Skip to content
/ vault-user-token Public

This project is intended to constantly renew a Vault token derived from a role id

License

Apache-2.0 license
1 star 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

Luzifer/vault-user-token

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

18 Commits
.github/workflows
.github/workflows
 
 
CONTRIBUTING.md
CONTRIBUTING.md
 
 
History.md
History.md
 
 
LICENSE
LICENSE
 
 
Makefile
Makefile
 
 
README.md
README.md
 
 
go.mod
go.mod
 
 
go.sum
go.sum
 
 
main.go
main.go
 
 

Repository files navigation

Luzifer / vault-user-token

This project is intended to constantly renew a Vault token derived from a role id.

That way the machine only contains a temporary token expiring after a short while if the program is no longer running. So if a machine is lost (physically) the corresponding secret can be revoked and the machine will no longer be able to access the vault instance.

As secret multiple strings are possible:

  • Full Hostname (--full-hostname=true)
  • Short Hostname (--full-hostname=false)
  • Secret from disk (~/.config/vault-user-token.secret, file must have 0o400 or 0o600 permission, content is stripped for whitespaces)

About

This project is intended to constantly renew a Vault token derived from a role id

Topics

security vault

Resources

Readme

License

Apache-2.0 license
Activity

Stars

1 star

Watchers

3 watching

Forks

0 forks
Report repository

Releases 4

v0.5.1 Latest
Apr 19, 2024
+ 3 releases

Sponsor this project

  •  
Learn more about GitHub Sponsors

Packages

No packages published

Languages