HashiConf 2025 Don't miss the live stream of HashiConf Day 2 happening now View live stream
Vault
Vault Home

Auto-auth method: Kubernetes

The kubernetes method reads in a Kubernetes service account token from the running pod (via /var/run/secrets/kubernetes.io/serviceaccount/token) and sends it to the Kubernetes Auth method.

Configuration

  • role (string: required) - The role to authenticate against on Vault
  • token_path (string: optional) - The file path to a custom JWT token to use for authentication. If omitted, the default service account token path is used.

Tutorial

Refer to the Vault Agent with Kubernetes tutorial to learn how to authenticate the clients using a Kubernetes Service Account Token and manage the tokens lifecycle.

Edit this page on GitHub