Skip to content

Inputs & Outputs

VaultKey

  • Describes a key inside a Hashicorp Vault secret

  • Used by the read_secret_keys action to both retrieve & create missing secret keys

Required Keys

name: The name of the key (required).

Optional Keys

format: Either string or file (defaults to string).

sensitive: Either true or false (defaults to false).

Key name validation

The name of a vault key can contain any of the following:

  • Lower & upper case letters
  • Underscores
  • Digits

The name must not start with either of the following:

  • Underscore
  • Digit

It cannot be a reserved word.

Sensitive Password

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
  - hashicorp_vault.key_value.read_secret_keys:
      secret: active_directory
      keys:
        - name: address
        - name: domain
        - name: username
        - name: password
          sensitive: true
      reason: Getting Active Directory details
      create_missing: true
    save: domain_controller

Sensitive Public Key File

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
  - hashicorp_vault.key_value.read_secret_keys:
      secret: ssh
      keys:
        - name: address
        - name: port
        - name: username
        - name: private_key
          format: file
          sensitive: true
        - name: key_passphrase
          sensitive: true
      reason: Getting SSH Server Details
      create_missing: true
    save: ssh_server