What command is used to extend the TTL of a token, if permitted?
A.
vault token revoke < token-id >
B.
vault capabilities < token-id >
C.
vault token lookup < token-id >
D.
vault token renew < token-id >
The Answer Is:
D
This question includes an explanation.
Explanation:
Comprehensive and Detailed in Depth Explanation:
To extend a token’s TTL, the vault token renew command is used. The HashiCorp Vault documentation states: " In order to renew a token, a user can issue a vault token renew command to extend the TTL. The token can also be renewed using the API. " It adds: " The vault token renew command extends the Time To Live (TTL) of a token if the policy associated with the token permits renewal. "
The docs detail: " Tokens have a TTL that determines their validity period. If renewable, the renew command can be used before expiration to extend this duration, subject to any max TTL limits. " A (revoke) invalidates tokens. B (capabilities) shows permissions, not TTL. C (lookup) displays token info, not extends it. Thus, D is correct.