Vault Agent Auto Auth

Hi All,

I would like to get more info or example on how to use vault agent auto auth approle with encrypted sink file.

we need to make sure token saved on local machine dont get compromised in case attacker gain root access on the machine.

thanks in advanced for the helpers,


Have you seen our Production Hardening Guide? It’s all about how to lock down an instance hosting Vault.


i checked your link but its not what i ask for.
my concerns are when using vault agent auto auth it save the token in plain text to a sink file. i would like to know how to encrypt this file in case attacker gain access on the machine with the vault agent.

thx any way Becca