This benchmark will test the dynamic generation of Nomad credentials.
NOTE: Ensure that the Nomad system has a limit high enough to support the number of roles you are creating. More information can be found in the Nomad Documentation
address(string: "")– Specifies the address of the Nomad instance, provided as"protocol://host:port"like"http://127.0.0.1:4646".token(string: "")– Specifies the Nomad Management token to use. This value can also be provided on individual calls with the NOMAD_TOKEN environment variable. This can also be provided via theVAULT_BENCHMARK_NOMAD_TOKENenvironment variable.max_token_name_length(int: <optional>)– Specifies the maximum length to use for the name of the Nomad token generated with Generate Credential. If omitted,0is used and ignored, defaulting to the max value allowed by the Nomad version. For Nomad versions 0.8.3 and earlier, the default is64. For Nomad version 0.8.4 and later, the default is256.ca_cert(string: "")- CA certificate to use when verifying Nomad server certificate, must be x509 PEM encoded.client_cert(string: "")- Client certificate used for Nomad's TLS communication, must be x509 PEM encoded and if this is set you need to also set client_key.client_key(string: "")- Client key used for Nomad's TLS communication, must be x509 PEM encoded and if this is set you need to also set client_cert.
name(string: "benchmark-role")– Specifies the name of an existing role against which to create this Nomad tokens. This is part of the request URL.policies(string: "")– Comma separated list of Nomad policies the token is going to be created against. These need to be created beforehand in Nomad.global(bool: "false")– Specifies if the token should be global, as defined in the Nomad Documentation.type(string: "client")- Specifies the type of token to create when using this role. Valid values are"client"or"management".
test "nomad_secret" "nomad_test_1" {
weight = 100
config {
nomad {
address = "http://127.0.0.1:4646"
token = "NOMAD_TOKEN"
}
role {
global = true
type = "management"
}
}
}