salt.pillar.confidant

An external pillar module for getting credentials from confidant.

Configuring the Confidant module

The module can be configured via ext_pillar in the minion config:
ext_pillar:
  • confidant:
    profile:

    # The URL of the confidant web service url: 'https://confidant-production.example.com' # The context to use for KMS authentication auth_context: from: example-production-iad to: confidant-production-iad user_type: service # The KMS master key to use for authentication auth_key: "alias/authnz" # Cache file for KMS auth token token_cache_file: /run/confidant/confidant_token # The duration of the validity of a token, in minutes token_duration: 60 # key, keyid and region can be defined in the profile, but it's # generally best to use IAM roles or environment variables for AWS # auth. keyid: 98nh9h9h908h09kjjk key: jhf908gyeghehe0he0g8h9u0j0n0n09hj09h0 region: us-east-1

depends:

confidant-common, confidant-client

Module Documentation

salt.pillar.confidant.ext_pillar(minion_id, pillar, profile=None)

Read pillar data from Confidant via its API.

Generated on October 23, 2024 at 09:02:06 UTC.

You are viewing docs for the latest stable release, 3007.1. Switch to docs for the previous stable release, 3006.9, or to a recent doc build from the master branch.


saltproject.io

© 2024 VMware, Inc. | Privacy Policy