Hashicorp Vault – Install Client CLI and GUI

Hashicorp Vault has a variety of ways to access it. You can access it via a CLI client, via the rest API/CURL, and via a third party GUI client. This article will discuss how to set up the CLI and one of the 3rd party GUI’s available on Github.

Installing the Vault CLI Client

Vault has a client for a variety of platforms. Lets start by downloading the appropriate client for your platform from here:
https://www.vaultproject.io/downloads.html

OSX/MacOS:

The installation on OSX/MacOS is very easy. There are two steps:
Copy the downloaded bin file to the /usr/local/bin folder on your local machine.
Create a system variable called VAULT_ADDR and set the path to the vault server.

To create the system variable, follow this process:

  1. Open a terminal window
  2. type cd ~
  3. type vi .bash_profile
  4. Press i
  5. add the following: export VAULT_ADDR=https://myvaultserver.mydomain.com:8200
  6. Press Esc
  7. Type :wq
  8. Restart terminal

Now that you have added the system variable, you can call the vault binary by simply typing:
vault

Verify it is working by typing:
vault -h

This is the command to show the vault help.

Windows:

After the exe file is downloaded, you need top copy it to a location where it is part of the PATH system variable. You can either use an existing location, or you can copy it to a new folder, and then manually add that folder to your path variable.

My preferred method is to copy it to the C:\windows\system32 folder on your local machine

After you have placed the exe file in the appropriate location, you need to Create a system variable called VAULT_ADDR and set the path to the vault server. This system variable tells the vault.exe application where to go to connect to the vault server. You can create this system variable by doing the following:

  1. Open administrator command prompt
  2. setx VAULT_ADDR “https://myvaultserver.mydomain.com:8200”
  3. Restart Command Prompt

Installing GUI client

Hashicorp does not provide a GUI client with the free version of Vault. To get that, you need to purchase the enterprise version. However, third parties have created their own using the Vault API. My favorite GUI client can be downloaded here:
https://github.com/djenriquez/vault-ui/releases

There are a few different ways to install the above-referenced client.

Local Install:

This application is just a single exe file. Much like the original vault client. So to install the application, you just need to save the exe file to a convenient location, and then add a shortcut on your desktop, start menu, or dock, depending on the OS you are running.

Next step is to launch the application. The first time you launch the application, you need to select the appropriate Authentication method and input the path to your vault server. This is the same path that you used when configuring the CLI client above.

Docker Install

You can also install using a docker image. The docker images are generally more up to date than what you can find on the releases page on GitHub. The docker image can be found here:
https://hub.docker.com/r/djenriquez/vault-ui/

If you decide to go the docker route, you will access the vault GUI via a web browser. Given that you can access it via a web browser, this really gives you a third Client option which is a web client.

Keep in mind that the docker image does not run HTTPS by default. So you will need to either work out how to add HTTPS to the docker image. Or you can put it behind a load balancer, and have the load balancer handle the HTTPS termination for you.

Summary

Thank you for reading today. We have covered how to install the Vault CLI client, as well as how to install a GUI for Vault on your desktop computer.