steve-perkins
commented
5 years ago Awesome, thanks @adammead!
Closed adammead closed 5 years ago
steve-perkins
commented
5 years ago Awesome, thanks @adammead!
In order to re-authenticate with Vault via AWS, the nonce from the original authentication request needs to be used. The nonce value was not included in AuthResponse; I added it so it can be retrieved to be used in future authentication requests.
Per the vault documentation, this is the response from AWS authentication:
{ "auth": { "renewable": true, "lease_duration": 72000, "metadata": { "role_tag_max_ttl": "0s", "role": "ami-f083709d", "region": "us-east-1", "nonce": "5defbf9e-a8f9-3063-bdfc-54b7a42a1f95", "instance_id": "i-a832f734", "ami_id": "ami-f083709d" }, "policies": [ "default", "dev", "prod" ], "accessor": "5cd96cd1-58b7-2904-5519-75ddf957ec06", "client_token": "150fc858-2402-49c9-56a5-f4b57f2c8ff1" }, "warnings": null, "wrap_info": null, "data": null, "lease_duration": 0, "renewable": false, "lease_id": "", "request_id": "d7d50c06-56b8-37f4-606c-ccdc87a1ee4c" }