Tommy McNeely

The best thing I can think of would be for me to commit your public key to our IAC repo, that way supposedly I trust it (lsign), and I can...

The ability to do this would depend on username ~~*and* scope~~ templates. Once we have the ability to use "variables" when generating the request for the token, we need to...

Hah, see I was trying to make it more difficult. I was looking at creating a role, for example named "my-account" ... which would lookup the user identity (somehow) and...

I am not saying to change for me. Perhaps my vault cluster in a Google MIG is overly complex. I actually think the upgrade instructions say to backup the old...

I guess I will use my script above to keep the version string... I wonder if something like that would be useful? It is part of our packer scripts to...

Interesting idea... it could for sure be in scripts or maybe "examples" or something? I could actually include more stuff (Terraform)

looks like this is resolved: https://github.com/voxpupuli/puppet-confluence/pull/98

It seems like it is easier to reproduce this problem in the morning (US timezones), like from 9a-12p MDT. It seems like, maybe the provider tries to *create* the resource,...

Will this affect vault's admin token to gitlab or does it rotate it's own token?

Suggestion: Use Kubernetes Auth. Approle is little more than a username/password, if you use kubernetes auth, you can specify a list of service accounts, in a list of namespaces (hint:...