{"id":22220859,"url":"https://github.com/nokia/vault_keystone_plugin","last_synced_at":"2026-03-01T20:34:51.471Z","repository":{"id":57565685,"uuid":"101071724","full_name":"nokia/vault_keystone_plugin","owner":"nokia","description":"A Keystone secret plugin for Vault (https://www.vaultproject.io/)","archived":false,"fork":false,"pushed_at":"2020-08-13T02:58:15.000Z","size":58,"stargazers_count":16,"open_issues_count":10,"forks_count":7,"subscribers_count":16,"default_branch":"master","last_synced_at":"2025-07-27T15:55:05.239Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"bsd-3-clause","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/nokia.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2017-08-22T14:26:48.000Z","updated_at":"2023-10-23T19:24:05.000Z","dependencies_parsed_at":"2022-09-03T11:21:20.249Z","dependency_job_id":null,"html_url":"https://github.com/nokia/vault_keystone_plugin","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/nokia/vault_keystone_plugin","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nokia%2Fvault_keystone_plugin","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nokia%2Fvault_keystone_plugin/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nokia%2Fvault_keystone_plugin/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nokia%2Fvault_keystone_plugin/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/nokia","download_url":"https://codeload.github.com/nokia/vault_keystone_plugin/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nokia%2Fvault_keystone_plugin/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":29983223,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-03-01T16:35:47.903Z","status":"ssl_error","status_checked_at":"2026-03-01T16:35:44.899Z","response_time":124,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-12-02T23:10:40.173Z","updated_at":"2026-03-01T20:34:51.436Z","avatar_url":"https://github.com/nokia.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Openstack Keystone plugin\n\nThis is a standalone backend plugin for use with [Hashicorp Vault](https://www.github.com/hashicorp/vault). This plugin provides the functionality to generate users in Openstack Keystone.\n\n\n\n## Getting Started\n\nThis is a [Vault plugin](https://www.vaultproject.io/docs/internals/plugins.html)\nand is meant to work with Vault. This guide assumes you have already installed Vault\nand have a basic understanding of how Vault works.\n\nOtherwise, first read this guide on how to [get started with Vault](https://www.vaultproject.io/intro/getting-started/install.html).\n\nTo learn specifically about how plugins work, see documentation on [Vault plugins](https://www.vaultproject.io/docs/internals/plugins.html).\n\n### Build\n- manually\n```shell\ngo get github.com/parnurzeal/gorequest\ngo get github.com/hashicorp/vault/plugins\ngo get github.com/hashicorp/go-plugin\ngo get github.com/fatih/structs\ngo get github.com/google/gofuzz\ngo build -o vault_keystone_plugin .\n```\n\n- using build.sh\n```shell\n$ ./build.sh\n```\nPlugin binary will be builded in `bin` directory\n\n### Installation\n\n##### Build the plugin.\n\nPut the plugin binary into a location of your choice. This directory\nwill be specified as the [`plugin_directory`](https://www.vaultproject.io/docs/configuration/index.html#plugin_directory)\nin the Vault config used to start the server.\n\n```json\n{\n  ...\n  \"plugin_directory\" : \"path/to/plugin/directory\"\n  ...\n}\n```\n\nStart a Vault server with this config file:\n```shell\n$ vault server -config=path/to/config.json ...