Idea ID: 2762903

Support AppRole Authentication method for Vault integration framework and Secret id Pull

Status : Waiting for Votes
Waiting for Votes
See status update history
over 1 year ago

To help facilitate the use of the vault integration in an automation scenario, we would like to propose the need to allow the AppRole authentication method to be supported with the vault integration framework.  The support would allow the most flexibility in defining roles that can be used to control vault functionality as opposed to those constraints that would be needed by a user type login. We are heavily involved in integrating our vault technology to automation tasks and need a way to define roles instead of individual login parameters.  Please view the attached link that describe the AppRole Authentication login method.  See documentation here: 

  1. https://www.vaultproject.io/docs/auth/approle/

Keeping in mind security and the automation theme, allow a pull to obtain the secret key would be appropriate and appears to be the preferred method to obtain the secret-id.  Refer to the documentation located here :

  1.  https://www.vaultproject.io/docs/auth/approle/#pull-and-push-secretid-modes

Please let us know if any additional details are required to document sufficiently the need for the vault integration changes or enhancements.