Skip to main content

HashiCorp Vault operations

v0.1.5

Vault status, seal state, auth/audit/secret backends, mount listing, token & lease introspection, plus operator surface for incident response: revoke lease, revoke leases by prefix, operator step-down, emergency seal. Auth via VAULT_ADDR + VAULT_TOKEN on the runner host. Does NOT include unseal — that requires quorum and shouldn't be automated through a runner.

10 allowed by default 2 need approval 2 denied by default
Pack ID
vault
Vendor
emisar
OS
linux
Actions
14
Required binaries. Install these on the host before relying on the pack — an action that calls a missing one fails at run time.
vault

Install

emisar pack install validates the pack and verifies its content hash before copying it into /etc/emisar/packs. The --hash below pins the install to the exact bytes on this page — a tampered copy is rejected. After install, reload the runner; it re-reads the catalog and advertises every action.

content hash: sha256:601457f5da82ce6a399d65d2df39b94dfaaab42ee05dbcd303f63e8d8a66f2c3

on the runner host
sudo emisar pack install vault \
  --hash sha256:601457f5da82ce6a399d65d2df39b94dfaaab42ee05dbcd303f63e8d8a66f2c3 \
  --dest /etc/emisar/packs

# Reload so the runner re-reads the catalog:
sudo systemctl reload emisar

Actions 14 total

View on GitHub