Vault token renewal(auto unseal transit secrets engine)

vault token lookup a.cczpxxxxxxxFokdz5s2

Key Value


accessor hxxxxxxxxxxxtK
creation_time 1589530772
creation_ttl 768h
display_name token
entity_id n/a
expire_time 2020-05-25T08:55:13.322094476Z
explicit_max_ttl 0s
id s.BzzpSsNZcUV8vQbkFokdz5s2
issue_time 2020-05-15T08:19:32.641192522Z
last_renewal 2020-05-25T07:55:13.322094631Z
last_renewal_time 1590393313
meta
num_uses 0
orphan false
path auth/token/create
policies [autounseal default]
renewable true
ttl 53m48s
type service

i am using the above token for auto unseal(transit secrets engine) by exporting it as a ENV variable.

what should i do once creation_ttl is met, after creation_ttl is met, i cannot renew the same token?

Hi sgoogal,

It sounds like you might be looking for periodic tokens.

1 Like