Skip to content

CLI Setup & Access#

Vault Enterprise

Make sure and install vault-enterprise (instead of vault) otherwise you will not be able to login via SAML. To check if you have the enterprise binary installed, run vault version and look for Vault vX.XX.X+ent. If you have previously installed the open source vault binary, you may need to uninstall it or update your path to reference vault-enterprise. For example, brew will include the following error "Could not symlink bin/vault. Target /opt/homebrew/bin/vault is a symlink belonging to vault. You can unlink it: brew unlink vault"

Hashicorp Instructions

Windows#

Note

vault-enterprise is not available via choco or scoop (only vault open source)

  1. Download binary from https://releases.hashicorp.com/vault/. Click on the most recent version with +ent (i.e. vault_1.17.5+ent), and then choose vault_VERSION+ent_windows_amd64.zip for 64bit
  2. Extract the downloaded zip
  3. Add the location of the downloaded binary to your path or move the vault binary into an existing location in your path. This page contains instructions for setting the PATH on Windows.

Mac#

Homebrew#

To use Homebrew, you need to have the Command Line Tools (CLT) for Xcode installed. See these Homebrew instructions

Text Only
brew tap hashicorp/tap
brew install hashicorp/tap/vault-enterprise

Manual#

  1. Download binary from https://developer.hashicorp.com/vault/install
  2. Add the location of the downloaded binary to your path.

Linux#

Ubuntu/Debian#

Bash
wget -O- https://apt.releases.hashicorp.com/gpg | sudo gpg --dearmor -o /usr/share/keyrings/hashicorp-archive-keyring.gpg
echo "deb [signed-by=/usr/share/keyrings/hashicorp-archive-keyring.gpg] https://apt.releases.hashicorp.com $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/hashicorp.list
sudo apt update && sudo apt install vault-enterprise

RHEL#

Bash
sudo dnf install -y yum-utils
sudo yum-config-manager --add-repo https://rpm.releases.hashicorp.com/RHEL/hashicorp.repo
sudo dnf -y install vault-enterprise

CLI Login#

  1. Export the VAULT_ADDR environment variable

    • Windows: set VAULT_ADDR=https://hcp-vault-private-vault-fc507e0d.5d5b1f21.z1.hashicorp.cloud:8200
    • Linux/Mac: export VAULT_ADDR=https://hcp-vault-private-vault-fc507e0d.5d5b1f21.z1.hashicorp.cloud:8200

  2. Login to Vault

    Bash
    #EntraID via SAML
vault login -method=saml --namespace=admin

  3. Set your namespace

    Bash
    # Either export the VAULT_NAMESPACE environment variable
export VAULT_NAMESPACE=admin/CESI_UNIT

# Or add the namespace flag to Vault CLI commands
vault COMMAND -namespace=admin/CESI_UNIT