token.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Updating data center to datacenter * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * interim changes * more formatting changes * adding additional formatting changes * more formatting on systems integration page * remove TODO * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/index.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/index.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Adding partition token * removing dangling word * Adding missing navlink for partitions page * Adding VAULT_TOKEN documentation and a note to VAULT_ADDR about https and the possible need for the VAULT_CACERT. * Fixing broken links and ordering lists * Fixing broken links. Changing pre-requisites to prerequisites. Co-authored-by: David Yu <dyu@hashicorp.com> Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com>
2022-04-07 18:16:24 +00:00
```shell-session
$ vault kv put secret/consul/replication-token token="$(uuidgen | tr '[:upper:]' '[:lower:]')"
Update k8s docs for Vault as a Secrets Backend (#12691) * Updating k8s Vault as a Secrets Backend docs * Moving files in data-integration folder * Updating routes to moved files * Removing known limitations since we have delivered them. * Revise overview page to point towards the System Integration and Data Integration pages. * Updating Systems Overview page * Making corrections to Overview and Systems Integration page * Updating Data Integration page * Gossip page * Enterprise Licensepage * Bootstrap Token * Replication Token * Revisions to bootrap, replication, and enterprise license * snapshot agent page. revisiions to other data integration pages * Consul Service Mesh TLS Provider page * ServerTLS page * Spelling, grammar errors * Update website/content/docs/k8s/installation/vault/index.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/index.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/server-tls.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/connect-ca.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/gossip.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/snapshot-agent-config.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/bootstrap-token.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/connect-ca.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/enterprise-license.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/replication-token.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/replication-token.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Updating data center to datacenter * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * interim changes * more formatting changes * adding additional formatting changes * more formatting on systems integration page * remove TODO * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/index.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/index.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Adding partition token * removing dangling word * Adding missing navlink for partitions page * Adding VAULT_TOKEN documentation and a note to VAULT_ADDR about https and the possible need for the VAULT_CACERT. * Fixing broken links and ordering lists * Fixing broken links. Changing pre-requisites to prerequisites. Co-authored-by: David Yu <dyu@hashicorp.com> Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com>
2022-04-07 18:16:24 +00:00
```
## Create Vault policy
Update k8s docs for Vault as a Secrets Backend (#12691) * Updating k8s Vault as a Secrets Backend docs * Moving files in data-integration folder * Updating routes to moved files * Removing known limitations since we have delivered them. * Revise overview page to point towards the System Integration and Data Integration pages. * Updating Systems Overview page * Making corrections to Overview and Systems Integration page * Updating Data Integration page * Gossip page * Enterprise Licensepage * Bootstrap Token * Replication Token * Revisions to bootrap, replication, and enterprise license * snapshot agent page. revisiions to other data integration pages * Consul Service Mesh TLS Provider page * ServerTLS page * Spelling, grammar errors * Update website/content/docs/k8s/installation/vault/index.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/index.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/server-tls.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/connect-ca.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/gossip.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/snapshot-agent-config.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/bootstrap-token.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/connect-ca.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/enterprise-license.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/replication-token.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/replication-token.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Updating data center to datacenter * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * interim changes * more formatting changes * adding additional formatting changes * more formatting on systems integration page * remove TODO * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/index.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/index.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Adding partition token * removing dangling word * Adding missing navlink for partitions page * Adding VAULT_TOKEN documentation and a note to VAULT_ADDR about https and the possible need for the VAULT_CACERT. * Fixing broken links and ordering lists * Fixing broken links. Changing pre-requisites to prerequisites. Co-authored-by: David Yu <dyu@hashicorp.com> Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com>
2022-04-07 18:16:24 +00:00
Next, you will need to create a policy that allows read access to this secret.
