Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

add local var for aws secret engine #2013

Merged
merged 5 commits into from
Sep 21, 2023
Merged

add local var for aws secret engine #2013

merged 5 commits into from
Sep 21, 2023

Conversation

zmadell523
Copy link
Contributor

@zmadell523 zmadell523 commented Sep 13, 2023
edited
Loading

Description

Vault core supports marking mounts as local in order to keep a mount from being replicated to performance replicas. This implementation mimics what has been done in other backend mounts such as the consul mount.

Relates OR Closes #0000

Checklist

  • Added CHANGELOG entry (only for user-facing changes)
  • Acceptance tests where run against all supported Vault Versions

Community Note

  • Please vote on this pull request by adding a 👍 reaction to the original pull request comment to help the community and maintainers prioritize this request
  • Please do not leave "+1" comments, they generate extra noise for pull request followers and do not help prioritize the request

@hashicorp-cla
Copy link

hashicorp-cla commented Sep 13, 2023
edited
Loading

CLA assistant check
All committers have signed the CLA.

vinay-gopalan
vinay-gopalan reviewed Sep 13, 2023
View reviewed changes
Copy link
Contributor

@vinay-gopalan vinay-gopalan left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for working on this! Looking good, left a couple comments. I'm not sure if this parameter can also be passed in when tuning a mount, but if it can, we would also need to add that in the awsSecretBackendUpdate method as well :)

vault/resource_aws_secret_backend.go Show resolved Hide resolved
vault/resource_aws_secret_backend.go Show resolved Hide resolved
@zmadell523
Copy link
Contributor Author

Thanks for working on this! Looking good, left a couple comments. I'm not sure if this parameter can also be passed in when tuning a mount, but if it can, we would also need to add that in the awsSecretBackendUpdate method as well :)

Vault core requires a mount to be rebuilt to change the value of Local so I don't think it is exposed to tune.

@zmadell523 zmadell523 marked this pull request as ready for review September 13, 2023 22:35
@vinay-gopalan vinay-gopalan added this to the 3.21.0 milestone Sep 19, 2023
vinay-gopalan
vinay-gopalan reviewed Sep 20, 2023
View reviewed changes
Copy link
Contributor

@vinay-gopalan vinay-gopalan left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hey @zmadell523, thanks for making the changes! The PR is looking great, could we also add the documentation for the newly added parameter over here? Thanks! 🙏🏼

vault/resource_aws_secret_backend.go Show resolved Hide resolved
@vinay-gopalan vinay-gopalan merged commit d763cdb into main Sep 21, 2023
@vinay-gopalan vinay-gopalan deleted the f-add-local-flag-aws-mount branch September 21, 2023 17:52
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@vinay-gopalan vinay-gopalan vinay-gopalan approved these changes

Assignees
No one assigned
Labels
documentation size/XS
Projects
None yet
Milestone
3.21.0
Development

Successfully merging this pull request may close these issues.
3 participants
@zmadell523 @hashicorp-cla @vinay-gopalan