Re: is there pgadmin interface with Hashicorp Vault or command line interface to use master password and update password repository

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]


Em qui., 15 de jun. de 2023 às 16:12, OracleDba OracleDba <paul.gilbert.healy@xxxxxxxxx> escreveu:
all our postgres passwords are secured within a Hashicorp Vault.
Postgres passwords currency cycle every 45 days 
Later this year DBA team will change that to Hourly.

it is easy enough to build a command line interface to retrieve a password from the vault
and it is easy enough to pipe that into a psql session

what I would like to do is either use a command line interface wherein
I use the PGADMIN master password and perform maintenance on a password of a server
OR have pgadmin use Hashicorp's api to pull password directly from vault.

what are my options?

I'm not a pgadmin fan and don't use it but I think it respects the env vars so PGPASSWORD would be an option as I do for psql here.
So you can try something like, in the same command like :
PGPASSWORD=`vault read your_secret_path_or_plugin` pgadmin
Or do some bash mastery on your .bashrc to read the secret from vault every time you open your terminal.


[Index of Archives]     [Postgresql Home]     [Postgresql General]     [Postgresql Performance]     [Postgresql PHP]     [Postgresql Jobs]     [PHP Users]     [PHP Databases]     [PHP Home]     [PHP on Windows]     [Kernel Newbies]     [PHP Classes]     [PHP Databases]     [Yosemite Forum]

  Powered by Linux