Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

How to force update the generated Secret when the value is changed in Vault? #239

Open
MurzNN opened this issue Dec 25, 2023 · 3 comments
Open

Comments

@MurzNN
Copy link

MurzNN commented Dec 25, 2023

I created a VaultSecret resource which successfully created the corresponding Secret with the correct value.

But when I update the value in the Vault, the created Secret still contains the previous value.

So, is there any way to force update a specific secret, to follow the changed value?

@MurzNN
Copy link
Author

MurzNN commented Dec 25, 2023

I see the vault.reconciliationTime value that can configure timeout when all secrets will be regenerated.
But I don't want to "spam" my vault every xx minutes to update all passwords. I just want to trigger updating only one specific password, that is recently changed.

@MurzNN
Copy link
Author

MurzNN commented Dec 25, 2023

Maybe some webhook can be configured to trigger the synchronization of a Secret record, or the operator can subscribe to some events?
Vault have an events system for this: https://developer.hashicorp.com/vault/docs/concepts/events

@koschos
Copy link

koschos commented Nov 30, 2024

@MurzNN this is already solved in HashiCorp Vault Secrets Operator

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants