logo
Free, unlimited AI code reviews that run on commit
git-lrc git-lrc GitHub Install Now We'd appreciate a star git-lrc - Free, unlimited AI code reviews that run on commit | Product Hunt git-lrc - Free, unlimited AI code reviews that run on commit | Product Hunt

vault-mcp-gateway

A structured interface enabling LLMs and other clients to securely interact with HashiCorp Vault for configuration secrets and access control rule management. Supports lifecycle operations, enumeration of stored assets, and programmatic rule compilation.

Author

vault-mcp-gateway logo

ashgw

MIT License

Quick Info

GitHub GitHub Stars 4
NPM Weekly Downloads 0
Tools 1
Last Updated 2026-02-19

Tags

vaulthashicorpcloudhashicorp vaultashgw vaultvault mcp

HashiCorp Vault MCP Service Endpoint

This document details the Model Context Protocol (MCP) server implementation designed to furnish a secure conduit to HashiCorp Vault, facilitating interaction with its core secret storage and access control policy mechanisms by AI agents and other compatible clients.

Overview

This gateway empowers an AI agent to execute the following actions via directed natural language requests:

  • Secure retrieval and modification of sensitive credentials via a formalized API structure.
  • Creation and maintenance of Vault access policies.
  • Discovery and cataloging of existing Vault resources.
  • Automated derivation of access policies based on required permissions.

Deployment Instructions

Deployment methods vary based on the intended operational environment.

Preferred Method: Cursor Integration

Incorporate the following configuration snippet into your Cursor MCP settings file:

{ "mcpServers": { "Vault MCP": { "command": "docker", "args": [ "run", "-i", "--rm", "-e", "VAULT_ADDR=https://your-vault-server:8200", "-e", "VAULT_TOKEN=hvs.your-vault-token", "ashgw/vault-mcp:latest" ] } } }

For environments requiring build determinism, substitute :latest with a specific image digest (e.g., 20250413-165732). A full manifest of available versions is accessible on Docker Hub.

Once configured, natural language instructions like the one below will be automatically processed by Cursor:

"Fetch the credential stored at path apps/myapp/config within Vault."

Verify successful integration; a positive status indicator (typically green) confirms connectivity.

Connectivity Status Indicator


Alternative: Standalone Docker Execution

Execute the Vault MCP service directly using Docker:

bash docker run -d \ --name vault-mcp-service \ -e VAULT_ADDR=https://your-vault-server:8200 \ -e VAULT_TOKEN=hvs.your-vault-token \ -p 3000:3000 \ ashgw/vault-mcp

This command leverages the publicly available image located at ashgw/vault-mcp.


Source Code Compilation

To construct the binary locally:

  1. Clone the source repository and navigate into the root directory.
  2. Build the image using:

docker build -t vault-mcp-local .

  1. Launch the locally built container:

docker run --rm -e VAULT_ADDR=localhost:8200 -e VAULT_TOKEN=hsv.yourtoken vault-mcp-local

Operational Environment Variables

The service mandates the following parameters for initialization:

  • VAULT_ADDR: The Uniform Resource Locator (URL) pointing to the HashiCorp Vault instance.
  • VAULT_TOKEN: An authentication token possessing requisite read/write access privileges.
  • MCP_PORT: Configurable listener port; defaults to 3000. This setting is ignored when integrated directly within Cursor.

Functionality Breakdown

Credential Manipulation Interface

secret_create

Registers a new credential or overwrites an existing one at the specified location.

ts await tool("secret_create", { path: "apps/myapp/config", data: { apiKey: "secret-key-123", environment: "production", }, });

secret_read

Fetches the data payload associated with a given secret path.

ts await tool("secret_read", { path: "apps/myapp/config", });

secret_delete

Performs a logical deletion of the secret (equivalent to versioned deletion for KV v2 storage engines).

ts await tool("secret_delete", { path: "apps/myapp/config", });


Access Control Rule Administration

policy_create

Provisions a new Vault access policy based on provided structure and permissions.

ts await tool("policy_create", { name: "app-readonly", policy: path "secret/data/apps/myapp/*" { capabilities = ["read", "list"] }, });


Resource Enumerators

vault://secrets

Returns a catalog of all accessible secret mount paths within the Key/Value storage backend.

{ "keys": ["apps/", "databases/", "certificates/"] }

vault://policies

Lists all defined access policies currently active in the Vault installation.

{ "policies": ["default", "app-readonly", "admin"] }


Prompt Augmentation Tools

generate_policy

Constructs a Vault policy definition dynamically from specified file paths and allowed operations.

ts await prompt("generate_policy", { path: "secret/data/apps/*", capabilities: "read,list", });

Output Schema:

{ "path": { "secret/data/apps/*": { "capabilities": ["read", "list"] } } }


Licensing

Licensed under the MIT License.

WIKIPEDIA: Cloud computing is defined by the International Organization for Standardization (ISO) as "a paradigm for enabling network access to a scalable and elastic pool of shareable physical or virtual resources with self-service provisioning and administration on-demand." This concept is generally referred to as "the cloud."

== Defining Attributes ==

In 2011, the United States National Institute of Standards and Technology (NIST) codified five critical attributes integral to cloud service delivery. These definitive specifications are:

On-demand self-service: Consumers possess the autonomy to unilaterally provision computational capacity (e.g., processing time, network storage) as required, without necessitating direct human intervention from the service provider for each instance. Broad network access: Services are universally accessible via the network, utilizing standard protocols that permit utilization across diverse client types (ranging from mobile devices to workstations). Resource pooling: The provider aggregates its infrastructure resources to serve multiple consumers concurrently under a multi-tenant architecture, dynamically allocating and reallocating virtual and physical assets based on fluctuating demand. Rapid elasticity: Capabilities can be instantaneously scaled both up (outward) and down (inward) to meet rapidly changing demand profiles, often automatically. From the user's perspective, capacity availability appears virtually limitless at any given moment. Measured service: Resource utilization is automatically tracked and optimized through metering functions integrated at an appropriate service abstraction layer (covering aspects like throughput, storage volume, or active user counts). This metering provides transparent reporting for both the provisioning entity and the consuming party. By 2023, the ISO extended and refined this foundational list.

== Historical Precursors ==

The intellectual roots of cloud computing trace back to the 1960s, driven by the proliferation of time-sharing systems facilitated by Remote Job Entry (RJE). Mainframe utilization during this period typically involved users submitting batch jobs to dedicated operators. The objective was to maximize infrastructure utility and democratize access to substantial computational power through time-sharing concepts, thereby enhancing efficiency for end-users across infrastructure, platform, and application layers. The specific graphical representation of a network service as a "cloud" was first employed in 1994 by General Magic to depict the domain accessible by its Telescript mobile agents. This metaphor is attributed to David Hoffman, a communications specialist at General Magic, drawing upon its existing use in telecommunications. The term "cloud computing" gained significant traction in 1996 when Compaq Computer Corporation documented a business strategy centered on the Internet and future computational models. The company aimed to fundamentally change how computing resources were consumed.

See Also

`