Thanks
Do you have documentation for that? i am using enterprise vault and my
agents are behind firewall so agent certs will not be trusted by vault..
not sure if this will work but can see if this is feasible.
-S
On Thursday, May 25, 2023 at 11:09:09 AM UTC-4 aru...@pixar.com wrote:
> Have
Have you looked at / considered using Puppet’s client cert to authenticate
to Vault to authenticate and generate a token?
With recent releases of Vault the issue with getting cert metadata exposed
have been fixed so you can write policies based on trusted facts/cert
extensions.
On Thu, May 25, 20
Thanks I added to /etc/sysconfig/puppet and looks like agent service is up.
However, i ran into other issue.
I need to pass vault_token to my epp, where i am going to use it.
So i have
# vault_path is and vault_my_key should look like auth/puppet/MY_KEY
$variables = {
'my_key' => Deferr
Deferred functions run on the agent. The Vault connection will be made from the
agent. Therefor, if you configure Vault using environment variables, you'll
want to do so from the agent. If you're using systemd, you should be able to
configure those in the .service file as you suggest.
On May
Hello,
I have vault set up using role and secret id
I downloaded puppetlabs-vault module and saw the code snippet with that
module https://www.puppet.com/integrations/vault-by-hashicorp
*With vault_lookup::lookup deferred method, i don't want to pass my role
and secret, so other option is set a
