1. Answers
  2. Vault Generic Secret Creation

How do I build a Vault generic secret?

To build a Vault generic secret, you would define a new secret within your vault instance. This secret can hold confidential data that your applications can securely access. It’s particularly useful when managing sensitive configurations and credentials.

Here’s a sample program demonstrating how to create a Vault generic secret:

import * as pulumi from "@pulumi/pulumi";
import * as vault from "@pulumi/vault";

const example = new vault.generic.Secret("example", {
    path: "secret/data/my-app-secret",
    dataJson: `{
  "api_key": "1234-5678-abcd-efgh",
  "username": "my-username",
  "password": "my-password"
}
`,
});
export const secretPath = example.path;
export const secretId = example.id;

Explanation:

  1. Provider Definition: The provider "vault" block specifies the address of the Vault server. This sets up the connection to your Vault instance.

  2. Vault Generic Secret Resource: The vault_generic_secret resource creates the actual secret within Vault.

    • path: This is where the secret will be stored within Vault.
    • data_json: This section contains the key-value pairs of your secret data.
  3. Outputs: The output blocks for secret_path and secret_id store and display the path and ID of the created secret, which can be useful for other configurations or retrieval purposes.

In summary, we’ve shown how to configure a Vault provider, create a generic secret within Vault, and output the path and ID of the secret for future reference. This configuration ensures that your sensitive information is securely stored and easily accessible.

Deploy this code

Want to deploy this code? Sign up for a free Pulumi account to deploy in a few clicks.

Sign up

New to Pulumi?

Want to deploy this code? Sign up with Pulumi to deploy in a few clicks.

Sign up