How do I build a Vault generic secret?
To build a Vault generic secret, you would define a new secret within your vault instance. This secret can hold confidential data that your applications can securely access. It’s particularly useful when managing sensitive configurations and credentials.
Here’s a sample program demonstrating how to create a Vault generic secret:
import * as pulumi from "@pulumi/pulumi";
import * as vault from "@pulumi/vault";
const example = new vault.generic.Secret("example", {
path: "secret/data/my-app-secret",
dataJson: `{
"api_key": "1234-5678-abcd-efgh",
"username": "my-username",
"password": "my-password"
}
`,
});
export const secretPath = example.path;
export const secretId = example.id;
Explanation:
Provider Definition: The
provider "vault"
block specifies the address of the Vault server. This sets up the connection to your Vault instance.Vault Generic Secret Resource: The
vault_generic_secret
resource creates the actual secret within Vault.path
: This is where the secret will be stored within Vault.data_json
: This section contains the key-value pairs of your secret data.
Outputs: The
output
blocks forsecret_path
andsecret_id
store and display the path and ID of the created secret, which can be useful for other configurations or retrieval purposes.
In summary, we’ve shown how to configure a Vault provider, create a generic secret within Vault, and output the path and ID of the secret for future reference. This configuration ensures that your sensitive information is securely stored and easily accessible.
Deploy this code
Want to deploy this code? Sign up for a free Pulumi account to deploy in a few clicks.
Sign upNew to Pulumi?
Want to deploy this code? Sign up with Pulumi to deploy in a few clicks.
Sign upThank you for your feedback!
If you have a question about how to use Pulumi, reach out in Community Slack.
Open an issue on GitHub to report a problem or suggest an improvement.