Hi. Please help!
Vault revoke lease rabbitmq creds, befor ttl expire.
Have:
“default_lease_ttl”:31536000,
“max_lease_ttl”:31536000
Revoke after 30 days.
There are three levels of TTL configuration in Vault:
- System-wide, configured in the server configuration file
- Mount-level, set via “tune” APIs - /sys/mounts - HTTP API | Vault by HashiCorp
- Settings specific to the secrets engine involved - in the case of RabbitMQ, RabbitMQ - Secrets Engines - HTTP API | Vault by HashiCorp
Check all of them.
Mostly the more specific ones override the more general ones.
- In system config.hcl only adress/tls
- rabbitmq_all/":{ …“config”:
{“default_lease_ttl”:31536000,“force_no_cache”:false,“max_lease_ttl”:31536000},
… }