Add fields 'ttl' and 'num_uses' to SecretID generation. #14474
Conversation
|
thanks! it appears we have some formatting issues |
@swayne275 This is correct! I looked at them before and they seem to not originate from my code. |
|
sure, give it a shot and we can take a deeper look |
RemcoBuddelmeijer
force-pushed
the
feature/numuses-and-ttl-appsecret
branch
from
7854530
to
215f35d
Compare
Add fields 'ttl' and 'num_uses' when generating/obtaining a SecretID. Rather than just being able to use the Role's SecretID ttl and num uses. hashicorp#14390
Add the response field secret_id_num_uses to the endpoints for generating SecretIDs. Used in testing but also to supply the vendor with this variable.
Add tests to assert the new TTL and NumUses option in the SecretID entry. Separate test for testing with just parameters vs a -force example.
RemcoBuddelmeijer
force-pushed
the
feature/numuses-and-ttl-appsecret
branch
from
215f35d
to
0f1c941
Compare
|
The test seem to be passing now! |
|
Hi everyone, Just want to keep the conversation moving on this feature. I see Vault 1.10 just rolled out, any idea when these changes might be generally released? |
Change the error message produced when a test fails due to a missing field. Previous values did not map to correct fields.
Unnecessary cast to int where type already is int.
Remove metadata entry in sample payload for custom-secret-id. The metadata was not changed in the features pull request.
Rather than implicitly overriding, error when the ttl is lower than and the num uses higher than the role's configuration. hashicorp#14390
More elaborate description for the changelog. Specifying the per-request based fields.
RemcoBuddelmeijer
force-pushed
the
feature/numuses-and-ttl-appsecret
branch
from
900e726
to
772adde
Compare
Specify in both the api-docs and the CLI the limits of the fields. Specify that the role's configuration is still the leading factor.
Upper bound ttl with role secret id ttl when creating a secret id Adding test cases for infinite ttl and num uses Adding test cases for negative ttl and num uses Validation on infinite ttl and num uses
|
|
RemcoBuddelmeijer
force-pushed
the
feature/numuses-and-ttl-appsecret
branch
from
1875e77
to
cba46ac
Compare
Changed that TTL is not allowed to be shorter to longer
Define ttl and num_uses in every test despite them not being tested. This is to ensure that no unexpected behaviour comes to mind.
|
Hello all! I was hoping to bump up this PR to get this looked at and possibly merged. Thank you! 😄 |
|
Hi everyone, also bumping this PR. Would love to see this feature merged. |
Test secret id generation defaults to Role's configuration entries.
Co-authored-by: Josh Black <raskchanky@users.noreply.github.com>
|
Hi everyone, are there still more discussions to be resolved on this feature? |
|
Hello everyone, periodic bump up of the PR to see if it can get merged. Thank you! |
|
Periodic PR bump, this is still a feature I'm very interested in! |
Add the fields 'ttl' and 'num_uses' to the endpoints
/auth/approle/role/<role_name>/secret-idand/auth/approle/role/<role_name>/custom-secret-id.Edited the help synopsis and description to refer to these fields. Both for the endpoints respectively but also for the
secret-id-num-usesandsecret-id-ttlendpoints.Fixes #14390