vault-token-monitor is a monitoring server that can expose your Vault accessor tokens TTL as prometheus metrics where you can build dashboards and alert policies.
Moreover vault-token-monitor can also auto-renew token when the TTL is bellowed configurable thresholds.
- Lookup and expose Vault token TTL as prometheus metrics
- Auto Renew tokens when TTL is below threshold
- Sample Grafana Dashboards
Follow install doc to install binaries.
Docker images can be found on ghcr.io/vdbulcke/vault-token-monitor
Make sure you have cosign installed locally (see Cosign Install).
Then you can use the ./verify_signature.sh in this repo:
./verify_signature.sh PATH_TO_DOWNLOADED_ARCHIVE TAG_VERSIONfor example
$ ./verify_signature.sh ~/Downloads/vault-token-monitor_0.2.0_Linux_x86_64.tar.gz v0.2.0
Checking Signature for version: v0.2.0
Verified OK
vault-token-monitor server --config example/lab.yamlFull documentation can be found here
See CLI documentation here.