Added support Hashicorp-Vault
* Added Vault plugin definitions.
Change-Id: Ib37e7cf01bb76dff8905a1d14fb0b3880ed03f5f
Related-Prod: PROD-29576
(cherry picked from commit 9c548ab1f4a467ec48378144c00fc91ed951d8b4)
diff --git a/README.rst b/README.rst
index 0557f46..3a1e1d0 100644
--- a/README.rst
+++ b/README.rst
@@ -302,6 +302,35 @@
mkek_length: 32
hmac_label: 'my_hmac_label'
+VAULT
+
+.. code block:: yaml
+
+ barbican:
+ server:
+ plugin:
+ vault:
+ schema: http
+ host: localhost
+ port: 8200
+ root_token_id: s.hpamtsbW5vcHFyc3R1dnd4eXo
+ approle_role_id: role_id
+ approle_secret_id: secret_id
+ kv_mountpoint: secret
+
+Vault supports secure connection. You able to define following fields for use security connection,
+also you should place file of certificate or define cert content in cacert field, in the last case
+`ssl_ca_crt_file` field required to define.
+
+.. code block:: yaml
+
+ barbican:
+ server:
+ plugin:
+ vault:
+ schema: https
+ ssl_ca_crt_file: '/etc/barbican/ssl/vault/CA.crt'
+ cacert: (certificate content)
Software Only Crypto
@@ -352,6 +381,14 @@
simple_cmc_profile: 'caOtherCert'
ca_expiration_time: 1
plugin_working_dir: '/etc/barbican/dogtag'
+ vault:
+ schema: http
+ host: localhost
+ port: 8200
+ root_token_id: s.hpamtsbW5vcHFyc3R1dnd4eXo
+ approle_role_id: role_id
+ approle_secret_id: secret_id
+ kv_mountpoint: secret
store:
software:
crypto_plugin: simple_crypto