Does the Transit Secrets Engine have a limit to the number of named keys?

niklilland · February 8, 2023, 1:18am

Hi, I reviewed the docs pretty thoroughly but I was unable to find an answer to my question. Does Vault impose a limit on the number of keys that can be created within the Transit Secrets Engine? The three pages in the documentation where I would guess this information would be present do not seem to indicate there is a limit:

In the absence of an explicit limit, I would assume that the limit is determined by the underlying storage solution for the Vault. Is that assumption correct?

Thank you!

maxb · February 8, 2023, 10:26am

Indeed. Like many things in Vault, it has no direct hard limit, but the more work you push it to do, there will of course be CPU, memory, storage costs associated with that.

I know it’s not the easy answer you would prefer, but it really comes down to “do some load testing in a representative environment, with a representative workload, if you really need certainty”.

niklilland · February 12, 2023, 2:50am

That’s understandable, thank you for sharing your insight maxb. It’s more helpful than not being aware of a hard limit that I failed to discover in the docs

Topic		Replies	Views
How many AWS secret engines can we create in vault? Vault	1	262	September 6, 2022
Is there a limit on number of roles in Azure secret engine? Vault vault , azure	0	328	February 2, 2021
Are there any limitations for path length Vault vault	1	833	September 8, 2021
Database dynamic secrets limit? Vault vault	0	278	July 13, 2021
Vault limitations Vault	0	130	February 22, 2024

Does the Transit Secrets Engine have a limit to the number of named keys?

Related topics