You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Is your feature request related to a problem? Please describe.
We want to add custom metadata to kv v2 secrets for auditing and reporting purposes. Storing these values with the metadata allows us to grant access to them separately from the secret data itself.
Describe the solution you'd like
Create a new metadata attribute that accepts a map. The first example shows the data we would like to store and report on. We are unable to control access to some of the keys and values currently.
If the metadata allowed us to write a map of our values to it then existing access controls would work as desired. A reporting tool can be granted access to the metadata only. The example here shows one possible way to do this.
Describe alternatives you've considered
Writing pairs of secrets at different paths would give us the ability to control access. This creates complexity for matching them up in users automation. Writing sentinel policies is also complicated as your not able to read data from both sets of keys at the same time.
The text was updated successfully, but these errors were encountered:
Is your feature request related to a problem? Please describe.
We want to add custom metadata to kv v2 secrets for auditing and reporting purposes. Storing these values with the metadata allows us to grant access to them separately from the secret data itself.
Describe the solution you'd like
Create a new metadata attribute that accepts a map. The first example shows the data we would like to store and report on. We are unable to control access to some of the keys and values currently.
If the metadata allowed us to write a map of our values to it then existing access controls would work as desired. A reporting tool can be granted access to the metadata only. The example here shows one possible way to do this.
Describe alternatives you've considered
Writing pairs of secrets at different paths would give us the ability to control access. This creates complexity for matching them up in users automation. Writing sentinel policies is also complicated as your not able to read data from both sets of keys at the same time.
The text was updated successfully, but these errors were encountered: