How to use Vault confidential storage in Go?-Golang-php.cn

Home

Backend Development

Golang

How to use Vault confidential storage in Go?

PHPz

May 11, 2023 pm 03:16 PM

go languagevaultConfidential storage

In modern applications, the confidentiality of sensitive data is critical, such as API keys, database passwords, and more. To ensure security, this sensitive data must be stored in secure storage and accessible only to authorized users. Vault is an open source tool developed by HashiCorp. It has functions such as secure storage and dynamic access control, and is the best choice for storing sensitive information.

This article will discuss how to use Vault confidential storage in Go, access the Vault API, and leverage Vault to provide security and convenience to manage your application's sensitive information.

Installing Vault

First you need to install Vault and start the Vault server. You can go to the Vault official website to download the binary file suitable for your operating system. Before installation, confirm that backend storage such as Consul or etcd has been installed. Next, start the Vault application using the following command:

$ vault server -dev

This will start the Vault server and enable development/test mode. In development/test mode, the Vault server is stored in memory and unencrypted and is used for development testing purposes only. In a production environment, you need to start the Vault server and backend storage with a secure configuration.

Configuring Vault

Once the Vault server is started, we need to create a Vault configuration for storing sensitive information. First, a new secret engine needs to be created.

$ vault secrets enable -path=secret kv

This will create a secret engine named "secret" on the Vault server and set its type to "kv". You can use vault secrets list to view all secret engines on the Vault server.

Next, sensitive data needs to be stored in the Vault key storage space. In this example, we will store the signing key for JWT (JSON Web Token). Data can be stored into the Vault key storage space using the vault kv put command as follows:

$ vault kv put secret/jwt secretkey=shhhnotsosecret

The above command will store a key/value pair named "jwt" and Store the "shhhnotsosecret" value in the section using the "secretkey" key.

Using Vault in Go

Now that Vault has been configured, we need to use the Vault API in Go to read sensitive information.

First you need to install the Vault client API. The Vault client API can be installed using the following command.

$ go get github.com/hashicorp/vault/api

Next, you need to create a new Vault client. A Vault client can be created using the following command:

import (
    "github.com/hashicorp/vault/api"
)

config := api.DefaultConfig()
config.Address = "http://127.0.0.1:8200"
client, err := api.NewClient(config)

if err != nil {
    // handle error
}

The above code will create a new Vault client and configure it to communicate with the Vault server running on localhost.

Next, the key needs to be read from the Vault storage area. The key can be obtained from the Vault store using the following code:

secret, err := client.Logical().Read("secret/data/jwt")

if err != nil {
    // handle error
}

The above code will read the data from the key/value pair of the Vault JWT key. If the read is successful, a map[string]interface{} object containing the data is returned.

Finally, we can get the key from Vault's key store using the following code:

key := secret.Data["data"].(map[string]interface{})["secretkey"].(string)

The above code will get the signing password from the Vault JWT key.

Summary

Vault is an open source tool that has functions such as secure storage and dynamic access control. It is the best choice for storing sensitive information. Using Vault confidential storage in Go is very easy. You only need to install the Vault server, configure the Vault server and create a Vault client to manage sensitive data in Vault. In this way, you ensure that sensitive data is protected and only authorized users can access it.

The above is the detailed content of How to use Vault confidential storage in Go?. For more information, please follow other related articles on the PHP Chinese website!

Statement

The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn

Golang vs. Python: The Pros and ConsApr 21, 2025 am 12:17 AM

Golangisidealforbuildingscalablesystemsduetoitsefficiencyandconcurrency,whilePythonexcelsinquickscriptinganddataanalysisduetoitssimplicityandvastecosystem.Golang'sdesignencouragesclean,readablecodeanditsgoroutinesenableefficientconcurrentoperations,t

Golang and C : Concurrency vs. Raw SpeedApr 21, 2025 am 12:16 AM

Golang is better than C in concurrency, while C is better than Golang in raw speed. 1) Golang achieves efficient concurrency through goroutine and channel, which is suitable for handling a large number of concurrent tasks. 2)C Through compiler optimization and standard library, it provides high performance close to hardware, suitable for applications that require extreme optimization.

