0af0543bbe
Vault agent redacts the token and accessor for `/auth/token/lookup-self` (and `lookup`) if the token is the auto auth token to prevent it from leaking. Similarly, we need to redact the token and accessor from `renew-self` and `renew`, which also leak the token and accessor. I tested this locally by starting up a Vault agent and querying the agent endpoints, and ensuring that the accessor and token were set to the empty string in the response. |
||
|---|---|---|
| .. | ||
| auth | ||
| cache | ||
| config | ||
| sink | ||
| template | ||
| winsvc | ||
| README.md | ||
| alicloud_end_to_end_test.go | ||
| approle_end_to_end_test.go | ||
| auto_auth_preload_token_end_to_end_test.go | ||
| aws_end_to_end_test.go | ||
| cache_end_to_end_test.go | ||
| cert_end_to_end_test.go | ||
| cf_end_to_end_test.go | ||
| doc.go | ||
| jwt_end_to_end_test.go | ||
| testing.go | ||
README.md
Vault Agent
Vault Agent is a client daemon that provides Auth-Auth, Caching, and Template features.
Vault Agent provides a number of different helper features, specifically addressing the following challenges:
- Automatic authentication
- Secure delivery/storage of tokens
- Lifecycle management of these tokens (renewal & re-authentication)
See the usage documentation on the Vault website here: