-
Notifications
You must be signed in to change notification settings - Fork 164
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Vault authentication planned ? #323
Comments
I'm pretty sure with a minimum of devops skills you can wrap ROR deployment and hook the decoded secrets into environmental variables, which are by the way supported in What do you think? |
@LordFPL or did you mean implementing vault as a runtime authentication connector like we have LDAP? |
Hello, Sorry for late answer. Yes, i mean a runtime authentication like ldap. I actually run elasticsearch cluster with nomad, and all config is already taken via vault (readonlyrest.yml and elasticsearch config file are generated via dynamic vars). Thx for your time and all you already done :) |
Got it, and it's quite interesting idea. Too bad I didn't find any asynchronous vault library for Java. 🤦🏻♂️ |
In my case, i can find a solution with a watch for change in vault... and regenerate the readonlyrest config... but if i understand well, hot reload is not possible ? For information, i read a post on hashicorp page about an integration with JWT (https://www.hashicorp.com/blog/secure-kubernetes-deployments-vault-banzai-cloud)... but i'm not a develloper... and i don't understand well JWT tokens... In all case, thx for reading :) |
Hello,
We use more and more Vault (Hashicorp) in our company, and I wonder if it was planned an integration of this type?
I am starting to test authentications under readonlyrest, and am a bit embarrassed on password side with the two main ones:
Vault on the other hand, from my point of view, will allow:
For now ldap authentication will in any case allow us to do many things (thank you for this plugin! :)), but I'll be curious to know your opinion on this possible evolution.
Thx in advance.
The text was updated successfully, but these errors were encountered: