mirrors/vault
1
0
Fork 0
mirror of https://github.com/hashicorp/vault.git synced 2025-08-15 11:07:00 +02:00
Code Issues Projects Releases Wiki Activity
ad1b5dfcd6
vault/website/content/docs/agent-and-proxy/agent/caching/persistent-caches/index.mdx
Violet Hynes 1c9090b117
VAULT-19278 Static secret caching docs (#23621) 
* VAULT-19278 First draft of static secret caching docs

* VAULT-19278 Add warning to Agent docs, fix capitalization

* VAULT-19278 typos/formatting

* VAULT-19278 changelog

* VAULT-19278 update based on PR feedback

* VAULT-19278 review feedback

* VAULT-19278 Update based on review

* VAULT-19278 update based on PR feedback

* VAULT-19278 incorporate a lot of PR feedback

* VAULT-19278 Rest of the suggestions

* VAULT-19278 I missed a suggestion

* VAULT-19278 More updates

* VAULT-19278 add docs for disable dynamic secret caching

* VAULT-19278 update changelog

* VAULT-19278 update based on comments
2023-11-02 16:01:49 -04:00

47 lines
1.5 KiB
Plaintext
Raw Blame History

---
layout: docs
page_title: Vault Agent Persistent Caching
description: Vault Agent Caching
---
# Vault Agent persistent caching
Vault Agent can restore tokens and leases from a persistent cache file created
by a previous Vault Agent process. The persistent cache is a BoltDB file that
includes tuples encrypted by a generated encryption key. The encrypted tuples
include the Vault token used to retrieve secrets, leases for tokens/secrets, and
secret values.
-> **Note:** Vault Agent Persistent Caching will only restore _leased_
secrets. Secrets that are not renewable, such as KV v2, will not be persisted.
In order to use Vault Agent persistent cache, auto-auth must be used. If the
auto-auth token has expired by the time the cache is restored, the cache will
be invalidated and secrets will need to be re-fetched from Vault.
If Vault Agent templating is enabled alongside of the persistent cache, Vault
Agent will automatically route templating requests through the cache. This
ensures template requests are cached and restored properly.
-> **Note** Vault Agent persistent cache is currently supported only in a
Kubernetes environment.
## Vault agent persistent cache types
Please see the sidebar for available types and their usage/configuration.
## Persistent cache example configuration
Here is an example of a persistent cache configuration.
```hcl
# Other Vault agent configuration blocks
# ...
cache {
persist "kubernetes" {
path = "/vault/agent-cache"
}
}
```
Reference in New Issue View Git Blame Copy Permalink