I am unable to create a Nomad Token by passing TTL via Nomad Secret backend in Vault.
Steps:
- Create Nomad policy using API:
{Nomad_Base_URL}/v1/acl/policy/test-policy-1
- Create User role in Vault using above Policy (Policy provided in Body):
{Vault_Base_URL}/v1/nomad/role/test-user-role
- get Creds using vault Creds endpoint:
{Vault_Base_URL}/v1/nomad/creds/test-user-role
- All tokens received has lease duration as per
/nomad/config/lease
What I want is to create a tokens based on TTL values I provide during API request.
I don’t see any such provision in documentation as well: Nomad Secrets Engine- HTTP API | Vault | HashiCorp Developer
Please refer Github issue for more details: Nomad Secret Backend should permit per-request/policy TTLs · Issue #7305 · hashicorp/vault · GitHub
What I want is to generate Nomad token with TTL value passed during API call, which can override TTL set in /nomad/config/lease.
Please suggest if I am missing something or there is an alternative endpoint for the same?