How to change default lease_duration value in vault agent config file

[lakshmisivareddy]

Hi i am trying to change the default duration vault agent rechecking a Vault secret value for every 1 minute i tried using below configuration but still vault agent rechecking a Vault secret value for 5 min

what is the configuration need to be set , so that vault agent checking a Vault secret value for every 1 minute ?

vault{ address="http://127.0.0.1:8200" } pid_file = "/tmp/pidfile"

auto_auth { method "approle" { mount_path = "auth/approle-iot-concord" namespace = "iot" default_lease_duration = "60s" config = { role_id_file_path = "/tmp/roleid" secret_id_file_path = "/tmp/secretid" remove_secret_id_file_after_reading = false } } sink "file" { config = { path = "/tmp/vault_token" } } }

template { source = "/tmp/template.ctmpl" destination = "/tmp/render.txt" }

template { source = "/tmp/wcnp.ctmpl" destination = "/tmp/wcnp.txt" }

[eikenb]

Hey @lakshmisivareddy, thanks for the question.

I think the issue is that the default_lease_duration = "60s" settings needs to go in the vault{} block. Just taking that snippet from your config, it would look like..

vault {
    address="http://127.0.0.1:8200"
    default_lease_duration = "60s"
}
...

This goes in the consul-template config file. The example posted has fields that aren't for consul-template, so I'm not sure what is meant there.

Please let me know if this fixes the issue for you. Thanks.