Skip to main content
HashiCorp Vault AppRole

Securely manage secrets with HashiCorp Vault's AppRole in Torq—store and control access to sensitive data, ideal for automated workflows.

Updated over 6 months ago

HashiCorp Vault enables you to securely store and tightly control access to tokens, passwords, certificates, and encryption keys to protect secrets and other sensitive data. This integration uses the approle authentication method, which allows machines or apps to authenticate with Vault-defined roles.

Use this integration for external secret management. To authenticate workflow steps, use the HashiCorp Vault integration. Contact your support representative if you require HashiCorp Vault steps based on AppRole authentication.

Get your HashiCorp Vault AppRole credentials

Get the credentials from your HashiCorp Vault account. These instructions assume you have an active vault and cluster.

Vault URL

  1. Log into your HashiCorp account and select Vault.

    Select Vault
  2. Select a cluster.

    Select the cluster
  3. In the Cluster URLs section, copy the public URL.

    Copy the public cluster URL

Role ID and Secret ID

For the complete instructions and list of options available for each command, refer to the HashiCorp documentation.

  • Get the role ID:

vault read auth/approle/role//role-id
  • Generate a secret ID for the role:

vault write -force -auth/approle/role//secret-id secret_id_num_uses=0 secret_id_ttl=0

Ensure the secret ID you create for the role is long-lasting by setting the secret_id_num_uses and secret_id_ttl parameters to 0. If the secret ID expires, you'll have to create a new integration.

Create a HashiCorp Vault AppRole integration in Torq

  1. Go to the Integrations page.

  2. Select Secret Management > HashiCorp Vault AppRole. Click Add.

  3. Enter a meaningful name for the integration and the HashiCorp credentials you copied in the previous steps. Provide the namespace you use to retrieve secrets in the Namespace field (get this information from your HashiCorp account admin).

  4. Use this integration as a secret store for my account checkbox if you wish to use the integration for external secret management.

    Create a HashiCorp Vault AppRole integration in Torq

Did this answer your question?