A couple versions ago of Vault, the following hcl worked in allowing secrets to be written:
storage “postgresql” {
connection_url = “postgres://postgres:postgres@db:5432/vault?sslmode=disable”
}
storage “kv” {
version = 2
path = “secret”
}
listener “tcp” {
address = “0.0.0.0:8200”
tls_disable = 1
}
ui=true
An example policy is:
path “secret/*”
{
capabilities = [“create”, “read”, “update”, “delete”, “list”, “sudo”]
}
But now, it seems like I need to enable the kv secrets engine either via command or via UI.
I’m hoping there’s some hcl that I can use to just create it in one fell swoop.