Lists KV-V1 secrets at a given path in Vault.
For more information on Vault's KV-V1 secret backend see here.
resource "vault_mount" "kvv1" {
path = "kvv1"
type = "kv"
options = { version = "1" }
description = "KV Version 1 secret engine mount"
}
resource "vault_kv_secret" "aws_secret" {
path = "${vault_mount.kvv1.path}/aws-secret"
data_json = jsonencode(
{
zip = "zap"
}
)
}
resource "vault_kv_secret" "azure_secret" {
path = "${vault_mount.kvv1.path}/azure-secret"
data_json = jsonencode(
{
foo = "bar"
}
)
}
data "vault_kv_secrets_list" "secrets" {
path = vault_mount.kvv1.path
depends_on = [vault_kv_secret.aws_secret, vault_kv_secret.azure_secret]
}
The following arguments are supported:
namespace
- (Optional) The namespace of the target resource.
The value should not contain leading or trailing forward slashes.
The namespace
is always relative to the provider's configured namespace.
Available only for Vault Enterprise.
path
- (Required) Full KV-V1 path where secrets will be listed.
Use of this resource requires the read
capability on the given path.
The following attributes are exported:
names
- List of all secret names listed under the given path.