Vault revoke lease rabbitmq creds, befor ttl expire

paullol · August 2, 2022, 7:59pm

Hi. Please help!
Vault revoke lease rabbitmq creds, befor ttl expire.
Have:
“default_lease_ttl”:31536000,
“max_lease_ttl”:31536000
Revoke after 30 days.

maxb · August 3, 2022, 8:11pm

There are three levels of TTL configuration in Vault:

System-wide, configured in the server configuration file
Mount-level, set via “tune” APIs - /sys/mounts - HTTP API | Vault by HashiCorp
Settings specific to the secrets engine involved - in the case of RabbitMQ, RabbitMQ - Secrets Engines - HTTP API | Vault by HashiCorp

Check all of them.

Mostly the more specific ones override the more general ones.

paullol · August 4, 2022, 8:54am

In system config.hcl only adress/tls
rabbitmq_all/":{ …“config”:
{“default_lease_ttl”:31536000,“force_no_cache”:false,“max_lease_ttl”:31536000},
… }

Screenshot 2022-08-04 at 11-53-15 Vault