vault icon indicating copy to clipboard operation
vault copied to clipboard

Published 20 hours ago verified publisher icon hashicorp

Secret path inheritance

Open italux opened this issue 4 years ago • 1 comments
trafficstars

Is your feature request related to a problem? Please describe. No, it's not.

Describe the solution you'd like As mentioned on #4697 would be nice to have an inheritance for secret paths. I mean, if we have a structure that is common to several applications but we need to append a single different key:value pair would be nice to be able to do that with vault path

  • Common values
{
  "COMMON_KEY_1": "value_1",
  "COMMON_KEY_2": "value_2",
  • Custom value final version
{
  "COMMON_KEY_1": "value_1",
  "COMMON_KEY_2": "value_2",
  "CUSTOM_KEY_1": "custom_value_1",

Describe alternatives you've considered Currently, we need to duplicate the same values across multiple secret paths which increase the cognitive overhead while changing a common value across several paths

Explain any additional use-cases Today I'm using Vault together with external-secrets to store database credentials, which 90% of values are the same across all deployments, with the exception of the username/password that change

italux avatar Aug 18 '21 15:08 italux

any news here?

alter avatar May 28 '24 13:05 alter

perhaps https://github.com/jf/bb-ops/tree/master/vault-exec-agent might of help to some folks. It's pretty simple as of now, and only uses token-based authentication right now... but it's a start!

Does KV path-based key-value inheritance like you'd expect it to. And a little bit more :)

jf avatar Aug 30 '24 14:08 jf