Loading secrets from a file into a kv-engine at startup

slavistan · November 9, 2022, 9:33am

Hi there,

I’m currently getting to know Vault more intimately and I’d like to know whether there’s an easy way to generate content for a KV engine from a file (say, a file with one /my/path:key=secret entry per line or a dedicated .hcl file). I’m running vault in dev mode, so security is not an issue here.

This can, of course, be trivially done via a shell script but I wonder whether there’s a built-in method. I’m working inside docker containers and one single, all-encompassing startup command would be preferable over an initialization routine with background processes, sleeps and shell scripts.

maxb · November 9, 2022, 10:41am

You would need to script this yourself.

If you think about it, if you’re willing to have these “secrets” in a file on disk, then they’re not really as “secret” as Vault’s primary intended use-case.

slavistan · November 9, 2022, 11:35am

Sensible, indeed. Thank you very much!

Topic		Replies	Views
How to store a file content in Hashicorp KV Secret engine as value through cmd line or script Vault vault	1	6516	November 15, 2022
Vault k8s injector load file to env Vault	1	309	August 4, 2020
How to create multiple secrets from a json file Vault	1	2303	April 21, 2020
How to use vault KV/Secret on another app/db docker compose Vault	5	1503	February 20, 2023
Is there a way to auto generate secrets in a kv engine? Vault	8	1807	October 28, 2024

Loading secrets from a file into a kv-engine at startup

Related topics