Updated documentation

website/source/api/secret/nomad/index.html.md

@@ -52,6 +52,39 @@ $ curl \
     https://vault.rocks/v1/nomad/config/access
 ```
 
+## Configure Lease
+
+This endpoint configures the lease settings for generated tokens.
+
+| Method   | Path                         | Produces               |
+| :------- | :--------------------------- | :--------------------- |
+| `POST`   | `/nomad/config/lease`     | `204 (empty body)` |
+
+### Parameters
+
+- `ttl` `(int: 0)` – Specifies the lease ttl provided in seconds.
+
+- `max_ttl` `(int: 0)` – Specifies the maximum ttl provided in seconds.
+
+### Sample Payload
+
+```json
+{
+  "ttl": 1800,
+  "max_ttl": 3600
+}
+```
+
+### Sample Request
+
+```
+$ curl \
+    --header "X-Vault-Token: ..." \
+    --request POST \
+    --data @payload.json \
+    https://vault.rocks/v1/nomad/config/lease
+```
+
 ## Create/Update Role
 
 This endpoint creates or updates the Nomad role definition in Vault. If the role does not exist, it will be created. If the role already exists, it will receive

website/source/docs/secrets/nomad/index.html.md

@@ -28,6 +28,15 @@ Unlike the `generic` backend, the `nomad` backend is not mounted by default.
 $ vault mount nomad
 Successfully mounted 'nomad' at 'nomad'!
 ```
+
+Optionally, we can configure the lease settings for credentials generated
+by Vault. This is done by writing to the `config/lease` key:
+
+```
+$ vault write nomad/config/lease ttl=3600 max_ttl=86400
+Success! Data written to: nomad/config/lease
+```
+
 For a quick start, you can use the SecretID token provided by the [Nomad ACL bootstrap
 process](https://www.nomadproject.io/guides/acl.html#generate-the-initial-token), although this
 is discouraged for production deployments.