Updated documentation

This commit is contained in:
Nicolas Corrarello 2017-11-06 15:13:50 +00:00
parent c70bfff23a
commit 5a317a1a32
No known key found for this signature in database
GPG key ID: 108DA0563DD992F6
2 changed files with 42 additions and 0 deletions

View file

@ -52,6 +52,39 @@ $ curl \
https://vault.rocks/v1/nomad/config/access
```
## Configure Lease
This endpoint configures the lease settings for generated tokens.
| Method | Path | Produces |
| :------- | :--------------------------- | :--------------------- |
| `POST` | `/nomad/config/lease` | `204 (empty body)` |
### Parameters
- `ttl` `(int: 0)`  Specifies the lease ttl provided in seconds.
- `max_ttl` `(int: 0)` Specifies the maximum ttl provided in seconds.
### Sample Payload
```json
{
"ttl": 1800,
"max_ttl": 3600
}
```
### Sample Request
```
$ curl \
--header "X-Vault-Token: ..." \
--request POST \
--data @payload.json \
https://vault.rocks/v1/nomad/config/lease
```
## Create/Update Role
This endpoint creates or updates the Nomad role definition in Vault. If the role does not exist, it will be created. If the role already exists, it will receive

View file

@ -28,6 +28,15 @@ Unlike the `generic` backend, the `nomad` backend is not mounted by default.
$ vault mount nomad
Successfully mounted 'nomad' at 'nomad'!
```
Optionally, we can configure the lease settings for credentials generated
by Vault. This is done by writing to the `config/lease` key:
```
$ vault write nomad/config/lease ttl=3600 max_ttl=86400
Success! Data written to: nomad/config/lease
```
For a quick start, you can use the SecretID token provided by the [Nomad ACL bootstrap
process](https://www.nomadproject.io/guides/acl.html#generate-the-initial-token), although this
is discouraged for production deployments.