Ability to use the CF Instance Identity-based CredHub roles #1
Comments
|
P.S., Andy this is wonderful and I hope we'll be making heavy use of it alongside https://github.com/46bit/credhub-service-broker 🎉 |
46bit
changed the title
|
From a deeper look, https://github.com/cloudfoundry-incubator/credhub-cli doesn't support for using mutual TLS client certificates despite that its underlying library does. That's frustrating and changing that is probably the starting point in fixing this. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Right now authentication with CredHub is done with a specified UAA client. It would be awesome to have the option to use the
mtls-app:APP_GUIDrole that is available by authenticating to CredHub with the instance identity cert/key on the app instance. This is less suitable for hand-configured CredHubs but will be much more useful for automated ones.Will look at implementing this if GOV.UK PaaS go with CredHub 😄
The text was updated successfully, but these errors were encountered: