It would be handy to have a source profile (such as the ability to create API tokens) which could be shared to other profiles without duplicating the credentials. Right now, if I want a read and write profile, I need to duplicate it and setup two. In practice, the ideal would look like this:
[profiles]
[profiles.create_single_use_token]
auth_type = "api_token"
[profiles.write_everything]
source_profile = "create_single_use_token"
session_duration = "15m"
[profiles.read_only]
source_profile = "create_single_use_token"
session_duration = "15m"
Running cf-vault exec read_only -- ... would not have credentials of its own stored, but instead, pull the value from the create_single_use_token item in the keychain.
It would be handy to have a source profile (such as the ability to create API tokens) which could be shared to other profiles without duplicating the credentials. Right now, if I want a read and write profile, I need to duplicate it and setup two. In practice, the ideal would look like this:
Running
cf-vault exec read_only -- ...would not have credentials of its own stored, but instead, pull the value from thecreate_single_use_tokenitem in the keychain.