I have an application that has this flow:
- Dev engineer uses an internal app to generate a one-time use only Vault token
- Dev uses this token to trigger the pipeline that performs the roll outs
- Pipeline uses
vals to process a creds.yaml file with multiple references to Vault secrets
The problem is the token was created with
vault token create -use-limit=1 -policy="policy"
vals appears to be making multiple calls and it breaches the token limit. As a workaround I can increase the use-limit and reduce the ttl but I wonder if this is also fixable in code, perhaps by adding a cache with kvVersionCache map[string]bool variable.
Thoughts anyone?
I have an application that has this flow:
valsto process acreds.yamlfile with multiple references to Vault secretsThe problem is the token was created with
vault token create -use-limit=1 -policy="policy"valsappears to be making multiple calls and it breaches the token limit. As a workaround I can increase the use-limit and reduce the ttl but I wonder if this is also fixable in code, perhaps by adding a cache withkvVersionCache map[string]boolvariable.Thoughts anyone?