Problem/Motivation

The Vault client read/token cache is injected using standard container injection. For security our default cache is a memory array that that is purged on destruction.

Authenticating each time the VaultClient is initialized can take a significant amount of time (and place unnecessary load on the Vault server).

A site owner may override the cache service class converting from an in-memory backend to persistent storage..

Steps to reproduce

Proposed resolution

Document using a local services.yml to override cache type.
Provide links to Symfony documentation of cache types.
Educate about known risks of changing cache types (auth token, and secrets stored in cleartext) so that site owners can make an informed decision regarding safety of converting cache.

Remaining tasks

User interface changes

API changes

Data model changes

Issue fork vault-3486306

Command icon Show commands

Start within a Git clone of the project using the version control instructions.

Or, if you do not have SSH keys set up on git.drupalcode.org:

About issue forks

Comments

cmlara created an issue. See original summary.

cmlara’s picture

cmlara
he/him
commented
Title: Document swapping out the client cache for increase performance » Document swapping out the client cache

cmlara opened merge request !22

cmlara’s picture

cmlara
he/him
commented
Status: Active » Fixed

  • cmlara committed b612fd78 on 3.x 
    Issue #3486306: Document swapping out the client cache

Status: Fixed » Closed (fixed)

Automatically closed - issue fixed for 2 weeks with no activity.