salt.sdb.vault

Vault SDB Module

maintainer:

SaltStack

maturity:

New

platform:

all

New in version 2016.11.0.

This module allows access to Hashicorp Vault using an sdb:// URI.

Base configuration instructions are documented in the execution module docs. Below are noted extra configuration required for the sdb module, but the base configuration must also be completed.

Like all sdb modules, the vault module requires a configuration profile to be configured in either the minion configuration file or a pillar. This profile requires only setting the driver parameter to vault:

myvault:
  driver: vault

Once configured you can access data using a URL such as:

password: sdb://myvault/secret/passwords/mypassword

In this URL, myvault refers to the configuration profile, secret/passwords is the path where the data resides, and mypassword is the key of the data to return.

The above URI is analogous to running the following vault command:

$ vault read -field=mypassword secret/passwords

Further configuration

The following options can be set in the profile:

patch

When writing data, partially update the secret instead of overwriting it completely. This is usually the expected behavior, since without this option, each secret path can only contain a single mapping key safely. Defaults to False for backwards-compatibility reasons.

New in version 3007.0.

salt.sdb.vault.get(key, profile=None)

Get a value from the vault service

salt.sdb.vault.set_(key, value, profile=None)

Set a key/value pair in the vault service

Generated on March 06, 2024 at 18:46:39 UTC.

You are viewing docs for the latest stable release, 3007.0. Switch to docs for the previous stable release, 3006.7, or to a recent doc build from the master branch.


saltproject.io

© 2024 VMware, Inc. | Privacy Policy