3ce9615992
For situations where you want the Vault agent to handle one or more templates but do not require the acquired credentials elsewhere. Modify the logic in SyncServer so that if there are no sinks, ignore any new credentials. Since SyncServer is responsible for shutting down the agent, make sure it still properly shuts down in this new situation. Solves #7988
38 lines
634 B
HCL
38 lines
634 B
HCL
pid_file = "./pidfile"
|
|
|
|
auto_auth {
|
|
method {
|
|
type = "aws"
|
|
namespace = "/my-namespace"
|
|
|
|
config = {
|
|
role = "foobar"
|
|
}
|
|
}
|
|
}
|
|
|
|
template {
|
|
destination = "/path/on/disk/where/template/will/render.txt"
|
|
create_dest_dirs = true
|
|
contents = "{{ keyOrDefault \"service/redis/maxconns@east-aws\" \"5\" }}"
|
|
|
|
command = "restart service foo"
|
|
command_timeout = "60s"
|
|
|
|
error_on_missing_key = true
|
|
perms = 0655
|
|
backup = true
|
|
left_delimiter = "<<"
|
|
right_delimiter = ">>"
|
|
|
|
sandbox_path = "/path/on/disk/where"
|
|
wait {
|
|
min = "5s"
|
|
max = "30s"
|
|
}
|
|
wait {
|
|
min = "10s"
|
|
max = "40s"
|
|
}
|
|
}
|