Update k8s docs for Vault as a Secrets Backend (#12691) * Updating k8s Vault as a Secrets Backend docs * Moving files in data-integration folder * Updating routes to moved files * Removing known limitations since we have delivered them. * Revise overview page to point towards the System Integration and Data Integration pages. * Updating Systems Overview page * Making corrections to Overview and Systems Integration page * Updating Data Integration page * Gossip page * Enterprise Licensepage * Bootstrap Token * Replication Token * Revisions to bootrap, replication, and enterprise license * snapshot agent page. revisiions to other data integration pages * Consul Service Mesh TLS Provider page * ServerTLS page * Spelling, grammar errors * Update website/content/docs/k8s/installation/vault/index.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/index.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/server-tls.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/connect-ca.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/gossip.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/snapshot-agent-config.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/bootstrap-token.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/connect-ca.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/enterprise-license.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/replication-token.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/replication-token.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Updating data center to datacenter * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * interim changes * more formatting changes * adding additional formatting changes * more formatting on systems integration page * remove TODO * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/index.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/index.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Adding partition token * removing dangling word * Adding missing navlink for partitions page * Adding VAULT_TOKEN documentation and a note to VAULT_ADDR about https and the possible need for the VAULT_CACERT. * Fixing broken links and ordering lists * Fixing broken links. Changing pre-requisites to prerequisites. Co-authored-by: David Yu <dyu@hashicorp.com> Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com>
2022-04-07 18:16:24 +00:00
The path to the secret referenced in the `path` resource is the same value that you will configure in the `global.acls.replicationToken.secretName` Helm configuration (refer to [Update Consul on Kubernetes Helm chart](#update-consul-on-kubernetes-helm-chart)).
Update k8s docs for Vault as a Secrets Backend (#12691) * Updating k8s Vault as a Secrets Backend docs * Moving files in data-integration folder * Updating routes to moved files * Removing known limitations since we have delivered them. * Revise overview page to point towards the System Integration and Data Integration pages. * Updating Systems Overview page * Making corrections to Overview and Systems Integration page * Updating Data Integration page * Gossip page * Enterprise Licensepage * Bootstrap Token * Replication Token * Revisions to bootrap, replication, and enterprise license * snapshot agent page. revisiions to other data integration pages * Consul Service Mesh TLS Provider page * ServerTLS page * Spelling, grammar errors * Update website/content/docs/k8s/installation/vault/index.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/index.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/server-tls.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/connect-ca.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/gossip.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/snapshot-agent-config.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/bootstrap-token.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/connect-ca.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/enterprise-license.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/replication-token.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/replication-token.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Updating data center to datacenter * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * interim changes * more formatting changes * adding additional formatting changes * more formatting on systems integration page * remove TODO * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/index.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/index.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Adding partition token * removing dangling word * Adding missing navlink for partitions page * Adding VAULT_TOKEN documentation and a note to VAULT_ADDR about https and the possible need for the VAULT_CACERT. * Fixing broken links and ordering lists * Fixing broken links. Changing pre-requisites to prerequisites. Co-authored-by: David Yu <dyu@hashicorp.com> Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com>
2022-04-07 18:16:24 +00:00
<CodeBlockConfig filename="replication-token-policy.hcl">
```HCL
path "secret/data/consul/replication-token" {
capabilities = ["read"]
}
```
</CodeBlockConfig>
Apply the Vault policy by issuing the `vault policy write` CLI command:
```shell-session
$ vault policy write replication-token-policy replication-token-policy.hcl
```
