vault: Hide values used for authentication
The following options are used for authentication with Vault, so should be hidden from logs. 1) root_token_id This is not actually an id but a token string 2) approle_role_id and approle_secret_id These are used together to obtain token Closes-Bug: #2058397 Change-Id: I000149b6c5017c9548db55ae2517405dc8325808
This commit is contained in:
parent
8c89839e37
commit
327ee6e979
@ -45,10 +45,13 @@ _DEFAULT_VERSION = 2
|
||||
|
||||
_vault_opts = [
|
||||
cfg.StrOpt('root_token_id',
|
||||
secret=True,
|
||||
help='root token for vault'),
|
||||
cfg.StrOpt('approle_role_id',
|
||||
secret=True,
|
||||
help='AppRole role_id for authentication with vault'),
|
||||
cfg.StrOpt('approle_secret_id',
|
||||
secret=True,
|
||||
help='AppRole secret_id for authentication with vault'),
|
||||
cfg.StrOpt('kv_mountpoint',
|
||||
default=_DEFAULT_MOUNTPOINT,
|
||||
|
Loading…
Reference in New Issue
Block a user