HashiCorp Vault operations

v0.1.3

Vault status, seal state, auth/audit/secret backends, mount listing, token & lease introspection, plus operator surface for incident response: revoke lease, revoke leases by prefix, operator step-down, emergency seal. Auth via VAULT_ADDR + VAULT_TOKEN on the runner host. Does NOT include unseal — that requires quorum and shouldn't be automated through a runner.

Pack ID

vault

Vendor

emisar

linux

Actions

Required binaries: vault. Actions that call a missing binary fail at run time — install these on the host before relying on the pack.

Install

emisar pack install validates the pack and verifies its content hash before copying it into /etc/emisar/packs. The --hash below pins the install to the exact bytes on this page — a tampered copy is rejected. After install, reload the runner; it re-reads the catalog and advertises every action.

content hash: sha256:d044f811694a1848761afe8a9ed5544ad48b2a0e830acc9914703bc514fd771b

on the runner host

sudo emisar pack install vault \
  --hash sha256:d044f811694a1848761afe8a9ed5544ad48b2a0e830acc9914703bc514fd771b \
  --dest /etc/emisar/packs

# Reload so the runner re-reads the catalog:
sudo systemctl reload emisar

Actions 14 total

View on GitHub

vault.cubbyhole_list exec low

vault list cubbyhole
vault.lease_revoke_prefix exec high

vault lease revoke -prefix <prefix>
vault.leases_count exec low

vault list sys/leases/lookup/<prefix>
vault.list_audit exec low

vault audit list
vault.list_auth exec low

vault auth list
vault.list_mounts exec low

vault secrets list
vault.list_policies exec low

vault policy list
vault.operator_seal exec critical

vault operator seal
vault.operator_step_down exec critical

vault operator step-down
vault.read_policy exec low

vault policy read <name>
vault.revoke_lease exec high

vault lease revoke <id>
vault.seal_status exec low

vault operator seal-status
vault.status exec low

vault status
vault.token_lookup_self exec low

vault token lookup

← Back to registry

Pack reference Publish your own →