Simple script to copy secrets from one Hashicorp Vault instance to another.

Origin

# dump-read
path "secret/*" {
  capabilities = ["read", "list"]
}

vault token create -policy=dump-read -period=30m

# dump-create
path "secret/*" {
  capabilities = ["create", "update"]
}

vault token create -policy=dump-create -period=30m