Vault multiple keys per secret

robertlabrie · April 4, 2018, 2:34pm

Hi,

We use vault to generate IAM users. You get the creds by reading from aws/creds/somerole. The thing is, every time you read from that endpoint, it generates a new IAM user. I need some way to get the access_key and secret_key from one read operation, not two, so I don’t think the below will do it for me. Any ideas?

secrets:
  AWS_SECRET_ACCESS_KEY:
    driver: vault
    driver_opts:
      path: aws/creds/somerole
      key: secret_key
  AWS_ACCESS_KEY_ID:
    driver: vault
    driver_opts:
      path: aws/creds/somerole
      key: access_key

bradrydzewski · April 4, 2018, 5:42pm

There is no way to support this capability today. The only thing I can think of would be a code change / optimization that collapses calls that share the same path. It is something that we can prioritize for a future release.

robertlabrie · April 4, 2018, 5:48pm

Thanks @bradrydzewski please add to backlog I guess … This is a feature in vault for all generated creds. In the mean time, we’ll work around it.

mithu · July 7, 2021, 3:56pm

@bradrydzewski Is there is any plan to add this feature in future? Its a kind of must have feature when working with vault.