HashiCorp Vault

Pulumi Official
Package maintained by Pulumi
v5.4.1 published on Friday, Apr 22, 2022 by Pulumi

The Pulumi Vault provider uses the Vault SDK to manage resources.


The HashiCorp Vault provider is available as a package in all Pulumi languages:


Pulumi relies on the Vault SDK to authenticate requests from your computer to HashiCorp Vault. Your credentials are never sent to pulumi.com.

Once the credetials are obtained, there are two ways to communicate your configuration tokens to Pulumi:

  1. Set the environment variables VAULT_ADDR and VAULT_TOKEN:

    $ export VAULT_ADDR=XXXXXX
  2. Set them using configuration, if you prefer that they be stored alongside your Pulumi stack for easy multi-user access:

    $ pulumi config set vault:address XXXXXX
    $ pulumi config set vault:token YYYYYY --secret

The complete list of configuration parameters is in the HashiCorp Vault provider README. Remember to pass --secret when setting token so that it is properly encrypted.