Hi,
I just started to work with HashiCorp few months ago so excuse my knowledge/question.
As I was looking with Google on old forums discussion and read some of the hashicorp docs I could not figure out if I can or I can not have a secret_id that is never expiring.
While I tried to generate a non-expiring secret_id like this:
vault write -f auth/approle/role/app_name_role/secret-id secret_id_ttl=0 token_num_uses=0 secret_id_num_uses=0 token_ttl=0 token_max_ttl=0
The result came with:
Key Value
secret_id abcedefg-eecf-4cb4-0586-574d6a7ff001
secret_id_accessor yxzefgth-0597-b72e-fe7e-a3cc28a41758
secret_id_ttl 2764800 —> 32 days…
How I am suppose to code or generate those AppRole secret_id key so that I can have an application retrieve its secrets after let’s say 300 days when I first restart it? I need a way so I do not change the secret id every 32 days. The issue is we can’t really restart the app easy once is in production as its mission critical and its restart to renew the secret_id will cause customers impact…