open-vault/website/pages/docs/configuration/sentinel.mdx

37 lines
1.1 KiB
Plaintext
Raw Normal View History

---
layout: docs
page_title: Sentinel - Configuration
sidebar_title: <code>sentinel</code>
description: |-
The sentinel stanza specifies configurations for Vault's Sentinel integration.
---
# `sentinel` Stanza
The sentinel stanza specifies configurations for Vault's Sentinel integration.
```hcl
sentinel {
additional_enabled_modules = ["http"]
}
```
## Requirements
A valid Vault Enterprise license is required for use of Sentinel policies.
## `sentinel` Parameters
The sentinel stanza currently supports only one parameter, `additional_enabled_modules`.
- `additional_enabled_modules` `(string array: [])`` - Specifies a list of
sentinel policy modules to enable above the default set. For example,
adding "http" to this list indicates sentinel policies may import
~> **Warning**: Care should be taken when enabling some modules which
could have performance and security implications in policies. For
example, enabling "http" could cause your Vault servers to submit outbound
requests to arbitrary endpoints. See [the Sentinel Documentation](https://docs.hashicorp.com/sentinel/imports/http/)
for more information.