What is the difference between a HashiCorp Vault lease and token accessor?

  Kiến thức lập trình

In HashiCorp Vault, when you create a service token a lease is created and you get a token accessor. The lease ID is described as:

This is the ID used with commands such as vault lease renew and vault lease revoke to manage the lease of the secret.

The vault lease command doesn’t work with service tokens, but service tokens also get leases, so the concept is present.

Token accessors are documented as having a limited set of actions, where the ability to renew and revoke a token is two of four such actions.

So from my perspective leases and accessors seem to have some overlapping functionality. What is the difference?

LEAVE A COMMENT