github.com/nathanielks/terraform@v0.6.1-0.20170509030759-13e1a62319dc/website/source/docs/providers/vault/r/generic_secret.html.md

github.com/nathanielks/terraform@v0.6.1-0.20170509030759-13e1a62319dc/website/source/docs/providers/vault/r/generic_secret.html.md (about)

     1  ---
     2  layout: "vault"
     3  page_title: "Vault: vault_generic_secret resource"
     4  sidebar_current: "docs-vault-resource-generic-secret"
     5  description: |-
     6    Writes arbitrary data to a given path in Vault
     7  ---
     8  
     9  # vault\_generic\_secret
    10  
    11  Writes and manages arbitrary data at a given path in Vault.
    12  
    13  This resource is primarily intended to be used with
    14  [Vault's "generic" secret backend](https://www.vaultproject.io/docs/secrets/generic/index.html),
    15  but it is also compatible with any other Vault endpoint that supports
    16  the `vault write` command to create and the `vault delete` command to
    17  delete.
    18  
    19  ~> **Important** All data provided in the resource configuration will be
    20  written in cleartext to state and plan files generated by Terraform, and
    21  will appear in the console output when Terraform runs. Protect these
    22  artifacts accordingly. See
    23  [the main provider documentation](../index.html)
    24  for more details.
    25  
    26  ## Example Usage
    27  
    28  ```hcl
    29  resource "vault_generic_secret" "example" {
    30    path = "secret/foo"
    31  
    32    data_json = <<EOT
    33  {
    34    "foo":   "bar",
    35    "pizza": "cheese"
    36  }
    37  EOT
    38  }
    39  ```
    40  
    41  ## Argument Reference
    42  
    43  The following arguments are supported:
    44  
    45  * `path` - (Required) The full logical path at which to write the given
    46  data. To write data into the "generic" secret backend mounted in Vault by
    47  default, this should be prefixed with `secret/`. Writing to other backends
    48  with this resource is possible; consult each backend's documentation to
    49  see which endpoints support the `PUT` and `DELETE` methods.
    50  
    51  * `data_json` - (Required) String containing a JSON-encoded object that
    52  will be written as the secret data at the given path.
    53  
    54  * `allow_read` - (Optional) True/false. Set this to true if your vault
    55  authentication is able to read the data, this allows the resource to be
    56  compared and updated. Defaults to false.
    57  
    58  ## Required Vault Capabilities
    59  
    60  Use of this resource requires the `create` or `update` capability
    61  (depending on whether the resource already exists) on the given path,
    62  along with the `delete` capbility if the resource is removed from
    63  configuration.
    64  
    65  This resource does not *read* the secret data back from Terraform
    66  on refresh by default. This avoids the need for `read` access on the given
    67  path, but it means that Terraform is not able to detect and repair
    68  "drift" on this resource should the data be updated or deleted outside
    69  of Terraform. This limitation can be negated by setting `allow_read` to
    70  true
    71  
    72  ## Attributes Reference
    73  
    74  No additional attributes are exported by this resource.