Limiting CLI access to specific vaults?
Hello,
I really like the idea of the 1Password CLI. I'm a developer and being able to programmatically access passwords for servers, etc, is exactly what I want. Its something that Hashicorp Vault is responsible for at work, but I definitely don't want to run Vault at home.
However, my 1Password has everything in it, as it should. I don't want the 1Password CLI to have access to everything. Especially if I look to use things like the Ansible integration. I trust Ansible with keys to infrastructure, etc, but my personal 1Password vault has credentials to access bank accounts, pension, government websites, email. I will also never need those credentials in the CLI.
I have a really nice separation with a second vault for developer/homelab credentials. Being able to limit 1Password CLI access to a specific vault would make me feel significantly more comfortable using it.
At the moment I'm considering running the 1Password Connect server as that can be given reduced access, but it seems like a big overhead.
1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Windows 10
Browser:_ Edge