\n```\n##### Adding plugin to Vault\n- CLI\n```shell\n$ sha256sum vault_keystone_plugin\n$ vault write sys/plugins/catalog/vault_keystone_plugin sha_256=\"\u003cSHA from the previous step\u003e\" command=\"keystone\"\n$ vault mount -path=keystone -plugin-name=vault_keystone_plugin plugin\n```\n- API\n```shell\n$ curl -X PUT VAULT_URL/sys/plugins/catalog/keystone -d '{\"sha_256\" : \"\u003cSHA_256\u003e\", \"command\" : \"keystone\"}' \\\n-H 'content-type: application/json' -H \"x-vault-token : \u003cVAULT_TOKEN\u003e\"\n$ curl -X POST VAULT_URL/sys/mounts/keystone \\\n-d '{\"type\": \"plugin\",\"plugin_name\" : \"keystone\",\"config\": {\"default_lease_ttl\": 0,\"max_lease_ttl\": 0,\"force_no_cache\": false}}' \\\n-H 'content-type: application/json' -H \"x-vault-token : \u003cVAULT_TOKEN\u003e\"\n$ curl -X POST VAULT_URL/keystone/config/connection \\\n-d '{\"connection_url\" : \"\u003cKEYSTONE_HOST:KEYSTONE_PORT\", \"admin_auth_token\" : \"\u003cAUTH_TOKEN\u003e\"}' \\\n  -H 'content-type: application/json' -H \"x-vault-token : \u003cVAULT_TOKEN\u003e\"\n```\n\n## Routes\n\n##### keystone/config/connection\n\nCLI write / API POST - set connection configuration\n\nParameters:\n-  `connection_url` : URL of your Keystone instance, formatted like `keystone_host:port`\n-  `admin_auth_token` : admin user token\n\n#### keystone/users/*{user}*\n\n- CLI write / API POST - register new user\n- CLI read / API GET - save new user\n\nParameters:\n-  `name`\n-  `default_project_id` (_optional_)\n-  `domain_id` (_optional_)\n-  `enabled` (_optional_)\n-  `password` (_optional_)\n\n#### keystone/users/*{user}*/credentials/OS-EC2\n\nCLI write / API POST - generate new EC2-style credentials\n\nParameters:\n-  `user_id`\n-  `tenant_id`\n\n#### keystone/groups\n\nCLI write / API POST\nCLI read / API GET - generate new group\n\nParameters:\n-  `name`\n-  `description` (_optional_)\n-  `domain_id` (_optional_)\n\n#### keystone/projects\n\n- CLI write / API POST\n- CLI read / API GET - generate new project\n\nParameters:\n-  `name`\n-  `is_domain` (_optional_)\n-  `description` (_optional_)\n-  `domain_id` (_optional_)\n-  `enabled` (_optional_)\n-  `parent_id` (_optional_)\n\n#### keystone/domains\n\nCLI write / API POST\nCLI read / API GET - generate new domain\n\nParameters:\n-  `name`\n-  `description` (_optional_)\n-  `enabled` (_optional_)\n\n#### keystone/roles\n\nCLI write / API POST\nCLI read / API GET - generate new role\n\nParameters:\n-  `name`\n-  `domain_id` (_optional_)\n\n#### keystone/roles/*{role}*/groups/*{group}*/domains/*{domain}* action=\"grant\"\n\nCLI write / API POST - Assign role to group on domain\n\nParameters:\n-  `domain_id`\n-  `group_id`\n-  `role_id`\n\n#### keystone/roles/*{role}*/users/*{user}*/domains/*{domain}* action=\"grant\"\n\nCLI write / API POST - Assign role to user on domain\n\nParameters:\n-  `domain_id`\n-  `user_id`\n-  `role_id`\n\n#### keystone/roles/*{role}*/groups/*{group}*/projects/*{project}* action=\"grant\"\n\nCLI write / API POST - Assign role to group on project\n\nParameters:\n-  `project_id`\n-  `group_id`\n-  `role_id`\n\n#### keystone/roles/*{role}*/users/*{user}*/projects/*{project}* action=\"grant\"\n\nCLI write / API POST - Assign role to user on project\n\nParameters:\n-  `project_id`\n-  `user_id`\n-  `role_id`\n\n###### TODO:\n\n- Groups\n- Policies\n\n\n## License\n\nThis project is licensed under the BSD-3-Clause license - see the [LICENSE](https://github.com/nokia/vault_keystone_plugin/blob/master/LICENSE).","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnokia%2Fvault_keystone_plugin","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fnokia%2Fvault_keystone_plugin","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnokia%2Fvault_keystone_plugin/lists"}