Description
When using vault modules and pillars there are two functions when getting the config information to use to connect to vault:
_get_token_and_url_from_master() and _use_local_config()
_get_token_and_url_from_master() is normally used when using the vault module to query the details from the minion to master. But when using pillar this function renders the pillar data on the master and impersonates the minion. This function requires that the master has permissions to create vault tokens on behalf of the minions. Adding a config to use _use_local_config() would allow someone to render vault pillar data without adding extra permissions for the master if they don't intend on using separate policies per minion. This issue is created to track the work to make it configurable to set which method you want to use.