Why Use Golang? Benefits and Advantages ExplainedApr 21, 2025 am 12:15 AM

Reasons for choosing Golang include: 1) high concurrency performance, 2) static type system, 3) garbage collection mechanism, 4) rich standard libraries and ecosystems, which make it an ideal choice for developing efficient and reliable software.

Golang vs. C : Performance and Speed ComparisonApr 21, 2025 am 12:13 AM

Golang is suitable for rapid development and concurrent scenarios, and C is suitable for scenarios where extreme performance and low-level control are required. 1) Golang improves performance through garbage collection and concurrency mechanisms, and is suitable for high-concurrency Web service development. 2) C achieves the ultimate performance through manual memory management and compiler optimization, and is suitable for embedded system development.

Is Golang Faster Than C ? Exploring the LimitsApr 20, 2025 am 12:19 AM

Golang performs better in compilation time and concurrent processing, while C has more advantages in running speed and memory management. 1.Golang has fast compilation speed and is suitable for rapid development. 2.C runs fast and is suitable for performance-critical applications. 3. Golang is simple and efficient in concurrent processing, suitable for concurrent programming. 4.C Manual memory management provides higher performance, but increases development complexity.

Golang: From Web Services to System ProgrammingApr 20, 2025 am 12:18 AM

Golang's application in web services and system programming is mainly reflected in its simplicity, efficiency and concurrency. 1) In web services, Golang supports the creation of high-performance web applications and APIs through powerful HTTP libraries and concurrent processing capabilities. 2) In system programming, Golang uses features close to hardware and compatibility with C language to be suitable for operating system development and embedded systems.

Golang vs. C : Benchmarks and Real-World PerformanceApr 20, 2025 am 12:18 AM

Golang and C have their own advantages and disadvantages in performance comparison: 1. Golang is suitable for high concurrency and rapid development, but garbage collection may affect performance; 2.C provides higher performance and hardware control, but has high development complexity. When making a choice, you need to consider project requirements and team skills in a comprehensive way.

Golang vs. Python: A Comparative AnalysisApr 20, 2025 am 12:17 AM

Golang is suitable for high-performance and concurrent programming scenarios, while Python is suitable for rapid development and data processing. 1.Golang emphasizes simplicity and efficiency, and is suitable for back-end services and microservices. 2. Python is known for its concise syntax and rich libraries, suitable for data science and machine learning.

See all articles

Hot AI Tools

Undresser.AI Undress

AI-powered app for creating realistic nude photos

AI Clothes Remover

Online AI tool for removing clothes from photos.

Undress AI Tool

Undress images for free

Clothoff.io

AI clothes remover

Video Face Swap

Swap faces in any video effortlessly with our completely free AI face swap tool!

Hot Article

Assassin's Creed Shadows: Seashell Riddle Solution

3 weeks agoByDDD

What's New in Windows 11 KB5054979 & How to Fix Update Issues

2 weeks agoByDDD

Where to find the Crane Control Keycard in Atomfall

3 weeks agoByDDD

Roblox: Dead Rails - How To Complete Every Challenge

4 weeks agoByDDD

Atomfall guide: item locations, quest guides, and tips

4 weeks agoByDDD

Hot Tools

mPDF

mPDF is a PHP library that can generate PDF files from UTF-8 encoded HTML. The original author, Ian Back, wrote mPDF to output PDF files "on the fly" from his website and handle different languages. It is slower than original scripts like HTML2FPDF and produces larger files when using Unicode fonts, but supports CSS styles etc. and has a lot of enhancements. Supports almost all languages, including RTL (Arabic and Hebrew) and CJK (Chinese, Japanese and Korean). Supports nested block-level elements (such as P, DIV),