consul
consul copied to clipboard
hashicorp
Backport of docs/consul: rename the Vault secret engine for Consul integration into release/1.13.x
Backport
This PR is auto-generated from #20049 to be assessed for backporting due to the inclusion of the label backport/1.13.
:rotating_light:
Warning automatic cherry-pick of commits failed. If the first commit failed, you will see a blank no-op commit below. If at least one commit succeeded, you will see the cherry-picked commits up to, not including, the commit where the merge conflict occurred.
The person who merged in the original PR is: @krastin This person should manually cherry-pick the original PR into a new backport PR, and close this one when the manual backport PR is merged in.
merge conflict error: POST https://api.github.com/repos/hashicorp/consul/merges: 409 Merge conflict []
The below text is copied from the body of the original PR.
Description
There was feedback from our Support team about customers facing an issue following the documentation from the Vault for Consul: System integration into the Vault for Consul: Data integration. The former defines a consul-named Vault secret engine, but the latter runs commands and config against a secrets-named Vault secret engine - no doubt a leftover from times where the default secret engine from running Vault in -dev mode was used to showcase functionality in the docs.
Furthermore, because of the secret engine name consul, the customers were confused and expected the secret engine to be of the Consul type and not the KV type.
With that in mind, this PR changes the docs in the following way:
- The Vault secret engine created for use with Consul has been renamed to
consul-kv- to stress the fact that it is a KV type engine and not a Consul type engine
- to move away from the default secrets engine as this would be unadvisable to run in Production systems, and possibly even dangerous if the default secrets engine is indeed being used
- The path
secretsis being used for all token-related configuration so that in Production environments, that specific path can be allowed/disallowed read/write access easier for separate admin and non-admin user roles.
Testing & Reproduction steps
N/A
Links
Related Docs: Vault as the Secrets Backend (K8s)
PR Checklist
- [ ] updated test coverage
- [x] external facing docs updated
- [x] appropriate backport labels added
- [x] not a security concern
Overview of commits
- 365fcd0148e8cb5f57523d88cc7246593386dd9a - c19ead96bcf4d0518a5fd3f5cb17fd5c4488bb59 - 955bc958a93eb15b26e2a39fadf30c362cf7f15a - 3a468f91cfd9e332496bac98906594697d2df5ed - 18919c935607f9e9716530b76dba704ad034abc3 - a11916e00de940b5837b749f37ef82b760a9f3a1 - 1cb00ebe14523ec390d9ce0ea172a0324f41678f - 1dde571810dabfc59b8a4422ea6ced7fc0ba7f99 - 3133a14fb09d8ddc47d372275acd794616a6e824 - bab05ad0578455f201d0988582fdc3fb1533698e - 752434cae75d52152d6817470ffb89756823f83f - edbe09b1e1b60a0433bd11cfd576bca135566e65 - 7f4d59e3c8edfa4200550866f67956f09f232ccf - d60a23d926dc1efe8bca54b97973318b6dda8bf4
🤔 This PR has changes in the website/ directory but does not have a type/docs-cherrypick label. If the changes are for the next version, this can be ignored. If they are updates to current docs, attach the label to auto cherrypick to the stable-website branch after merging.
This pull request has been automatically flagged for inactivity because it has not been acted upon in the last 60 days. It will be closed if no new activity occurs in the next 30 days. Please feel free to re-open to resurrect the change if you feel this has happened by mistake. Thank you for your contributions.
![github-actions[bot] avatar](https://avatars.githubusercontent.com/in/15368?v=4 "Published by a pub.dev verified publisher"){kind=small}
Closing due to inactivity. If you feel this was a mistake or you wish to re-open at any time in the future, please leave a comment and it will be re-surfaced for the maintainers to review.