mirror of
https://github.com/hashicorp/vault.git
synced 2025-08-23 15:41:07 +02:00
363557d045
* VAULT-19232 static secret capability manager so far * VAULT-19232 mostly finish renewal job logic * VAULT-19232 some clean up, tests, etc * VAULT-19232 integrate capability manager with proxy, add E2E test * VAULT-19232 boltdb stuff * VAULT-19232 finishing touches * VAULT-19232 typo * VAULT-19232 add capabilities index cachememdb tests * Remove erroneous "the" Co-authored-by: Kuba Wieczorek <kuba.wieczorek@hashicorp.com> --------- Co-authored-by: Kuba Wieczorek <kuba.wieczorek@hashicorp.com>
39 lines
567 B
HCL
39 lines
567 B
HCL
# Copyright (c) HashiCorp, Inc.
|
|
# SPDX-License-Identifier: BUSL-1.1
|
|
|
|
pid_file = "./pidfile"
|
|
|
|
auto_auth {
|
|
method {
|
|
type = "aws"
|
|
config = {
|
|
role = "foobar"
|
|
}
|
|
}
|
|
|
|
sink {
|
|
type = "file"
|
|
config = {
|
|
path = "/tmp/file-foo"
|
|
}
|
|
aad = "foobar"
|
|
dh_type = "curve25519"
|
|
dh_path = "/tmp/file-foo-dhpath"
|
|
}
|
|
}
|
|
|
|
cache {
|
|
cache_static_secrets = true
|
|
static_secret_token_capability_refresh_interval = "1h"
|
|
}
|
|
|
|
listener "tcp" {
|
|
address = "127.0.0.1:8300"
|
|
tls_disable = true
|
|
}
|
|
|
|
vault {
|
|
address = "http://127.0.0.1:1111"
|
|
tls_skip_verify = "true"
|
|
}
|