vault-csi-provider icon indicating copy to clipboard operation
vault-csi-provider copied to clipboard

Published 20 hours ago verified publisher icon hashicorp

Support secret templates in addition to raw secret values

Open thomas-riccardi opened this issue 3 years ago • 4 comments

The vault-agent-in-sidecar supports secret templates: https://www.vaultproject.io/docs/platform/k8s/injector#secret-templates

Are there plans to support it in this secrets csi provider? (it seems to be briefly mentioned in https://github.com/hashicorp/vault-csi-provider/pull/61#discussion_r568650698)

Thanks!

thomas-riccardi avatar May 05 '21 17:05 thomas-riccardi

We don't have any firm timeline on this, but we have discussed this internally and want to add it. Thanks for raising it, it's really helpful to get an idea of our users' priorities!

tomhjp avatar May 06 '21 17:05 tomhjp

Any update on this feature? It would free up a lot of resources used for sidecars across our clusters 💸

wolffberg avatar Jul 13 '22 07:07 wolffberg

Hey Tom (@tomhjp), any update on where this sits in priorities? Would be super helpful to make things even more secure (not hardcoding keys in our Github repo)

agates4 avatar Nov 21 '22 16:11 agates4

I would love or this and the Vault Secrets Operator for Kubernetes to both have this feature. Basically any of the vault functions of consul-template should be valid in here.

There are many valid use cases for this. One that jumps readily to mind is creating a pgpass file.

AdrienneCohea avatar Jul 27 '23 05:07 AdrienneCohea