ol-infrastructure icon indicating copy to clipboard operation
ol-infrastructure copied to clipboard

Published 20 hours ago verified publisher icon mitodl

disable caching in vault-agent configuration

Open Ardiea opened this issue 1 year ago • 3 comments

Description/Context

Starting with vault 1.13.0, vault now support an "api_proxy" stanza in place of "cache". If we were to drop the "cache" stanza from our configuration and replace it with "api_proxy" we can disable the local caching of vault requests across all of our nodes. IMO, this is a good thing. The vault agent is non-blocking, meaning a cached result in the agent won't be updated if something changes @ the server with the actual value, for instance a revocation, or w/e. Caching leads to different perceptions of reality.

More information: https://developer.hashicorp.com/vault/docs/agent/apiproxy#configuration-api_proxy

Ardiea avatar Mar 14 '23 18:03 Ardiea