I have a special binary which implements custom logic of obtaining Vault token in clouds. It would be very nice to have an ability to sourcing Vault credentials (token) with an external process, like it's implemented in AWS CLI for seamless integration with custom binaries.
Possible Solution
Provide an ability to specify the credential_process option in the config, and if it's specified sourcing Vault token with an external process, e.g.
[global]
# Vault address
address = "http://127.0.0.1:8200"
# Process to retrieve vault token
credential_process = "get-vault-token -f credential-process"
Custom binary should produce the token in the following format (like in AWS CLI):
Problem
I have a special binary which implements custom logic of obtaining Vault token in clouds. It would be very nice to have an ability to sourcing Vault credentials (token) with an external process, like it's implemented in AWS CLI for seamless integration with custom binaries.
Possible Solution
Provide an ability to specify the
credential_process
option in the config, and if it's specified sourcing Vault token with an external process, e.g.Custom binary should produce the token in the following format (like in AWS CLI):
So, it's pretty straightforward to implement such a logic, but it opens ability to plenty of custom integrations.