» Vault Agent

Vault Agent is a client daemon that can perform useful tasks.

To get help, run:

$ vault agent -h

» Auto-Auth

Vault Agent allows for easy authentication to Vault in a wide variety of environments. Please see the Auto-Auth docs for information.

Auto-Auth functionality takes place within an auto_auth configuration stanza.

» Configuration

There is one currently-available general configuration option:

  • pid_file (string: "") - Path to the file in which the agent's Process ID (PID) should be stored.

» Example Configuration

An example configuration, with very contrived values, follows:

pid_file = "./pidfile"

auto_auth {
        method "aws" {
                mount_path = "auth/aws-subaccount"
                config = {
                        role = "foobar"
                }
        }

        sink "file" {
                config = {
                        path = "/tmp/file-foo"
                }
        }

        sink "file" {
                wrap_ttl = "5m" 
                aad_env_var = "TEST_AAD_ENV"
                dh_type = "curve25519"
                dh_path = "/tmp/file-foo-dhpath2"
                config = {
                        path = "/tmp/file-bar"
                }
        }
}