Is it possible to generate random value on access if key doesn't exist?


I’m wondering if there was a way to generate a random value on access if a key doesn’t exist in Vault. My use-case would be to automate creation of environments on Kubernetes. Using the CSI Driver, I would like to generate a secret key for applications and other credentials that can be a random value (for example a staging MySQL server deployed inside the cluster).

I’ve found some information regarding RabbitMQ, but it seems like it still required manual intervention to actually generate the password.

Thank you :slight_smile:

There are plugins that generate random values for you upon request – but with default vault, no there is no hook or trigger that would generate a value on request if one does not exist.

That said, Vault is extendable so you could write your own KV engine that would do that.