Vault: Can AppRole secret_id be set to not expire?

Created on 2 Oct 2018  路  1Comment  路  Source: hashicorp/vault

I would like to store role_id and secret_id with my client that needs to authenticate. In order to this, I would like to set them to not expire.

secret_id_ttl (string: "") - Duration in either an integer number of seconds (3600) or an integer time unit (60m) after which any SecretID expires.

I also found this: https://groups.google.com/forum/#!topic/vault-tool/nm5BvMYt9ng

I just looked at the code and checked behavior myself and as near as I
can tell from both, this is actually a documentation bug -- a 0 value
(the default) for the secret id TTL means no expiration. It's possible
that this changed somewhere in the implementation along the way and
the docs weren't updated at the time.

The documentation still doesn't seem to be updated with this information 2 yrs later however, so is it the case that I can set secret_id to not expire?

picture booboothefool
👀1

Most helpful comment

Yes, secret IDs do not expire if they do not have a TTL set.

picture kohend on 11 Oct 2018
👍7

>All comments

Yes, secret IDs do not expire if they do not have a TTL set.

kohend picture kohend on 11 Oct 2018
👍7
Was this page helpful?
0 / 5 - 0 ratings

Related issues

anthonyGuo picture anthonyGuo  路  3Comments
dwdraju picture dwdraju  路  3Comments
adamroddick picture adamroddick  路  3Comments
gtmtech picture gtmtech  路  3Comments
trodemaster picture trodemaster  路  3Comments