Interface K8sAuthRx

    • Method Detail

      • createRole

        Single<CreateRole.Response> createRole​(CreateRole.Request request)
        Registers a role in the auth method. Role types have specific entities that can perform login operations against this endpoint. Constraints specific to the role type must be set on the role. These are applied to the authenticated entities attempting to login.
        request - create role request
        when the role is created
      • login

        Single<Login.Response> login​(Login.Request request)
        Fetch a token. This endpoint takes a signed JSON Web Token (JWT) and a role name for some entity. It verifies the JWT signature to authenticate that entity and then authorizes the entity for the given role.
        request - login request
        login response
      • configure

        Single<ConfigureK8s.Response> configure​(ConfigureK8s.Request request)
        Configure this authentication method.

        The Kubernetes auth method validates service account JWTs and verifies their existence with the Kubernetes TokenReview API. This endpoint configures the public key used to validate the JWT signature and the necessary information to access the Kubernetes API.


        If Vault is running in a Kubernetes Pod, the kubernetes_ca_cert and token_reviewer_jwt parameters will automatically default to the local CA cert (/var/run/secrets/ and local service account JWT (/var/run/secrets/ This behavior may be disabled by setting disable_local_ca_jwt to true. When Vault is running in a non-Kubernetes environment, either kubernetes_ca_cert or pem_keys must be set by the user.

        request - request to configure
        when configured