Is it right that it's needed to update data bag(items) whenever a node or client is created or deleted when using Vault?


#1

Hi,

As Vault generate asymmetric encrypted shared secret keys for each clients and nodes ,is it right that it’s needed to update data bag(items) whenever a client or node is created or deleted when using vault? Specifially, when used “*:*” filter for search.

Hope you all have nice weekend!


#2

I got that I need to “knife vault refresh bag item --clean-unknown-clients” whenever there is any change on clients and nodes.