search

Autodesk / aomi

Provide secrets to build and release pipelines in a self service way using Hashicorp Vault.
https://autodesk.github.io/aomi/
MIT License
32 stars 13 forks source link

Support Token Credential Backend Roles management #133

Closed skovorodkin closed 7 years ago

skovorodkin commented 7 years ago

Vault 0.5.2 introduced Token Credential Backend Roles:

Roles can now be created in the token credential backend that allow modifying token behavior in ways that are not otherwise exposed or easily delegated. This allows creating tokens with a fixed set (or subset) of policies (rather than a subset of the calling token's), periodic tokens with a fixed TTL but no expiration, specified prefixes, and orphans.

Docs are here https://www.vaultproject.io/docs/auth/token.html#auth-token-roles-role_name-

otakup0pe commented 7 years ago

We would welcome a PR for this functionality, although it is not on our near term roadmap.

skovorodkin commented 7 years ago

I considered Token Roles, but decided to use AppRoles after all, so I don't need Token Roles anymore. Should we close this issue then?

mjuarez commented 7 years ago

Token roles appear to be one of the recommended ways of Vault integration with Nomad: https://www.nomadproject.io/docs/vault-integration/index.html