scottk/vault
1
0
Fork 0
mirror of https://github.com/optim-enterprises-bv/vault.git synced 2025-10-31 02:28:09 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
672cdc0fdb35daa04ad9c59ff2146d94e8f7dc4f
vault/website/content/docs/configuration/sentinel.mdx
Bryce Kalow 47875daf53 website: fixes redirected links (#17574) 
* fixes redirected links

* fix broken link to key wrapping guide
2022-10-18 14:06:27 -04:00

41 lines
1.5 KiB
Plaintext
Raw Blame History

---
layout: docs
page_title: Sentinel - Configuration
description: |-
The sentinel stanza specifies configurations for Vault's Sentinel integration.
---
# `sentinel` Stanza
The sentinel stanza specifies configurations for
[Vault's Sentinel](https://www.vaultproject.io/docs/enterprise/sentinel) integration.
```hcl
sentinel {
additional_enabled_modules = ["http"]
}
```
## Requirements
A valid Vault Enterprise license is required for use of Sentinel policies.
## `sentinel` Parameters
The sentinel stanza currently supports only one parameter, `additional_enabled_modules`.
- `additional_enabled_modules` `(string array: [])`` - This parameter specifies a list of imports (modules)
to allow in Sentinel policies.
Vault currently enables all of Sentinel's [standard imports](https://docs.hashicorp.com/sentinel/imports)
except the "http" import, which has performance and security implications. In the future, if any new Sentinel
imports are not automatically enabled by Vault, users could enable them in this stanza.
Note that this setting cannot be used to load custom import plugins.
~> **Warning**: Care should be taken when enabling imports (modules) which
could have performance and security implications in policies. Enabling the "http" import could cause your Vault
servers to submit outbound requests to arbitrary endpoints.
See the
[Sentinel HTTP Import](https://docs.hashicorp.com/sentinel/imports/http)
documentation for more information.
Reference in New Issue View Git Blame Copy Permalink