mirror of
https://github.com/hashicorp/vault.git
synced 2025-08-25 16:41:08 +02:00
0660ea6fac
* Update README Let contributors know that docs will now be located in UDR * Add comments to each mdx doc Comment has been added to all mdx docs that are not partials * chore: added changelog changelog check failure * wip: removed changelog * Fix content errors * Doc spacing * Update website/content/docs/deploy/kubernetes/vso/helm.mdx Co-authored-by: Tu Nguyen <im2nguyen@users.noreply.github.com> --------- Co-authored-by: jonathanfrappier <92055993+jonathanfrappier@users.noreply.github.com> Co-authored-by: Tu Nguyen <im2nguyen@users.noreply.github.com>
44 lines
1.6 KiB
Plaintext
44 lines
1.6 KiB
Plaintext
---
|
|
layout: docs
|
|
page_title: Use built-in persistent caching - Vault Proxy
|
|
description: >-
|
|
Use built-in persistent caching with Vault Proxy
|
|
---
|
|
|
|
> [!IMPORTANT]
|
|
> **Documentation Update:** Product documentation, which were located in this repository under `/website`, are now located in [`hashicorp/web-unified-docs`](https://github.com/hashicorp/web-unified-docs), colocated with all other product documentation. Contributions to this content should be done in the `web-unified-docs` repo, and not this one. Changes made to `/website` content in this repo will not be reflected on the developer.hashicorp.com website.
|
|
|
|
# Use Vault Proxy built-in persistent caching
|
|
|
|
Vault Proxy can restore tokens and leases from a persistent cache file created
|
|
by a previous Vault Proxy process. The persistent cache is a BoltDB file that
|
|
includes tuples encrypted by a generated encryption key. The encrypted tuples
|
|
include the Vault token used to retrieve secrets, leases for tokens/secrets, and
|
|
secret values.
|
|
|
|
In order to use Vault Proxy persistent cache, auto-auth must be used. If the
|
|
auto-auth token has expired by the time the cache is restored, the cache will
|
|
be invalidated and secrets will need to be re-fetched from Vault.
|
|
|
|
-> **Note** Vault Proxy persistent cache is currently supported only in a
|
|
Kubernetes environment.
|
|
|
|
## Vault Proxy persistent cache types
|
|
|
|
Please see the sidebar for available types and their usage/configuration.
|
|
|
|
## Persistent cache example configuration
|
|
|
|
Here is an example of a persistent cache configuration.
|
|
|
|
```hcl
|
|
# Other Vault Proxy configuration blocks
|
|
# ...
|
|
|
|
cache {
|
|
persist "kubernetes" {
|
|
path = "/vault/proxy-cache"
|
|
}
|
|
}
|
|
```
|