github.com/vtorhonen/terraform@v0.9.0-beta2.0.20170307220345-5d894e4ffda7/website/source/docs/providers/vault/r/generic_secret.html.md

github.com/vtorhonen/terraform@v0.9.0-beta2.0.20170307220345-5d894e4ffda7/website/source/docs/providers/vault/r/generic_secret.html.md (about)

     1  ---
     2  layout: "vault"
     3  page_title: "Vault: vault_generic_secret resource"
     4  sidebar_current: "docs-vault-resource-generic-secret"
     5  description: |-
     6    Writes arbitrary data to a given path in Vault
     7  ---
     8  
     9  # vault\_generic\_secret
    10  
    11  Writes and manages arbitrary data at a given path in Vault.
    12  
    13  This resource is primarily intended to be used with
    14  [Vault's "generic" secret backend](https://www.vaultproject.io/docs/secrets/generic/index.html),
    15  but it is also compatible with any other Vault endpoint that supports
    16  the `vault write` command to create and the `vault delete` command to
    17  delete.
    18  
    19  ~> **Important** All data provided in the resource configuration will be
    20  written in cleartext to state and plan files generated by Terraform, and
    21  will appear in the console output when Terraform runs. Protect these
    22  artifacts accordingly. See
    23  [the main provider documentation](../index.html)
    24  for more details.
    25  
    26  ## Example Usage
    27  
    28  ```
    29  resource "vault_generic_secret" "example" {
    30    path = "secret/foo"
    31  
    32    data_json = <<EOT
    33  {
    34    "foo":   "bar",
    35    "pizza": "cheese"
    36  }
    37  EOT
    38  }
    39  ```
    40  
    41  ## Argument Reference
    42  
    43  The following arguments are supported:
    44  
    45  * `path` - (Required) The full logical path at which to write the given
    46  data. To write data into the "generic" secret backend mounted in Vault by
    47  default, this should be prefixed with `secret/`. Writing to other backends
    48  with this resource is possible; consult each backend's documentation to
    49  see which endpoints support the `PUT` and `DELETE` methods.
    50  
    51  * `data_json` - (Required) String containing a JSON-encoded object that
    52  will be written as the secret data at the given path.
    53  
    54  ## Required Vault Capabilities
    55  
    56  Use of this resource requires the `create` or `update` capability
    57  (depending on whether the resource already exists) on the given path,
    58  along with the `delete` capbility if the resource is removed from
    59  configuration.
    60  
    61  This resource does not *read* the secret data back from Terraform
    62  on refresh. This avoids the need for `read` access on the given
    63  path, but it means that Terraform is not able to detect and repair
    64  "drift" on this resource should the data be updated or deleted outside
    65  of Terraform.
    66  
    67  ## Attributes Reference
    68  
    69  No additional attributes are exported by this resource.