ceph-csi

mirror of https://github.com/ceph/ceph-csi.git synced 2024-11-22 22:30:23 +00:00

History

Niels de Vos f584db41e6 util: add vaultDestroyKeys option to destroy Vault kv-v2 secrets Hashicorp Vault does not completely remove the secrets in a kv-v2 backend when the keys are deleted. The metadata of the keys will be kept, and it is possible to recover the contents of the keys afterwards. With the new `vaultDestroyKeys` configuration parameter, this behaviour can now be selected. By default the parameter will be set to `true`, indicating that the keys and contents should completely be destroyed. Setting it to any other value will make it possible to recover the deleted keys. Signed-off-by: Niels de Vos <ndevos@redhat.com>	2021-08-06 12:19:18 +00:00
..
vault	util: add vaultDestroyKeys option to destroy Vault kv-v2 secrets	2021-08-06 12:19:18 +00:00

Niels de Vos f584db41e6 util: add vaultDestroyKeys option to destroy Vault kv-v2 secrets

Hashicorp Vault does not completely remove the secrets in a kv-v2
backend when the keys are deleted. The metadata of the keys will be
kept, and it is possible to recover the contents of the keys afterwards.

With the new `vaultDestroyKeys` configuration parameter, this behaviour
can now be selected. By default the parameter will be set to `true`,
indicating that the keys and contents should completely be destroyed.
Setting it to any other value will make it possible to recover the
deleted keys.

Signed-off-by: Niels de Vos <ndevos@redhat.com>

2021-08-06 12:19:18 +00:00

vault

util: add vaultDestroyKeys option to destroy Vault kv-v2 secrets

2021-08-06 12:19:18 +00:00