Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Renew HashiCorpt Vault token #419

Open
eiabea opened this issue Oct 5, 2024 · 0 comments
Open

Renew HashiCorpt Vault token #419

eiabea opened this issue Oct 5, 2024 · 0 comments

Comments

@eiabea
Copy link
Contributor

eiabea commented Oct 5, 2024

Description

I use the HashiCorp Vault as a secret storage and issued a separate token for the operator to set specific policies to ensure a higher level of security. It is not possible to issue tokens with an infinite TTL (except the root token, which i would like to avoid using), therefore the created token for the operator should be renewed in a fixed time interval (probably once a day)

What I experience

  1. Create a HashiCorp Vault token (e.g. vault create token -policy stakewise)
  2. Use this token to start the operator
  3. Everything works fine
  4. Wait until the token expires
  5. Restart stakewise
  6. Observe a 403 error on startup

What I expect

  1. Create a HashiCorp Vault token (e.g. vault create token -policy stakewise)
  2. Use this token to start the operator
  3. Everything works fine
  4. Token gets renewed every now and then and therefore never gets expired
  5. Restart operator
  6. Connect to the HashiCorp vault without any issue
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@eiabea