search

Venafi / vcert

Go client SDK and command line utility designed to simplify integrations by automating key generation and certificate enrollment using Venafi machine identity services.
https://support.venafi.com/hc/en-us/articles/217991528
Apache License 2.0
88 stars 64 forks source link

TLSPC service account example playbook uses wrong credential parameter #525

Open vertigo-one opened 5 days ago

vertigo-one commented 5 days ago

PROBLEM SUMMARY https://github.com/Venafi/vcert/blob/master/examples/playbook/sample.tlspc.svc-account.yaml lists the incorrect playbook credential parameter for identifying the url to send the JWT to in order to authorize the service account.

TenantID should be tokenURL # STEPS TO REPRODUCE Navigate to https://github.com/Venafi/vcert/blob/master/examples/playbook/sample.tlspc.svc-account.yaml

EXPECTED RESULTS

credentials:
      tokenURL: https://api.venafi.cloud/v1/oauth2/v2.0/aaa-bbb-ccc/token # The URL used to obtain the access token, provided by Venafi Control Plane's service account page
      externalJWT: '{{ Env "TLSPC_EXTERNAL_JWT" }}' # JWT from Identity Provider as environment variable
      #externalJWT: 'file:/path/to/jwt' # JWT from Identity Provider as file

ACTUAL RESULTS

credentials:
      tenantId: '{{ Env "TLSPC_TENANT_ID" }}' # TLSPC tenant ID as environment variable
      externalJWT: '{{ Env "TLSPC_EXTERNAL_JWT" }}' # JWT from Identity Provider as environment variable
      #externalJWT: 'file:/path/to/jwt' # JWT from Identity Provider as file