CloudQuery vault Source Plugin

Shipping HashiCorp/Vault Audit Logs to CloudQuery PostgreSQL

A vault source plugin for CloudQuery that loads data from vault to any database, data warehouse or data lake supported by CloudQuery, such as PostgreSQL, BigQuery, Athena, and many more.

How it works ?

It Gets Hashicorp/Vault Audit data from its local file (as audit file device) and Transforms it into any supported Destination (Postgres, SQLite, ES ...etc)

It then truncates the content of that local file in order to keep it away from getting fully utilized

It can be executed using the below commands:

go build -o cq-source-CloudQuery-Vault main.go
cloudquery sync config.yaml

Check the database

sqlite ./sqlite.sql
.schema # Returns information related to the schema in SQLite
select * from vault;

Links

• CloudQuery Quickstart Guide
• Supported Tables

Configuration

The following source configuration file will sync to a PostgreSQL database. See the CloudQuery Quickstart for more information on how to configure the source and destination.

kind: source
spec:
  name: "vault"
  path: "alyragab/vault"
  version: "${VERSION}"
  destinations:
    - "postgresql"
  spec:
    # plugin spec section

Development

Run tests

make test

Run linter

make lint

Release a new version

1. Run git tag v1.0.0 to create a new tag for the release (replace v1.0.0 with the new version number)
2. Run git push origin v1.0.0 to push the tag to GitHub

Once the tag is pushed, a new GitHub Actions workflow will be triggered to build the release binaries and create the new release on GitHub. To customize the release notes, see the Go releaser changelog configuration docs.