## Create Vault Authorization Roles for Consul
Update k8s docs for Vault as a Secrets Backend (#12691) * Updating k8s Vault as a Secrets Backend docs * Moving files in data-integration folder * Updating routes to moved files * Removing known limitations since we have delivered them. * Revise overview page to point towards the System Integration and Data Integration pages. * Updating Systems Overview page * Making corrections to Overview and Systems Integration page * Updating Data Integration page * Gossip page * Enterprise Licensepage * Bootstrap Token * Replication Token * Revisions to bootrap, replication, and enterprise license * snapshot agent page. revisiions to other data integration pages * Consul Service Mesh TLS Provider page * ServerTLS page * Spelling, grammar errors * Update website/content/docs/k8s/installation/vault/index.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/index.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/server-tls.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/connect-ca.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/gossip.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/snapshot-agent-config.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/bootstrap-token.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/connect-ca.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/enterprise-license.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/replication-token.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/replication-token.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Updating data center to datacenter * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * interim changes * more formatting changes * adding additional formatting changes * more formatting on systems integration page * remove TODO * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/index.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/index.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Adding partition token * removing dangling word * Adding missing navlink for partitions page * Adding VAULT_TOKEN documentation and a note to VAULT_ADDR about https and the possible need for the VAULT_CACERT. * Fixing broken links and ordering lists * Fixing broken links. Changing pre-requisites to prerequisites. Co-authored-by: David Yu <dyu@hashicorp.com> Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com>
2022-04-07 18:16:24 +00:00
Next, you will create Kubernetes auth roles for the Consul `server-acl-init` job:
```shell-session
$ vault write auth/kubernetes/role/consul-server-acl-init \
bound_service_account_names=<Consul server service account> \
bound_service_account_namespaces=<Consul installation namespace> \
policies=replication-token-policy \
ttl=1h
```
To find out the service account name of the Consul server,
you can run the following `helm template` command with your Consul on Kubernetes values file:
```shell-session
$ helm template --release-name ${RELEASE_NAME} -s templates/server-acl-init-serviceaccount.yaml hashicorp/consul
```
## Update Consul on Kubernetes Helm chart
Update k8s docs for Vault as a Secrets Backend (#12691) * Updating k8s Vault as a Secrets Backend docs * Moving files in data-integration folder * Updating routes to moved files * Removing known limitations since we have delivered them. * Revise overview page to point towards the System Integration and Data Integration pages. * Updating Systems Overview page * Making corrections to Overview and Systems Integration page * Updating Data Integration page * Gossip page * Enterprise Licensepage * Bootstrap Token * Replication Token * Revisions to bootrap, replication, and enterprise license * snapshot agent page. revisiions to other data integration pages * Consul Service Mesh TLS Provider page * ServerTLS page * Spelling, grammar errors * Update website/content/docs/k8s/installation/vault/index.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/index.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/server-tls.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/connect-ca.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/gossip.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/snapshot-agent-config.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/bootstrap-token.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/connect-ca.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/enterprise-license.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/replication-token.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/data-integration/replication-token.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Updating data center to datacenter * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * interim changes * more formatting changes * adding additional formatting changes * more formatting on systems integration page * remove TODO * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: David Yu <dyu@hashicorp.com> * Update website/content/docs/k8s/installation/vault/index.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/index.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Update website/content/docs/k8s/installation/vault/systems-integration.mdx Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com> * Adding partition token * removing dangling word * Adding missing navlink for partitions page * Adding VAULT_TOKEN documentation and a note to VAULT_ADDR about https and the possible need for the VAULT_CACERT. * Fixing broken links and ordering lists * Fixing broken links. Changing pre-requisites to prerequisites. Co-authored-by: David Yu <dyu@hashicorp.com> Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com>
2022-04-07 18:16:24 +00:00
Now that you have configured Vault, you can configure the Consul Helm chart to
use the ACL replication token key in Vault:
<CodeBlockConfig filename="values.yaml">
```yaml
global:
secretsBackend:
vault:
enabled: true
manageSystemACLsRole: consul-server-acl-init
acls:
replicationToken:
secretName: secret/data/consul/replication-token
secretKey: token
```
</CodeBlockConfig>
Note that `global.acls.replicationToken.secretName` is the path of the secret in Vault.
This should be the same path as the one you included in your Vault policy.
`global.acls.replicationToken.secretKey` is the key inside the secret data. This should be the same
as the key you passed when creating the ACL replication token secret in Vault.