open-vault/command/agent
Christopher Swenson 0af0543bbe
VAULT-5935 agent: redact renew-self if using auto auth (#15380)
Vault agent redacts the token and accessor for `/auth/token/lookup-self` (and `lookup`)
if the token is the auto auth token to prevent it from leaking.

Similarly, we need to redact the token and accessor from `renew-self`
and `renew`, which also leak the token and accessor.

I tested this locally by starting up a Vault agent and querying the
agent endpoints, and ensuring that the accessor and token were set to
the empty string in the response.
2022-05-12 09:25:55 -07:00
..
auth agent/auto-auth: Add min_backoff to set first backoff value (#15204) 2022-04-29 12:31:32 -04:00
cache VAULT-5935 agent: redact renew-self if using auto auth (#15380) 2022-05-12 09:25:55 -07:00
config agent/auto-auth: Add min_backoff to set first backoff value (#15204) 2022-04-29 12:31:32 -04:00
sink OSS changes for ent pr (#13696) 2022-01-19 09:43:12 -08:00
template agent/auto-auth: Add min_backoff to set first backoff value (#15204) 2022-04-29 12:31:32 -04:00
winsvc Convert to Go 1.17 go:build directive (#13579) 2022-01-05 12:02:03 -06:00
alicloud_end_to_end_test.go Revert the WithContext changes to vault tests (#14947) 2022-04-07 15:12:58 -04:00
approle_end_to_end_test.go Revert the WithContext changes to vault tests (#14947) 2022-04-07 15:12:58 -04:00
auto_auth_preload_token_end_to_end_test.go Revert the WithContext changes to vault tests (#14947) 2022-04-07 15:12:58 -04:00
aws_end_to_end_test.go Revert the WithContext changes to vault tests (#14947) 2022-04-07 15:12:58 -04:00
cache_end_to_end_test.go Revert the WithContext changes to vault tests (#14947) 2022-04-07 15:12:58 -04:00
cert_end_to_end_test.go Revert the WithContext changes to vault tests (#14947) 2022-04-07 15:12:58 -04:00
cf_end_to_end_test.go Revert the WithContext changes to vault tests (#14947) 2022-04-07 15:12:58 -04:00
doc.go Vault Agent Template (#7652) 2019-10-18 16:21:46 -05:00
jwt_end_to_end_test.go Revert the WithContext changes to vault tests (#14947) 2022-04-07 15:12:58 -04:00
README.md Vault Agent Template (#7652) 2019-10-18 16:21:46 -05:00
testing.go Create sdk/ and api/ submodules (#6583) 2019-04-12 17:54:35 -04:00

Vault Agent

Vault Agent is a client daemon that provides Auth-Auth, Caching, and Template features.

Vault Agent provides a number of different helper features, specifically addressing the following challenges:

  • Automatic authentication
  • Secure delivery/storage of tokens
  • Lifecycle management of these tokens (renewal & re-authentication)

See the usage documentation on the Vault website here: