boundary credential-libraries create
credential-libraries create command lets you create a credential library resource in Boundary.
The following example creates a credential library for database credentials where Vault's database secrets engine provides dynamic credentials:
$ boundary credential-libraries create vault-generic \ -credential-store-id csvlt_5fvkRjCjou \ -vault-path "database/creds/dba" \ -name "northwind dba"
Credential Library information: Created Time: Wed, 28 Sep 2022 08:50:32 MDT Credential Store ID: csvlt_Xqa6V6QwfM ID: clvlt_Ex17uiP7FO Name: northwind dba Type: vault Updated Time: Wed, 28 Sep 2022 08:50:32 MDT Version: 1 Scope: ID: p_EZaXO0OZPX Name: db-project Parent Scope ID: o_R1QFYcO743 Type: project Authorized Actions: no-op read update delete Attributes: HTTP Method: GET Path: database/creds/dba
$ boundary credential-libraries create [type] [sub command] [options] [args]
(string: "")- The credential store resource to use for the operation. You can also specify the credential store using the BOUNDARY_CREDENTIAL_STORE_ID environment variable.
(string: "")- A description of the credential library.
(string: "")- The name of the credential library.
The available types are
A credential library type,
vault is deprecated, so use
vault-generic type instead.
credential-libraries create vault-generic command lets you create a generic Vault credential library.
The following example creates a generic Vault credential library using a credential store with the ID
$ boundary credential-libraries create vault-generic \ -credential-store-id csvlt_1234567890 \ -vault-path "database/creds/dba"
$ boundary credential-libraries create vault-generic [options] [args]
The following are specific Vault credential library options in addition to the command options:
-credential-mapping-override- An override for credential mapping.
(string: "")- The type of credential this library issues. The default value is
(string: "")- The HTTP method the library should use when it communicates with Vault.
(string: "")- The HTTP request body the credential library uses to communicate with Vault. This value can be the HTTP request body value itself, it can refer to a file on disk (
file://) from which the value is read, or it can refer to an environment variable (
env://) from which the value is read.
(string: "")- The path in Vault to request credentials from.