»auth tune

The auth tune command tunes the configuration options for the auth method at the given PATH. The argument corresponds to the PATH where the auth method is enabled, not the TYPE!

»Examples

Tune the default lease for the auth method enabled at "github/":

$ vault auth tune -default-lease-ttl=72h github/
Success! Tuned the auth method at: github/

$ vault auth tune -default-lease-ttl=72h github/Success! Tuned the auth method at: github/

Specify multiple audit non-hmac request keys:

$ vault auth tune -audit-non-hmac-request-keys=value1 -audit-non-hmac-request-keys=value2 github/

$ vault auth tune -audit-non-hmac-request-keys=value1 -audit-non-hmac-request-keys=value2 github/

»Usage

The following flags are available in addition to the standard set of flags included on all commands.

• -audit-non-hmac-request-keys (string: "") - Key that will not be HMAC'd by audit devices in the request data object. Note that multiple keys may be specified by providing this option multiple times, each time with 1 key.

• -audit-non-hmac-response-keys (string: "") - Key that will not be HMAC'd by audit devices in the response data object. Note that multiple keys may be specified by providing this option multiple times, each time with 1 key.

• -default-lease-ttl (duration: "") - The default lease TTL for this auth method. If unspecified, this defaults to the Vault server's globally configured default lease TTL, or a previously configured value for the auth method.

• -max-lease-ttl (duration: "") - The maximum lease TTL for this auth method. If unspecified, this defaults to the Vault server's globally configured maximum lease TTL, or a previously configured value for the auth method.