...
Provider Parameter | Required | Description |
---|---|---|
ADDRESS | Yestrue | The address of the Vault server (e.g. http://127.0.0.1:8200). |
TOKEN | The Vault token for use with Vault’s token auth method. | |
ROLE_ID | The Role ID of the AppRole for use with Vault’s AppRole auth method. | |
SECRET_ID | The Secret ID belonging to the AppRole for use with Vault’s AppRole auth method.
| |
JWT | The signed JSON Web Token (JWT) for use with Vault’s JWT auth method. | |
ROLE | The Role name for use with Vault’s JWT auth method.
| |
KEYSTORE | The path to the keystore containing the client certificate and private key for use with Vault’s TLS Certificates auth method. | |
KEYSTORE_PASSWORD | The password used to unlock the keystore. | |
KEYSTORE_TYPE | The type of keystore. (default Default is PKCS12).
| |
CLIENT_CERTIFICATE | The path to the X.509 certificate, in PEM format, for use with Vault’s TLS certificates auth method. | |
CLIENT_KEY | The path to the unencrypted RSA private key, in PEM format, for use with Vault’s TLS certificates auth method.
| |
AUTH_MOUNT_PATH | Nofalse | Specifies the path where the auth method backend is mounted. |
MOUNT_PATH | Nofalse | Specifies the path where the KV backend is mounted.
|
SECRET_PATH | Yestrue | The path to the KV secret. |
DATA_PASSWORD_KEY | Nofalse | Specifies the key for the password in the secret data. |
DATA_PASSPHRASE_KEY | Nofalse | Specifies the key for the password in the secret data. |
DATA_TOKEN_KEY | Nofalse | Specifies the key for the password in the secret data. |
CACHE_TTL | Nofalse | The TTL (Time To Live), in seconds, for the cached secret before a new request to the provider is made. (default 300 seconds / 5 minutes) If the secret has a TTL, then it will be used to set the expiration time (KV Version 1 only). |
...