Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add ability to delete an entire secret kv2 secret (delete metadata, not a secret version) #399

Open
AndrewSav opened this issue Sep 24, 2023 · 2 comments
Open

Add ability to delete an entire secret kv2 secret (delete metadata, not a secret version) #399

AndrewSav opened this issue Sep 24, 2023 · 2 comments
Labels
enhancement New feature or request help wanted Extra attention is needed

Comments

@AndrewSav
Copy link

SUMMARY

Add ability to delete a secret. Note that this is different from deleting all versions of a secret. Even if you delete all versions of a secret the secret will remain. This is is also different from destroying all versions of a secret. Even if you destroy all versions of a secret the secret will remain.

ISSUE TYPE
  • Feature Idea
COMPONENT NAME

community.hashi_vault - will probably be a new component.

ADDITIONAL INFORMATION

See also here: #392
@AndrewSav AndrewSav changed the title Add ability to delete an entire secret (not a secret version) ✨ Feature request: Add ability to delete an entire secret (not a secret version) Sep 24, 2023
@briantist briantist added enhancement New feature or request help wanted Extra attention is needed labels Sep 25, 2023
@briantist
Copy link
Collaborator

Hi @AndrewSav !

I think the call you're referring to is deleting secret metadata, which as you mentioned is different from deleting or destroying individual kv2 secret versions.

https://developer.hashicorp.com/vault/api-docs/secret/kv/kv-v2#delete-metadata-and-all-versions

I think I'd call this module vault_kv2_metadata_delete.

The collection also still needs a generic vault_delete that can be used with arbitrary paths, and the metadata delete could be achieved with such a module as well.

Are either of those something you would be interested in submitting a PR for?

@briantist briantist changed the title ✨ Feature request: Add ability to delete an entire secret (not a secret version) ✨ Add ability to delete an entire secret kv2 secret (delete metadata, not a secret version) Sep 25, 2023
@briantist briantist changed the title ✨ Add ability to delete an entire secret kv2 secret (delete metadata, not a secret version) Add ability to delete an entire secret kv2 secret (delete metadata, not a secret version) Sep 25, 2023
@AndrewSav
Copy link
Author

@briantist thank you for this, this sounds right. I'm not proficient with python, so it's not likely I'm able to help.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request help wanted Extra attention is needed
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@AndrewSav @briantist